Overall, nice module! But after reading the README I have some questions, comments and critiques:
But it will deal with simple DOS ones, but the concept is associated with DDOS whereas DOS is about the classic operating system from the 90's."
Sorry, but this sentence makes little sense. 😄
Yes, this will not deal with distributed denial-of-service attacks
Just curious, why did you use ddos within the module name if this module does not help to prevent those types of attacks?
You could add some sort of basic DDOS prevention by providing a means to add a global threshold that allows one to define expected traffic regardless of IP. But you would have to program it to not include the results of already blacklisted IPs. You don't want one bad apple taking the whole server down.
Another nice thing to add is the option of slowing down responses instead of dropping them altogether. Something like:
This wouldn't necessarily stop DOS attacks but it would prevent brute force attacks. If programmed correctly it could even help to prevent distributed brute force attacks. Perhaps you could add an option where if a certain percentage of the threshold is reached the responses could be slowed. This could allow one to accommodate unforeseen growth but at the same time protect the server.
Anyways, these are just some of my thoughts and ideas for you to do as you wish with. Good luck!
Overall, nice module! But after reading the README I have some questions, comments and critiques:
Sorry, but this sentence makes little sense. 😄
Just curious, why did you use ddos within the module name if this module does not help to prevent those types of attacks?
You could add some sort of basic DDOS prevention by providing a means to add a global threshold that allows one to define expected traffic regardless of IP. But you would have to program it to not include the results of already blacklisted IPs. You don't want one bad apple taking the whole server down.
Another nice thing to add is the option of slowing down responses instead of dropping them altogether. Something like:
This wouldn't necessarily stop DOS attacks but it would prevent brute force attacks. If programmed correctly it could even help to prevent distributed brute force attacks. Perhaps you could add an option where if a certain percentage of the threshold is reached the responses could be slowed. This could allow one to accommodate unforeseen growth but at the same time protect the server.
Anyways, these are just some of my thoughts and ideas for you to do as you wish with. Good luck!