Hi There is some documentation how to implement Anubis when running Koha: https://www.koha-support.eu/using-anubis-with-koha/ I tried it on my Koha demo installation ( https://koha.adminkuhn.ch/ ) and as far as I can say it's the best approach. Best wishes: Michael -- Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz T 0041 (0)61 261 55 61 · E mik@adminkuhn.ch · W www.adminkuhn.ch Am 11.07.25 um 07:31 schrieb Stowasser Rainer:
we had the same Problem
so our support firm hks3 installed
it works fine.
Kind regards Hofrat Mag. Rainer Stowasser Geosphere Austria IKS-Services Vice Head Library, Publisher, Archive branch manager Hohe Warte
Hohe Warte 38, 1190 Vienna T. +43 1 360 26 2006 rainer.stowasser@geosphere.at | www.geosphere.at
GeoSphere Austria – Bundesanstalt für Geologie, Geophysik, Klimatologie und Meteorologie | Anstalt öffentlichen Rechts Firmensitz: Hohe Warte 38, 1190 Wien | Firmenbuchnummer: 584036 b | Firmenbuchgericht: Handelsgericht Wien
________________________________________ Von: Koha <koha-bounces@lists.katipo.co.nz> im Auftrag von Mark Alexander <marka@pobox.com> Gesendet: Donnerstag, 10. Juli 2025 23:34:26 An: Koha Betreff: Re: [Koha] Slowness & outages
It looks I spoke too soon about my use of iptables to block out of control web crawlers. Our Koha installation is now being attacked by crawlers, and there are so many that using iptables isn't practical.
Examining /var/log/apache2/other_vhosts_access.log shows that these crawlers don't use any identification that can be used by fail2ban. Here are a couple of them (with the name of our library changed, and URLs shorted):
koha.example.com:443 14.248.94.197 - - [10/Jul/2025:17:19:11 -0400] "GET /cgi-bin/koha/opac-search.pl?... HTTP/1.1" 200 15946 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1 rv:4.0; bem-ZM) AppleWebKit/535.45.1 (KHTML, like Gecko) Version/4.0.2 Safari/535.45.1" koha.example.com:443 200.71.98.253 - - [10/Jul/2025:17:19:11 -0400] "GET /cgi-bin/koha/opac-search.pl?... HTTP/1.1" 200 15960 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows CE; Trident/4.0)"
Running a grep|sed|sort|uniq filter on the log show that we're being attacked by almost 1000 crawlers today.
I've tried adding these lines to /etc/apache2/apache2.conf:
<IfModule mpm_worker_module> MaxRequestWorkers 5 </IfModule>
But the attacks still keep both CPUs busy; top reports them as follows:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 10319 rpl-koha 20 0 288340 234040 20880 R 80.1 5.9 0:04.14 /usr/share/koha 10085 rpl-koha 20 0 0 0 0 R 68.1 0.0 0:17.03 starman worker
I'm not sure what to do next. I had thought of using the apache2 authz_core module to restrict Koha to a handful of IP addresses, such as those used by computers at the library. But this would prevent patrons from accessing the OPAC from home. I'm pretty desperate now. Suggestions welcome.
This is on Linode, in case that makes a difference.
-- I'm doing my part to help preserve life on earth by trying to preserve my own. --Ashleigh Brilliant
_______________________________________________
Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha EXTERNAL EMAIL: Do not click any links or open any attachments unless you trust the sender and know the content is safe.
_______________________________________________
Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
-- Geschäftsführer · Diplombibliothekar BBS, Informatiker eidg. Fachausweis Admin Kuhn GmbH · Pappelstrasse 20 · 4123 Allschwil · Schweiz T 0041 (0)61 261 55 61 · E mik@adminkuhn.ch · W www.adminkuhn.ch