Are you expecting a dozen people from the same company to try to sign up
all at once? If it's from your own company, either take it off the
limit (exit the function if the IP is your company's) or set the site up
so it can see the internal IPs of those users and don't limit internal IPs.
I don't limit internal IPs, but external ones either need to use a
CAPTCHA or the rate is limited, depending on the site.
I'm having a problem with spam bots and am currently research how to
build an effective rate limiter for our sign up form. Currently I am
leaning towards IP based limits (with a certain time criteria). Has
anyone ever had problems with this type of rate limit and corporate
proxies/firewalls where every user has the same IP address? Also if
anyone has any interesting articles about this type of rate/velocity
limiting I would be interesting in learning more.
Regards,
Anthony
_______________________________________________
New York PHP Users Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org/Show-Participation
