|Syntactic Confectionery Delight
Re: blocking IPsby l3nz (Friar)
|on Jan 27, 2004 at 08:08 UTC
Even if you consider IP blocking the way to go, beware of using flat files for your database. I don't know how big your site gets, but please notice that reparsing a single big file thousand and thousand times is a costly operation. Also, writing the same file by different processes at once might result in broken data under heavy load or transient opening errors. It would be much better if you had a database.
If you don't want to use a database, I'd say go for a number of files, not just a single big one. You could use a number of files like ipblock_001.txt, ipblock_002.txt and so on, where the number is the least significant byte in the IP address. This way, IP address entries should be evenly distribuited among multiple files and you'll have less concurrency on the same file and much shorter access times. You should also prepare a job to 'purge' files of stale IP entries, unless you want to rewrite each file from scratch on every write access.
A format for each file could be:
Hope this helps