I would like to implement a feature in my AppEngine server that prevents people from guessing passwords in rapid succession or hammering me with random requests (DoS, etc.). For this, I am looking for a way to block request from a certain remote IP for, let's say, the next 5 minutes or so.
Clearly, I can simply check the incoming IP of every request and return an error page myself, but it would be much more resource conscious if I could simply add this remote IP programmatically to a black-list maintained by AppEngine, preferably with a timeout, so that these requests get killed right at the load-balancer. Basically, I am looking for a way to dynamically update the blacklist that I can define via dos.xml. Is this possible?
Based on the Google App Engine documentation, each time that the dos.xml has new information, it needs to be uploaded again to the server. Thus, at the moment there is no way to modify the dos configuration of your application automatically through intelligence in your application.