Quote:
Originally Posted by valeriyCE
Wouldnt technically calling your ajax page 1000 times be the same as an individual calling any of your other pages 1000 times? unless you are running hard queries on that ajax page you will be fine, if you are then block by ip/count/time.
|
Yes, it would in essence I guess. Lol. I may be being too paranoid. been seeing security and attack holes everywhere these days and I am just trying to make this as tight as possible. Thanks
Quote:
Originally Posted by AbsolutePorn
I would use #3 ...
Since PHP Sessions are server-side, how could those be "hacked"?
On the AJAX page, all you would have to do is see if that Session var was set, if not: die() , else ... do whatever it needs to do.
|
Hmm. you are right. Head has been down in code too long. I was envisioning passing under the sheets so to say. but yes, I could probably do session tracking and switch the front from flat htm to php.
Thanks for the answer.
Quote:
Originally Posted by Firestarter30
As far as DDOS attacks concerned , you should use Haproxy in the front since it takes care of that automatically, not only for scalability but also for safety.
|
Thanks for the suggestion.