From 8398ec5d15808c47f55ada65b98eaad4ec8e7665 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Sun, 6 Apr 2025 05:07:25 +0000 Subject: Document tarpitting Signed-off-by: Laurent Bercot --- doc/tipideed.html | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/doc/tipideed.html b/doc/tipideed.html index 5d9a600..8f8e0c2 100644 --- a/doc/tipideed.html +++ b/doc/tipideed.html @@ -186,6 +186,20 @@ be passed as REMOTE_IDENT to CGI scripts. the client and the server. If present, tipideed will assume that the client connection is secure, and will pass HTTPS=on to CGI scripts; otherwise, it will assume it is running plaintext HTTP. + +
TARPIT
+
If this variable is set and contains a positive integer, it is +interpreted as a number of milliseconds, and tipideed will sleep for +that amount before reading each request from that client and before +serving each resource. This can protect your server against abusive bot +crawling. You can set this variable conditionally depending on the client's +IP or resolved host name (or subdomain), for instance by using the env +feature of the +TCP +access rules format used by +s6-tcpserver-access. +Of course, you can also use the same access rules database to outright ban +IP ranges or domains.

Writing

-- cgit v1.3.1