I have noticed since this morning that the server load is higher than before (using command htop, showing the high spike of CPU usages).
And I login to CloudFlare and it confirms that lots of uncached requests, which is abnormal.
Although the website still loads pretty fast, but this really concerns me if the CPU usage stays high. Plus, I get warning emails from time to time (according to the script, I set the warning level to load average = 3).
I login to SSH and find out at log file /var/log/apache2/access.log there are requests (lots of) to the API:
3 100.1.241.126 - - [12/Aug/2015:12:55:27 +0000] "GET /api/fortune/ HTTP/1.1 " 200 545 "-" "Totems.us fortune teller player interact" 4 100.1.241.126 - - [12/Aug/2015:12:55:27 +0000] "GET /api/fortune/ HTTP/1.1 " 200 6867 "-" "Totems.us fortune teller player interact" 5 100.1.241.126 - - [12/Aug/2015:12:55:27 +0000] "GET /api/fortune/ HTTP/1.1 " 200 542 "-" "Totems.us fortune teller player interact" 6 100.1.241.126 - - [12/Aug/2015:12:55:27 +0000] "GET /api/fortune/ HTTP/1.1 " 200 663 "-" "Totems.us fortune teller player interact" 7 100.1.241.126 - - [12/Aug/2015:12:55:27 +0000] "GET /api/fortune/ HTTP/1.1 " 200 580 "-" "Totems.us fortune teller player interact" 8 100.1.241.126 - - [12/Aug/2015:12:55:27 +0000] "GET /api/fortune/ HTTP/1.1 " 200 527 "-" "Totems.us fortune teller player interact" 9 100.1.241.126 - - [12/Aug/2015:12:55:28 +0000] "GET /api/fortune/ HTTP/1.1 " 200 6764 "-" "Totems.us fortune teller player interact" 10 100.1.241.126 - - [12/Aug/2015:12:55:28 +0000] "GET /api/fortune/ HTTP/1.1 " 200 556 "-" "Totems.us fortune teller player interact"
Apparently, this must’ve been a robot/program that keeps connecting to the API – fortune.
I also found the other two IP addresses that tried to login the server using root, which is banned by security setting.
I then add these 3 IP addresses in the block list in the CloudFlare control panel.
Immediately, the usage comes back to normal.
and cloudflare confirms this:
I should probably add ‘Fair Use’ policy to the terms and conditions of my APIs.
–EOF (The Ultimate Computing & Technology Blog) —
loading...
Last Post: Delphi Static Code Analyser - FixInsight
Next Post: Facebook Crawler uses IPv6