php - Will limitting refreshes of a login-page in a period of time, protect the site from attacks?

646

My question is if you limit the refreshes let's say 30 to a period of 10 sec, will this prevent DDOS, flood, brute force attacks in the login or other page?

171

Answer

Solution:

Distributed Denial of Service, being by nature decentralized, would not all come from a single client, as such you would not be able to limit the entire botnet's access to the page... While it would help reduce the effect of each singular drone, it would not necessarily prevent them from hitting your server repeatedly.
However, in the case of a singular attacker, it would massively increase the time for a brute attack, but could be less pain to the user by implementing a three-strikes before delay rule or similar.

People are also looking for solutions to the problem: PHP division resulting in NaN - maybe related to DateTime functions

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.