0

I have a PHP page the sole purpose of which is to spawn a bash script to run some background code (10-15 seconds run time), and then forward to a second page. The second page waits for the background code to run and displays the output.

Obviously, this set up is fertile ground for a DoS attack. Can anyone comment on the best practices to prevent such an attack in this situation? To prevent a non-distributed DoS attack I've considered keeping a log of IP addresses and times for each request and checking each new request against that list. If <30 seconds from last request, it'll kick out the request. A distributed DoS attack could be prevented by looking at the number of active spawned processes and kicking out new ones giving a "Server Busy" message, or setting up a queue.

Does this sound reasonable?

Improve this question
3
  • How much legitimate usage do you expect this to get? Is it just one admin user running one job a day on one physical machine, or a utility the general public will have access to? Commented Jul 10, 2015 at 19:20
  • 1
    Not enough information. there are different resources a DDoS can exhaust and not all of them involve network traffic. Your "workaround" could be nothing more than another attack vector. Commented Jul 10, 2015 at 19:26
  • 1
    This tool is publicly accessible, yes. I already have some safeguards in place to prevent network traffic DoS, it is overutilization of server resources that I'm trying to mitigate. Commented Jul 10, 2015 at 19:43

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.