An Internet website, how to prevent malicious users refresh the web site, or through continuous access tools malicious web site, since the business is relatively complex, this continuous access service, pressure database server can withstand continuous access, a great god, and to solve!!!!!!

CodePudding user response:

Front firewall/load balancing,

Background to detect malicious access, inform the firewall/load balance, to prevent its services

CodePudding user response:

refer to owe you a reply of basic water fire and earth building Lord:

an Internet website, how to prevent users from malicious refresh the web site, or through continuous access tools malicious web site, since the business is relatively complex, so continuous access to services, the pressure to the database server can withstand continuous access, a great god, and to solve!!!!!!

for queries can be put in Redis, so casually brush also doesn't matter, don't attack to mysql, for malicious penetrate to return a null or custom objects, into the cache can also,

CodePudding user response:

Prevent malicious access this should not be put in application to do, should be handed over to a firewall, or application in writing a pile of code to determine whether a malicious access, so still occupied the server resources, also increase the burden of application, application development, so if you do need not consider this

CodePudding user response:

refer to owe you a reply of basic water fire and earth building Lord:

an Internet website, how to prevent users from malicious refresh the web site, or through continuous access tools malicious web site, since the business is relatively complex, so continuous access to services, the pressure to the database server can withstand continuous access, a great god, and to solve!!!!!!

Set access rate, per unit time, visited more than prohibit the IP access number, really like what is said above to network equipment, network security problem should be

CodePudding user response:

reference hash Seth reply: 3/f

prevent malicious access this should not be put in application to do, should be handed over to a firewall, or application in writing a pile of code to determine whether a malicious access, so still occupied the server resources, also increase the burden of application, application development, so if you do need not consider this

Malicious access to see what is based on judgment, if the user level is, that this is also the concept of application, is to be placed on the application layer, if the IP level is that it is not the application layer,

CodePudding user response:

Some development framework, has the frequency limitation of method calls, you can refer to this idea,
Like phone verification code usually have frequency limitation, this function is very common,