My site was taken offline by a DOS attack on the route=payment/firstdata_gge4/send endpoint (I'm running Opencart2.1.0.1, and using the Payeezy First Data GGe4 Module.). This was not a problem with the server's ability to handle the load but rather because this API makes a database query which is very expensive on server resources, and exceeded the max allowed connections to the database. I was wondering if there is a fix for this, e.g. adding a CAPTCHA verification for this API access.
Yes, it would be possible to add a captcha to this process, but you'd have to hire a developer to do that. I would recommend you first contact the extension developer, and if they are unable or unwilling to do it, try to find another reliable developer.
If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
If you need to find a developer, you can post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.
It seems like that endpoint my be called by their API? In which case it wouldn't be possible to add a CAPTCHA?
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
If it's DOS not DDOS then simply block their IPs.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Who is online
Users browsing this forum: Google [Bot] and 285 guests