Hi, I am in front of a security issue. We are running several site using modperl. Last days, a hacker used a script to call some script of our sites for bad purpose. He needed to be authenticated, but we are only using session cookies. Then, once he was loged in, he could retrieve this id and use it in his home made script.
This is not the first time this kind of things happends. We use application level security addons to limit the effects. However, I am looking for a tool that could Limit user access by number of requests. I found on the guide Apache::AccessLimitNum, but I can not find it on the cpan, it seems to be discontinuated ... I'am sure i am not the only one to have such problems. How are you, guys, fighting that? Best regards, Fred
