Protect your public server!
During the week, a DDoS attack with over 384 IP addresses from all over the world was started on our public Oracle APEX server. As we do like people (and proper bots) to make use of our free services to provide information about Oracle APEX, the bots managed to request an APEX page around 1.000 times a minute! With that many page views, the connection pool of Oracle REST Data Services (ORDS) with maximum 30 DB connections got full and people were starting to see an error message from ORDS. Of course we could scale up the connection pool with the database, but that would mean we had to scale up our hardware too, as ORDS was already taking up 100% CPU. Instead, my colleague Moritz Klein quickly found a way to throttle-down the requests in our proxy server installed in front of ORDS. We used a module called "event MPM". The configuration looks like this: # event MPM # StartServers: initial number of server processes to start # MinSpareThreads: minimum number of worker threads wh