XF 1.1 Avoiding DOS attacks by disabling search functionality

Marco Famà · Oct 19, 2012

Dear all,
a friend of mine using xenforo told me that DOS attacks can be performed through the search function module.

Is there anyway I can avoid it by simply disabling the search functionality to non-registered users?

Thanks a ton
Marco

Adam Howard · Oct 19, 2012

Marco Famà said:
Dear all,
a friend of mine using xenforo told me that DOS attacks can be performed through the search function module.

Is there anyway I can avoid it by simply disabling the search functionality to non-registered users?

Thanks a ton
Marco

I posted about this a while ago.

YES, if you have search enabled for guest.... This can seriously impact your forum. Even if you have a reCaptcha option into search (which I've seen before).

Disabling search for guest is your best solution. You can always add Google Search into your sidebar for guest.

This is not exclusive to XenForo. This known "exploit" affects vBulletin, IPB, phpBB, MyBB, SMF, ect...ect...

Marco Famà · Oct 19, 2012

ok Adam, thanks a ton.

The point is that I've tried to search for this functionality through ACP but could not find that :-/
Any suggestion?

Jake Bunce · Oct 19, 2012

Admin CP -> Users -> List User Groups -> [click a group] -> Search

http://xenforo.com/community/threads/google-custom-search.20944/#post-266718

XF 1.1 Avoiding DOS attacks by disabling search functionality

Marco Famà

Active member

Adam Howard

Well-known member

Marco Famà

Active member

Jake Bunce

Well-known member

We value your privacy