I was thinking about what would be the perfect number of clicks per time interval that could be seens as an attacker.
Would 10 clicks in 10 seconds be overzealous?
Let's say, that if a user agent clicked ten times on your site within ten seconds should that be seen as hostile?
For now let's say yes, 10 clicks (pageviews not hits) within ten seconds is a hostile act, you store thier IP adde and block any future clicks would this be enough and would it interfere with regular freindlies?
An easy solution to halt but not block is to use timed banning of IPs.
so, if a agent has clicked 10 pageviews within 10 seconds he is halted by his IP for another 10 seconds. After the ten second freeze is up he gains access again but is marked as a first strike offender. If the abuse continue (three strikes and your out) eventually you outright ban the IP.
In summary, you use sessions to count pageviews per 10 seconds. If within a 10 second time interval 10 pageviews are clicked we halt that IP for another time interval period and mark him as a first time offender. When the halt time interval period is up the marked first offender is allowed in. By the third offense that IP is banned.
This is obviosuly a simple hack to prevent simple attacks, Sessions clearly do not take into accottn a concerted attack effort by more than one user agent. To track multiple users as a concert you have to use server side tracking that is not single user based such as sessions.
I have finished by web admin shell UI templator. It uses 4 of my new templating tool classes.
1. The new simple template parser (only variable interpolation no dynamic macros)
2. Template layout control (uses table blocks and placeholder mappings) to accelerate template building.
3. Template sets (themes)
4. Template compiler class for the simple template parser class.
It's initial release will be for PHPortal-XPC lite 2.0.
The XPC package release will feature compiled templates, a basic administration UI of templates and the PHP class components referenced in the XPC templates.
I am also throwing in a PHP client side caching function which basically reloads the user's cache, if it exists, of the page requested if it has not changed from the user's cache.
The above all dramatically increases user load time at a phenomenal rate.
My next project is one of two.
Either I will tackle the PHP code to binary and back to PHP using PGP style passphrases with public and private keys or my transactional emulation project.
The trans emul should be fun. It basically allows for saving changes, commiting changes, and rolling back changes on a object using simple logic and flat file temporary caches.
The basic idea of trans emul is to create two versions of an object and to cache each change along the way. Changes affect one version the user sees while rollbacks use the cached versions. Implementing file locking and version control beyond that is pretty easy as well.