Hello,
This morning my forum got attacked by someone that made artificial requests that posted thousands of individual "garbage filled" posts with the objective of bringing down the site / filling up the server's memory. After 10 minutes there were over 30 000 individual new posts created and about 5000 replies to already existing posts
I immediately "shut off" all posting and reply permissions on the forum to mitigate further damage, thankfully the attacker used a single account to perform the attack, so I deleted it and used MySQL commands to delete everything that user had done, but I fear it could have been much much worse
I tried doing some research on how to prevent this from happening again, but unfortunately I am out of luck, I am looking for a way to "rate limit" users of a certain group to not be allowed to make a post / reply once per X minutes to make sure this never happens again but was unable to find anything
Is there something I can do to prevent this from happening again? I have turned off sign ups until I find a solution