From the course: Securing Django Applications

Using ApacheBench to simulate a flood of requests - Django Tutorial

From the course: Securing Django Applications

Start my 1-month free trial

Using ApacheBench to simulate a flood of requests

- [Instructor] Apache Bench is used as a benchmarking tool to let you know how many requests your Apache web server can handle. However, it can be used to test any other web server too. In one terminal, we're going to be running the Django web server. In another terminal, we're going to be running AB, which is the command to run Apache Bench. We use the N option, which is the number of requests to make. And then we're going to be hitting the Django web server at the index. And we can see that there are five completed requests and the requests per second are 292. So it looks like we can handle a lot of requests when using the Django web server. Let's try that again with more requests and this time pointing to our REST API URL. Instead, so he used the T flag to set the content type to JSON. We're going to make 200 requests and we are going to be hitting the API V1 public packages endpoint. So when we run this, we see that 200 requests were made and we were able to handle 294 requests per second. We need to confirm that we are sending the right data. So we're going to be using the T flag again. And then we're going to use V for verbosity, set it to the highest level. And then we send just one request and we're going to send it to the same API V1 public packages endpoint. So we can see by scrolling up a little bit, the data we sent and received and the response code and we can see everything with this verbosity flag. Now let's add more concurrency and more requests. So again, we use the T flag and then we say C, which is concurrency and we said to 30, so there'll be 30 concurrent processes. And then we run it with 2000 requests. So again, we're hitting the same endpoint. So you can see that the number of requests per second is slightly lower than before. And this is with 30 concurrent processes. And 2000 requests being made. There is another API method that we want to test. It's one that will create new objects in the database. So we set the content type to JSON again, set the verbosity to five. We're going to make just one request and we're going to use the P flag, which will load post data from a text file. And the post data we're setting is a JSON string. And we're going to be sending it to this other endpoint. Create package. So you can see the number of completed requests is one. And then when we scroll up, we can see from the log what happened. So he got a 201 HTTP status code, which means that the object was indeed created. Now we're going to try and flood the creation of new objects through the API. We're going to send a 100 requests. We're going to use the same post data. I am.. we're going to make the request to API V1 create package. So we made a 100 requests. They were all completed successfully, and that means a 100 new objects were created in the database. So that's definitely a flood of requests and we definitely do not want to be creating so many objects.

Contents