Overview
Version
Report Server Version |
---|
11.0 |
Application Scenario
As big data gains popularity, web crawlers are gradually known to us and pose great harm to enterprises. Reports indicate that low-cost ticket data from several airlines has been scraped, and the tickets were resold at higher prices, causing considerable disruption to the affected companies and disturbing market order. Additionally, like challenge collapsar (CC) attacks, sending a large volume of requests to the server can overwhelm the server, disrupting normal operations for business users and potentially causing server downtime.
Common anti-crawler techniques include access frequency limit, proxy IP address pool utilization, packet capturing, and OCR processing of verification codes. Among them, access frequency limit is a highly effective method, which can prevent web crawlers from scraping data by restricting the number of times a single IP address can access data within a specific timeframe. When the platform is accessed too frequently, you can enable Frequency Limit to limit the access frequency per IP address and reduce concurrency.
Function Description
The FanRuan platform provides the Frequency Limit function. When the function is enabled, the platform can restrict the access times within a specified timeframe. IP addresses exceeding this frequency limit will be blacklisted and will no longer be able to access resources. This effectively alleviates abnormal access, web crawling, and CC attacks.
Example
Log in to the decision-making system as the admin, and choose System Management > Security Management > Access Control. Frequency Limit is enabled by default. You can set a specific frequency limit to limit the report access request frequency, as shown in the following figure.
The following shows the specific introduction.
Frequency Limit is enabled by default. You can customize the access frequency limit to limit the report access frequency. By default, in 60 seconds, access is allowed per IP address for 200 times.
IP addresses that exceed the access frequency limit will be intercepted. After an IP address is intercepted, a prompt “The IP address with high access frequencies is intercepted. Contact the administrator if access is required.” will appear when the IP address accesses the report again.
The interception list provides information on IP addresses that have been intercepted for exceeding the access frequency limit. When you hover the mouse over a specific IP address in the list, a floating delete button will appear, allowing you to remove the IP address from the interception list.
If the system uses load balancing without IP address forwarding, multiple users may share the same IP address for access, and all the access requests will be counted under a single IP address, making it easy to exceed the access frequency limit.
When access frequency is calculated, the frequencies of previewing templates, exporting templates, and printing templates are counted separately.