I suggest you ...

Create RequestLimiting plugin

A RequestLimiting plugin would prevent a single IP address from requesting more than a certain number of images per minute.

DOS and DDOS attacks are already blocked by GDI's memory allocation requirements, but this would allow more granular control.

20 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
You have left! (?) (thinking…)
AdminLilith River (Owner, Image Resizing Module) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    This is an issue that my company is very concerned about. It wouldn't take anyone more than 5 minutes and a single while loop to really kill a server by doing this
    image.png?width=50
    image.png?width=51
    image.png?width=52
    image.png?width=53
    etc.

    Does anyone have any simple and elegant solutions for this other than providing a white-list of valid query-string options?

Feedback and Knowledge Base