Loading…

From Syncplify's Development Team

Follow this blog to be always up to date with the development progress...
See what's going on

Testing the blocklist cache

Every Syncplify Server! operator is familiar with Syncplify’s ProtectorTM technology, which prevents attacks and hacking attempts, and automatically puts the attacker’s IP address in the blocklist (formerly known as “blacklist”).

But in every Syncplify Server! version prior to v6, checking whether or not an incoming request is coming from a blocked IP address implied a query to the database, which can take a millisecond or two. In v6, though, we have now implemented an in-memory cache with automatic TTL, which effectively reduces the number of such DB queries by up to 90%, and the time taken from milliseconds to just a few microseconds (yes, it’s up to 1,000 times faster than querying the DB).

Here’s a blocklist usage and cache-hit report for the past 2 days of operation of our honeypot:

{
     "rejectedConns": 2331,
     "addedToBl": 2262,
     "hitsOnBl": 2250,
     "hitsOnBlCache": 1985
}

Out of 2250 blocklist hits, 1985 (88.22%) were gracefully handled by the in-memory cache.