DOS attack possibility on cached pages - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: DOS attack possibility on cached pages (/showthread.php?tid=52299) |
DOS attack possibility on cached pages - El Forum - 06-05-2012 [eluser]vrencianz[/eluser] Cached pages are vulnerable to DOS attack by making the cache size as large as the host storage size is. Take the following controller and view as example: Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); testview.php Code: <p>Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod ...</p> Then requests like: Code: http://localhost/test/index/1/ work and generate different cache files inside the 'cache' directory. <b>Update</b> This can be prevented from developer side by testing the number of segments from the url and rejecting those having more than expected. Hm. DOS attack possibility on cached pages - El Forum - 06-10-2012 [eluser]Vadorequest[/eluser] Without cache enable, the CI framework blocks the DDOS attacks ? I didn't know. |