- Issue created by @jmohino
- Status changed to Postponed: needs info
6 months ago 12:05pm 23 May 2024 In general this is a bit difficult, and a solution wouldn’t be limited to search.
The ban module → is a good first step. Pantheon hosting has an article titled Troubleshooting Traffic Events.
As a feature request this needs updating to be something the community could build.
- 🇪🇸Spain jmohino
Thanks @cilefen.
I use the ban module, and every time I block the IP, but if the attacker continually changes his IP, I can't keep an eye on him all the time and in just 2 or 3 minutes he is able to take my site down.
I think it is a big problem and should be solved, If it is complicated through Drupal perhaps someone can recommend some Apache configuration or similar. ¿? - 🇺🇸United States mfb San Francisco
The flood API provides everything you need to implement this feature - already used by other forms. (If it becomes a distributed attack then you need other mitigations too, captcha etc.)
The article I cited also mentioned https://github.com/fail2ban/fail2ban and cloudflare.
- 🇪🇸Spain jmohino
Thank you very much for the advice, I have already installed Protect Form Flood Control, and I am going to see if I am able to put reCaptcha in the search form, to see if I can solve the problem. Although I haven't been able to do it yet :D
Greetings. - 🇳🇿New Zealand quietone
Fixes are made on on 11.x (our main development branch) first, and are then back ported as needed according to our policies.