0

We have a pretty robust setup for our websites. Firewall with load balancer with 2 web servers behind it and 2 high availability MySQL servers. Our business is to send as much traffic as possible to our advertiser-supported websites.

Lately, we have been receiving a ton of foreign traffic (mainly China). Several million visitors per hour. It is almost behaving like an attack.

I can analyze the IP using PHP and redirect the visitor based on their country, but even that is causing load to be high and our fCGI slots to fill up completely. Also, our host tells us that applying country filters on the firewall will slow things down and cause issues.

Does anyone know of a service or method to filter certain traffic before it hits our environment? Maybe a way to do it at the DNS level?

user1759665
  • 11
  • 1
  • 4
  • "Our business is to send as much traffic as possible to our advertiser-supported websites." Is it possible one of your advertiser-supported websites is looking to get a little *extra* support? – ceejayoz Feb 07 '17 at 02:13
  • Sorry I'll clarify. We own the sites but have our advertisers listed on there. We buy traffic to the sites. But sometimes we buy traffic and get more than we bargained for - hence the millions of unwanted visits. – user1759665 Feb 07 '17 at 03:46
  • So you want to block the traffic you purchased? – ceejayoz Feb 07 '17 at 13:13
  • Yes. We don't buy CPC traffic. We only pay if the user does something. So some partners send a ton of bot traffic that only uses up resources. – user1759665 Feb 07 '17 at 16:46
  • 1
    Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306) – jww Feb 08 '17 at 02:24

0 Answers0