4
Bonjour,
Just curious, are these attacks specificaly after XoopS itself or just admin.php in general and all virtual servers?
I just got started in XoopS and found a module designed to guard against DoS attacks. Maybe this will help?
An idea for dev, maybe additional ACLs for admin.php like IP? Oh wait, you can do that in Apache confs. You can allow/deny at the server level, virtual server, directory level etc. You'll then only have to deal with valid users that need admin but there is a way. Say that admin.php is blocked at the server as tight as practical (at the server level) and then only allowed to even request critical files if already authenticated and ACL allowed (XoopS level).