JohnDoe Posted September 9, 2017 Share Posted September 9, 2017 Someone is attacking my website via HTTP requests. This requests are created for making search in forum, and takes down my forum. Is there any way to get rid of these HTTP floods? Link to comment Share on other sites More sharing options...
-FP Posted September 9, 2017 Share Posted September 9, 2017 You could increase the search flood control setting (per user group setting), completely disable the search function for a given group (app permissions), or you could block the ip of the attacker in your server if you have control over that. Link to comment Share on other sites More sharing options...
ASTRAPI Posted September 10, 2017 Share Posted September 10, 2017 You can limit connections/Requests using Nginx or you can use Cloudflare or if you want to be more aggressive you can use your server firewall to ban the user Link to comment Share on other sites More sharing options...
JohnDoe Posted September 10, 2017 Author Share Posted September 10, 2017 FP, I found the search flood control setting, but couldn't find how to disable the search function for a given group. Where is this "app permissions" in the admin panel? Link to comment Share on other sites More sharing options...
JohnDoe Posted September 10, 2017 Author Share Posted September 10, 2017 Never mind. I found it under System > Applications > System > Search I disabled the search function for guests and new members. I will see if this helps. Link to comment Share on other sites More sharing options...
Daniel F Posted September 10, 2017 Share Posted September 10, 2017 You can manage this via the module permissions https://invisioncommunity.com/4guides/how-to-use-ips-community-suite/member-preferences-and-features/module-level-permissions-r280/ Link to comment Share on other sites More sharing options...
Chatgroup Posted November 24, 2017 Share Posted November 24, 2017 We've got someone doing similar but don't really want to block search for guests as it's a great way for people to discover content. However, because guests do it I am unable to pin down the damn IP address Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.