Many bots open new TCP connection for every request, which is incredibly wasteful but leads to easy filtering via ipt_hashlimit firewall rules. Browsers and other well behaved clients work fine with limit as low as 3 connections per minute per IP. It avoids the SSL handshake overhead too. YMMV of course, but worth trying out.
Many bots open new TCP connection for every request, which is incredibly wasteful but leads to easy filtering via ipt_hashlimit firewall rules. Browsers and other well behaved clients work fine with limit as low as 3 connections per minute per IP. It avoids the SSL handshake overhead too. YMMV of course, but worth trying out.