My site is currently under attack. I created a user directory that automatically places the last one registered in people on top. The one who loads the home page is placed on top.
I have one user (at least one who is logged in, not sure if it’s even more disabled), which refreshes the page without stopping and slows down the site. There are a lot of images on the site, so now it is becoming much slower.
I installed sikka: https://github.com/meteorhacks/sikka
But I have some problems with this. In particular, three main problems:
I configured the package and it does not seem to stop the attack. I still see the reboot of the user, no matter what.
I run my local server (localhost: 3000) and it works well there, in fact it will not let me do anything. I am loading the page and it will take me to the captcha page, no matter what. It will just keep me there right after the click. Therefore, I can’t work with the site with the package installed.
I had to enable the 'onlyForHumans' function. It basically asks all users to confirm that they are not robots, which is obviously a huge inconvenience. Not only that, but expired and continues to ask. This stopped the attack, but obviously I can’t leave the site like this. I will influence the speed of registration, etc.
Can someone help me with the setup? for speed limits, what is the appropriate setting for each IP address? I have a default value, but without setting onlyForHumans, it does nothing and worse, it goes locally.
Any help is appreciated!
"sikka": { "captcha": { "siteKey": "google key here", "secret": "google key here" }, "rateLimits": { "perIp": 20, "perHuman": 20, "perSession": 20 }, "times": { "blockIpFor": 120000, "humanLivesUpto": 3600000 }, "onlyForHumans": true }
source share