• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.1 Avoiding DOS attacks by disabling search functionality

#1
Dear all,
a friend of mine using xenforo told me that DOS attacks can be performed through the search function module.

Is there anyway I can avoid it by simply disabling the search functionality to non-registered users?

Thanks a ton
Marco
 

Adam Howard

Well-known member
#2
Dear all,
a friend of mine using xenforo told me that DOS attacks can be performed through the search function module.

Is there anyway I can avoid it by simply disabling the search functionality to non-registered users?

Thanks a ton
Marco
I posted about this a while ago.

YES, if you have search enabled for guest.... This can seriously impact your forum. Even if you have a reCaptcha option into search (which I've seen before).

Disabling search for guest is your best solution. You can always add Google Search into your sidebar for guest.

This is not exclusive to XenForo. This known "exploit" affects vBulletin, IPB, phpBB, MyBB, SMF, ect...ect...