stop brute force attacks php omniceps

In this post we are going to describe how you can stop brute force attacks by using a simple throttling script in PHP. The class is self-descriptive. But still just to understand better we will describe what it doesn and how you can achieve the same.

What is Brute Force:

Suppose you have a login service on your website which can be used by users to login. But hackers will try to log into accounts of other users to gain personal information. Or the hackes might try to gain access to administrator panel and thereby compromising all sensitive data. For this hackers generally write scripts which execute automatically and try to enter a different username and password combination.

For some admin panels users always choose username as admin or administrator (which is already a bad practice). So 1 our of 2 things is already available to the attacker/spammer. Now he just need to try different passwords combination in order to gain access.

Brute Force also makes serving speed slow:

As the attacker is making 100s of requests per second this also impacts your overall web server speed. So your database might get locked or can get freezed due to so many simultaneous requests.

What is Throttling:

Throttling is a technique where you limit the usage of resource depending on few conditions. For example, if you have ever visited a banking website and tried to login, you will be blocked to attempt login after you have made 3 simultaneous wrong login attempts. This is done in order to stop brute force. The conditions of throttling may vary depending on the application’s requirement. To learn more about throttling follow here ->

Benefits of Throttling:

Throttling saves your web server’s precious resorces like bandwidth, memory and cpu usage.
It helps you safegaurd your application from potential hackers and spammers. To learn more about php click here ->

Usage of script below:

Below script usage will allow you to stop brute force attacks on any of you resources.

Full Code Below: