search

InnovateAsterisk / Browser-Phone

A fully featured browser based WebRTC SIP phone for Asterisk
https://www.innovateasterisk.com
GNU Affero General Public License v3.0
499 stars 245 forks source link

getting too many requests #444

Open prathibhacdac opened 1 year ago

prathibhacdac commented 1 year ago

223.238.101.19 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.99.232.242 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.237.207.155 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 106.216.120.207 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 223.179.214.74 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.230.46.255 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.230.9.44 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.230.165.220 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 223.190.165.204 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 106.216.116.104 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 223.190.172.54 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 49.15.229.143 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 157.46.215.146 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 27.61.110.0 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.99.232.23 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 223.228.16.76 - - [17/Mar/2023:14:23:17 +0530] "GET /ws HTTP/1.1" 404 200 117.234.23.232 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 42.111.228.114 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.237.252.222 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 27.63.192.40 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 106.77.128.35 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.230.22.123 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.234.3.162 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 106.78.67.75 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 27.60.197.211 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 223.228.238.45 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.99.230.236 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.230.164.162 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 223.238.125.142 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.234.73.101 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.234.163.216 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 106.207.61.158 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.234.219.71 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.225.124.137 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 223.190.160.66 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.234.116.108 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 110.225.39.218 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.225.8.199 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 27.61.116.144 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 106.221.38.246 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 200 117.230.10.11 - - [17/Mar/2023:14:23:18 +0530] "GET /ws HTTP/1.1" 404 20

prathibhacdac commented 1 year ago

How to prevent this? I'm getting too many requests on the public IP.

InnovateAsterisk commented 1 year ago

If your server is open to the web, there is little you can do about this. You can implement firewall rules to limit your exposure, but make sure you know who your are opening your server to.

These are probably just random attempts on the server because your ports are open. It would be advisable to use a non-standard port. (Not port 80 and 443)

If your services are truly open, and you need to process all of these requests, you have to change the http.conf to include: sessionlimit=1000

(or a limit higher than that.)

prathibhacdac commented 1 year ago

How are you limiting the access to https://www.innovateasterisk.com/phone/?

InnovateAsterisk commented 1 year ago

This is done with a load balancer, to an apache server. The apache server only handles the http(s) requests, it’s regular web hosting like any other web hosting service. But remember this is only the front end html and JavaScript - I find it better not to burden the voice server with unrelated tasks like web hosting. (They don’t have to be provided from the same server.)