XF 1.1 Avoiding DOS attacks by disabling search functionality

Marco Famà

Active member
Dear all,
a friend of mine using xenforo told me that DOS attacks can be performed through the search function module.

Is there anyway I can avoid it by simply disabling the search functionality to non-registered users?

Thanks a ton
Marco
 

Adam Howard

Well-known member
Dear all,
a friend of mine using xenforo told me that DOS attacks can be performed through the search function module.

Is there anyway I can avoid it by simply disabling the search functionality to non-registered users?

Thanks a ton
Marco
I posted about this a while ago.

YES, if you have search enabled for guest.... This can seriously impact your forum. Even if you have a reCaptcha option into search (which I've seen before).

Disabling search for guest is your best solution. You can always add Google Search into your sidebar for guest.

This is not exclusive to XenForo. This known "exploit" affects vBulletin, IPB, phpBB, MyBB, SMF, ect...ect...
 

Marco Famà

Active member
ok Adam, thanks a ton.

The point is that I've tried to search for this functionality through ACP but could not find that :-/
Any suggestion?
 
Top