Robert,
Thanks for the reply. I can't seem to find ignore_user_abort in my
php.ini. I would like to do it at server level, rather than individual
scripts. Do you know roughly where is it? I think there were some
versions with this missing in the ini, which was later fixed.
I'm guessing that if ignore_user_abort is set to on, this could be the
culprit?
Would simply adding the following to the ini work?:
ignore_user_abort = off
Best,
Ryan
--
Ryan Barclay
RBFTP Networks Ltd.
DDI: +44 (0)870 490 1870
WWW: http://www.rbftpnetworks.com
BBS: http://forums.rbftpnetworks.com
Robert Cummings wrote:
On Fri, 2006-10-13 at 22:16 +0100, Ryan Barclay wrote:
A simple question I imagine, but I am wondering how I would combat DoS
attacks by users holding the REFRESH key on their browsers?
I have reproduced this error on a PHP-MYSQL website and when I hold the
REFRESH key on for a while, page gen times shoot up dramatically and
hundreds of processes are created.
Is there a way I can stop this/limit the connections/processes in apache
conf/php.ini?
What can I do to combat this method of DoS?
Check if the following is enabled in php.ini
ignore_user_abort
Or in the code via:
ignore_user_abort()
Cheers,
Rob.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
