rootnik
03-27-2003, 09:11 PM
I'm in desperate need of a hack that will:
limit the number of guests that can be on the forum at one time.
limit the number of connections the same IP address can have at one time.
I've found some flood control scripts that do this on some pages, but nothing that will work on every page of the forum. If I overlooked something I'd be greatful if somebody can point me in the right directions.
We have had flood attacks the past week. Our forum is a private forum, and guests have no rights. Registration was turned off, but they still found a way to query the register.php script over and over again. We renamed the registration page and they moved to the loss password form. We have since then got rid of the lost password form.
All was coming from the same IP address, and they had over 1300 guest sessions at the same time.
Banning the IP address isn't an option, they will just change the IP and start the attack over again.
We have had no attacks since we got rid of the password form and the registration page, but we would like to be able to use both of those features in the future.
Can anybody help me?
Thanks
limit the number of guests that can be on the forum at one time.
limit the number of connections the same IP address can have at one time.
I've found some flood control scripts that do this on some pages, but nothing that will work on every page of the forum. If I overlooked something I'd be greatful if somebody can point me in the right directions.
We have had flood attacks the past week. Our forum is a private forum, and guests have no rights. Registration was turned off, but they still found a way to query the register.php script over and over again. We renamed the registration page and they moved to the loss password form. We have since then got rid of the lost password form.
All was coming from the same IP address, and they had over 1300 guest sessions at the same time.
Banning the IP address isn't an option, they will just change the IP and start the attack over again.
We have had no attacks since we got rid of the password form and the registration page, but we would like to be able to use both of those features in the future.
Can anybody help me?
Thanks