Hi list, I'm working on a promotional online B-to-B web game for a client, using Rev as cgi engine. In a few words here's how it works : players have to register first and then need to find several clues in successive images. Finding those clues is pretty easy and we expect the number of winners to be pretty large; therefore a limited set of winners will finally be randomly choosen among those who found all the clues.
Here's my question : in order to prevent ppl to register hundreds of times automatically, or simply to hinder hackers to send large amounts of automatic cgi requests and to clutter mySQL tables with useless registrations, I've been asked to think about some protection. So far, the best idea I came with is to deny access to mySQL to more than 10 requests from the same IP within the last minute (several ppl in a same corporation can play simultaneously and thus will be viewed as the same ip by the server, and of course none of them should be denied access to the game). This can be easily done and won't slow down the scripts at all. Of course, both "10 requests" and "last minute" can be adjusted... I was wondering what you guys are thinking of this approach, and if anyone has managed to develop a more efficient strategy in a similar context... Thanks in advance for your suggestions, JB _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
