Content request rate limiting in a content delivery system
First Claim
1. One or more non-transitory computer readable media having stored thereon program instructions executable by a content delivery node, that when executed by the content delivery node, direct the content delivery node to:
- cache content from an origin server in order to act as a proxy for the origin server;
monitor requests for content transferred by at least an end user device to detect when the requests comprise an attack on the content delivery node;
responsive to detecting the attack on the content delivery node, establish a rate limit in the content delivery node on at least the requests for the content associated with the end user device;
transfer an indication of the attack comprising the rate limit for delivery to another content delivery node that directs the other content delivery node to apply the rate limit to further requests for the content before the further requests are received by the other content delivery node.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and software for operating a content delivery node to monitor requests for content transferred by at least an end user device to detect when the requests comprise an attack on the content delivery node. Responsive to detecting the attack on the content delivery node, the content delivery node establishes a rate limit in the content delivery node on at least the requests for the content associated with the end user device, and transfers an indication of the attack comprising the rate limit for delivery to another content delivery node that directs the other content delivery node to apply the rate limit to further requests for the content before the further requests are received by the other content delivery node.
14 Citations
20 Claims
-
1. One or more non-transitory computer readable media having stored thereon program instructions executable by a content delivery node, that when executed by the content delivery node, direct the content delivery node to:
-
cache content from an origin server in order to act as a proxy for the origin server; monitor requests for content transferred by at least an end user device to detect when the requests comprise an attack on the content delivery node; responsive to detecting the attack on the content delivery node, establish a rate limit in the content delivery node on at least the requests for the content associated with the end user device; transfer an indication of the attack comprising the rate limit for delivery to another content delivery node that directs the other content delivery node to apply the rate limit to further requests for the content before the further requests are received by the other content delivery node. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of operating a content delivery node, the method comprising:
-
caching content from an origin server in order to act as a proxy for the origin server; in at least one processing device, monitoring requests for content transferred by at least an end user device to determine when the requests comprise an attack on the content delivery node; responsive to the attack on the content delivery node, in the at least one processing device, establishing a rate limit in the content delivery node on at least the requests for the content associated with the end user device and transferring an indication of the attack comprising the rate limit for delivery to at least another content delivery node that directs the other content delivery node to apply the rate limit for further requests for the content before the further requests are received by the other content delivery node. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A content delivery system with one or more cache nodes that cache content for delivery to end users, the content delivery system comprising:
-
a first cache node that caches the content for delivery to the end users configured to monitor requests received from at least an end user device for the content to determine when the requests comprise an attack on the first cache node; responsive to the attack on the first cache node, the first cache node configured to establish a rate limit on at least the requests received for the content by the first cache node and transfer an indication of the attack comprising the rate limit for delivery to at least a second cache node that caches the content; responsive to receiving the indication of the attack, the second cache node configured to apply in the second cache node the rate limit for further content requests received for the content at the second cache node before the further content requests are received by the second cache node. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification