I want to know if repeated hitting of the submit button by bots or humans hurt my server?
I have a form with validation, if what was entered does not match what is on the database it will return invalid code and the form will never get submitted.
So am just thinking apart from brute force attacking which tries several code in attempt to get the right code, but can someone deliberately put one wrong code in the input box and keep hitting the submit button just to hurt your server or cause server problems especially when each hit queries your database?
Can it? Technically yes, but they’d almost certainly need friends, and it doesnt matter what page you use, form or not, database or not.
What you’re vaguely describing would be considered a Denial of Service Attack, most commonly a Distributed Denial of Service (DDoS) attack, wherein bots hit your page so hard and so fast that they prevent regular traffic from being able to reach the site because the server’s too busy dealing with the attack requests.
One guy sitting there and rabbiting his refresh button, or a submit button, isn’t going to rise to this level unless you’re running your website on a potato. Webservers are built to handle thousands of requests a second, and any respectable host has mitigation/reaction strategies for true DDoS attempts.
Thanks @m_hutley
So is isnt much about the submit button but about ddos attack on general page or entire site?
Apart from relying on my host or getting a robust server that can take many requests per hour, what can i do personally to prevent it?
I have heard of cloudflare are they that perfect or what must i do to Prevent a DDoS attack