How can I blacklist a particular IP address (dos.yaml does not seem to work)
94 views
Skip to first unread message
Mark Summerfield
Oct 28, 2015, 10:22:36 AM10/28/15
to Google App Engine
I am using GAE with Python 2.7. I have this dos.yaml file:
blacklist:
- subnet: 202.113.48.130
description: they are doing 1000s of requests for a nonexistent file
I did a appcfg.py update . and I also did appcfg.py update_dos . (although update . said it updated the dos anyway).
The new console doesn't appear to show the blacklist at all, but the old
one does and shows that the above address is blacklisted.
However, the logs right up to this minute show that requests are coming from this IP address and are receiving 404 as reply.
Is there any other step I need to take to make the blacklist work?
Or is there an alternative to stop these constant requests for a nonexistent file?
Thanks.
Patrice (Cloud Platform Support)
Oct 28, 2015, 12:15:28 PM10/28/15
to Google App Engine
Hi Mark,
How long ago did you upload the dos.yaml file? Because it can take a little while to be fully propagated.
If you waited a little while (I'd say an hour should be long enough) and you still see these requests going through 100% of the time, this may be some kind of issue. I would then suggest you post this on our Issue Tracker, along with your appID, your dos.yaml (if it is longer than the lines you've shown here), the print screen from the old and new console, so we can further investigate.
Cheers!
Mark Summerfield
Oct 29, 2015, 3:28:04 AM10/29/15
to google-a...@googlegroups.com
Hi Patrice,
On Wed, 28 Oct 2015 09:15:28 -0700 (PDT)
"Patrice (Cloud Platform Support)" <pvout...@google.com> wrote:
> Hi Mark,
>
> How long ago did you upload the dos.yaml file? Because it can take a
> little while to be fully propagated.
>
> If you waited a little while (I'd say an hour should be long enough) and
> you still see these requests going through 100% of the time, this may be
> some kind of issue. I would then suggest you post this on our Issue
> Tracker <https://code.google.com/p/googleappengine/issues/list>, along
showing 'til 06:41). Then there is a gap until a whole bunch the
previous day up until 21:59. So it looks like either they've stopped or
the blacklist is working.
It is a pity that the blacklist doesn't show in the new console.
Thanks for your help!
--
Mark Summerfield, Qtrac Ltd.
DiffPDF for Windows - PDF comparison tool
http://www.qtrac.eu/diffpdf.html
On Wed, 28 Oct 2015 09:15:28 -0700 (PDT)
"Patrice (Cloud Platform Support)" <pvout...@google.com> wrote:
> Hi Mark,
>
> How long ago did you upload the dos.yaml file? Because it can take a
> little while to be fully propagated.
>
> If you waited a little while (I'd say an hour should be long enough) and
> you still see these requests going through 100% of the time, this may be
> some kind of issue. I would then suggest you post this on our Issue
> with your appID, your dos.yaml (if it is longer than the lines you've
> shown here), the print screen from the old and new console, so we can
> further investigate.
The last 404 for the blacklisted IP address was 00:45 (and my logs are
> shown here), the print screen from the old and new console, so we can
> further investigate.
showing 'til 06:41). Then there is a gap until a whole bunch the
previous day up until 21:59. So it looks like either they've stopped or
the blacklist is working.
It is a pity that the blacklist doesn't show in the new console.
Thanks for your help!
--
Mark Summerfield, Qtrac Ltd.
DiffPDF for Windows - PDF comparison tool
http://www.qtrac.eu/diffpdf.html
Mark Summerfield
Oct 30, 2015, 4:15:36 AM10/30/15
to google-a...@googlegroups.com
Hi Patrice,
On Wed, 28 Oct 2015 09:15:28 -0700 (PDT)
"Patrice (Cloud Platform Support)" <pvout...@google.com> wrote:
On Wed, 28 Oct 2015 09:15:28 -0700 (PDT)
"Patrice (Cloud Platform Support)" <pvout...@google.com> wrote:
> Hi Mark,
>
> How long ago did you upload the dos.yaml file? Because it can take a
> little while to be fully propagated.
>
> If you waited a little while (I'd say an hour should be long enough) and
> you still see these requests going through 100% of the time, this may be
> some kind of issue. I would then suggest you post this on our Issue
> Tracker <https://code.google.com/p/googleappengine/issues/list>, along
>
> How long ago did you upload the dos.yaml file? Because it can take a
> little while to be fully propagated.
>
> If you waited a little while (I'd say an hour should be long enough) and
> you still see these requests going through 100% of the time, this may be
> some kind of issue. I would then suggest you post this on our Issue
> with your appID, your dos.yaml (if it is longer than the lines you've
> shown here), the print screen from the old and new console, so we can
> further investigate.
It turns out that it still isn't working so I've created issue 12496.
> shown here), the print screen from the old and new console, so we can
> further investigate.
Best wishes,
--
Mark Summerfield, Qtrac Ltd.
DiffPDFc windows command line PDF comparison tool
Mark Summerfield, Qtrac Ltd.
http://www.qtrac.eu/diffpdfc.html
Patrice (Cloud Platform Support)
Oct 30, 2015, 12:09:58 PM10/30/15
to Google App Engine, ma...@qtrac.eu
Hi again Mark,
I see that your issue is already being worked on internally, you should get updates on the tracker once we make progress :).
Cheers!
Reply all
Reply to author
Forward
0 new messages