1

I've a task to host one HTTP application (might run on apache or nginx) and this application would be used by many programmers as an API. There would be hundreds of programmers sitting at same location / premise / Hall and all sharing same outgoing source IP address to connect to my API publicly.

I am looking for a way to limit concurrent connection to 5 at a time per user. There are some modules available in both apache & nginx but these modules limits based on source IP address. Because of this, I would not be able to use modules for apache & nginx which limit concurrent connection based on Source IP as in my case source IP remains same.

Can some one please suggest me a way to achieve this.

Thanks in advance, Keyur

KeyurM
  • 388
  • 1
  • 3
  • 12

1 Answers1

0

Well this is how I managed to handle this :

My requirement : Limit concurrent request of any user sitting at same location and sharing same IP. I had to ensure one user can not affect another users work.

I used combination of both PHP + mod_qos (module of apache)

  • With PHP & Mysql : It was made forceful that API can be used only if user has certain token (weird string) in the URL. Each user was allocated a specific token which was to be used in url argument to access the API. Upon receiving the request, the request was first checked in mysql database to ensure it has a specific token. It it has then user can get data from API else user was forbidden to access. FYI.. I knew max audience and I had set some numbers of pre-determined token for the users which were made available to them with SMS verification. This ensured that no user could access the data from API without token and request URI had to have that token.

  • mod_qos (apache module) : Now to limit concurrent request I used mod_qos module available for apache. Since I already had pre-determined tokens available to me, I used this token's and made regex rule with mod_qos which would check each request and limit the access to 5 concurrent request based on regex it matches.

This entire combination worked well and I was able to restrict concurrent request from users sitting at same location and sharing same IP address.

Thanks,

Keyur

KeyurM
  • 388
  • 1
  • 3
  • 12