Simple APCu caching in your Project & nonCDN BruteForce protection
(PHP) a little elaboration how i started using RAM caching in my projects to speed up response times and selfhosted lightweight bruteforce (to certain degree even a kind of DDOS) protection
I became obsessed with RAM caching and i try to keep pushing every single millisecond down. (While talking about thousands of requests per second, every millisecond matters).
Here is an example of caching rarely changing json file. I tried to keep it clean for readability when quickly looking through code and as quick as possible (performance).
It takes only 2 lines and one if clause to always get the value either fresh or cached.
I use own getChache/setCache functions, because i’ve been experimenting with other caching solutions, also setCache function returns the data itself, no matter apcu_store succeeding or failing
BTW if you have any suggestion, that would increase the performance, feel free to share.
Simple BruteForce (to a certain degree even DDOS) protection action and IP specific
At beginning (.config.php file in my case) we define visitor’s IP and precise current time in miliseconds.
Then we can use callFrequency() function at any place with optional parameters of minimal time in milliseconds, before allowing requesting it again and the name of action.
For example we can limit a brute-force attack by simply putting callFrequency(1000,”LastLoginAttempt”); before the login script itself. This will quickly and with small usage of resources limit login attempts from one IP to 1 per second.
(Eventually you could limit specific username login attempt per IP callFrequency(5000,”LastLogAt”.$_POST[“username“]); — This would limit amount of login attempts with specific username from specific IP to once in 5 seconds)
By average, it took ~1.94ms to process and deny request on average desktop machine (I3–6100).