I have a php codeigniter (MVC) controller and associated functions that are called when a logging action occurs.
e.g. http://www.mysite.com/controller/logging_function/variable_to_log
I want to know the best practice solution to stopping hackers from overloading my server with erroneous logging calls. How do you differentiate between a genuine request and someone nailing your server?
I’m focussing on logging here mainly because this is an operation which involves inserting data into a table.
Thanks in advance.
This is called a DOS (Denial of Service) attack.
It is probably one of the harder problems to solve, as many large organisations who have had such an attack could confirm!
In reality, someone orchestrating this kind of attack properly could use compromised computers, so you can’t even filter out by IP’s sending large volumes of requests, as they’ll all be from different computers.
The best you can do is create an alert when your system is overloaded, then investigate the problem manually.