|I provide Linux/Apache website hosting. To try to prevent overloading on the server, I wrote a script that does netstat -plan|grep :80 then sorts and counts the number of connections each IP has. 99% of the time, visitors to the sites hosted never have more than a few connections at one time, but sometimes they do have many connections, especially when going to a web page of thumbnail images. I've tested it going to a page like that on 56k dialup and on 10mbps high speed and my IP never had more than a half dozen connections, so my script automatically blocks IPs with more than 50 connections at one time because apache can only handle a limited number of connections at a time, so when someone has that many, they limit other visitors connections.|
One of my customers websites has a page with over 200 thumbnail images and my script just blocked someone who had 200 simultaneous connections to that page. Dialup might download a few at a time, but not all at once, and high speed would have them done fast, but the IP had 200 connections for a few seconds, preventing anyone else from being able to go to any websites.
Like I said earlier, I tested it myself on dialup and fairly high speed on that page of thumbnail images and never had more than a few connections, so my question is:
Does anyone know what can explain a visitor having over 100 connections at one time? Could there be a legitimate reason for this?
A big thanks to anyone who may have an answer to this.