Prevent hack sms function - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24) +--- Thread: Prevent hack sms function (/showthread.php?tid=74199) |
Prevent hack sms function - omid_student - 08-22-2019 Hi I have a function in my API that send sms to user's mobile I try limit it by user IP But user can change IP and again send sms or hack it Do you have best way for limit sms for each user? RE: Prevent hack sms function - albertleao - 08-22-2019 Sessions? Store it in a DB? MFA? We'd need a little more information. RE: Prevent hack sms function - omid_student - 08-22-2019 (08-22-2019, 09:37 AM)albertleao Wrote: Sessions? Store it in a DB? MFA? I save user's IP in database and check record count for each IP and in each 5 hour,user can send 5 sms RE: Prevent hack sms function - refik5 - 09-28-2019 Limit send sms by ip and user_id, or registered mobile number or email address. RE: Prevent hack sms function - Digital_Wolf - 09-28-2019 Since the session can be reset, which will lead to re-registration, and the IP can be changed as gloves for example through Tor, I would do a code check via mail + phone and (QR Codes {Google auth or other}) . and for example kept something in localStorage through js as in a case with sessions. |