Hey,

Someone I know who uses Gossamer Forum has recently been having some trouble with a guy harassing him and using cpu/bandwidth by hitting his forum multiple times at the same URL, so I wrote a plugin for him.

It will log all guest page hits to a table in the database and if x hits to the same URL are made within x seconds of each other then it will add a "deny" entry into a .htaccess file.

Here is the plugin for anyone interested.

There are three plugin options:

Delay - The number of seconds between hits to deem as acceptable.
Hits - The number of hits to allow with the number of seconds defined by the "Delay" setting before the ip is banned.
Htaccess - The full path to the .htaccess file (not including /.htaccess at the end).

So a brief example...

By default "Delay" is set at 8 seconds and "Hits" at 5. This means that if someone requests the same URL every 8 seconds for 40 seconds then they will be banned (8 seconds x 5 hits = 40).

If someone hit the same URL every 9 seconds, they'd be fine.

So basically just multiply "Delay" x "Hits" and turn it into seconds, to work out how often someone can hit the same URL.

eg...

Delay = 10
Hits = 50
...means it would take 50 hits in 500 seconds for a ban to be set

Delay = 2
Hits = 2
...means it would take 2 hits within 4 seconds to set a ban (heh probably don't want this).