Posted by Michael Daly on 04/09/07 23:43

antony wrote:

> who does the dos attack I think can to make also in automatic the page
> refresh.

Very likely. This would only work well with dumb kids, not determined
computer hackers.

> so is sufficient to slow the datas insertion ?
> the time of slow can also is proportional at the attempts.

On the time scale of a DOS attack - definitely. That would involve lots
of hits in a very short time frame. Dynamic IPs are usually only
refreshed once a day or longer.

> for hidden "lockout" field you what system use (advise)?
> css, javscript , other solution?

Put it on the HTML form as:
<input type="hidden" id="lockout" name="lockout" value="xxyyzz" />

You can read this with php to decide whether to accept or deny the
access. The value can be set to one string if permitted and a different
string if locked out.

The problem is that you still have to handle this in the program and not
at the server level. It will still consume a lot of web server resources.

Maybe you could capture an IP that is repeating attempts at your server
and then write some php to dynamically update your server with a
blacklist of IPs ( deny/accept - accept from all, deny from ip.... or
something better). If you then restart the server with php, he'll be
forbidden by the server. Another option is if you can dynamically
update a firewall with blocked IPs using php.

I'm just guessing here - I've never done anything like this.

Mike

[Back to original message]