Brute force detector using Notify option

Question

I am trying to write some code to prevent Brute force attack on my website so I just got to know some of the tricks that I can use. So I just write these code in config.php which are:

1. Enabling anti-attack It is time-out value which sleeps for particular time when it detects Brute force attack.

    // if set to 1, sleep the application for several minutes, causing attackers' tools
    timing out
    $anti_attack = 0;
    $sleep_time = 5; // minute

But then I come to know that by this code it may cause DOS to my website so I just got to know one more trick but I am not able to write it that is:

2. Modify notify option : I am not able to run this because it is giving some sort of error. To prevent this I started writing and able to make only one syntax that is :

    $emailnotify = 1;
    // rest I am not able to 

So is there any special syntax which I can use to modify notification option using PHP.

Answer 1

After actually 3 weeks I finally got the answer with some research and I got this which is quite working. The answers mention above mine are also quite correct but actually I was just trying to do something unique and wanted to learn new things.

Here is the code for Modify notify option.

---

$emailnotify = 1;
//Log attacks in file, 1 to yes, 0 to no
$logfile = 1;
//Log attacks in system log mechanism or server, 1 to yes,
//0 to no
$logsys = 0;
// if set to 1, sleep the application for several minutes
$anti_attack = 0;
$sleep_time = 5; 
//minute

Answer 2

You are addressing the problem at the wrong layer. You need to stop the request at the webserver level, because by sleeping, your PHP process will still consume memory and therefore you can quickly get DOS'ed out of memory.

If you want to do this correctly, then add a rate limit to your firewall.

If you want to saveguard long running operations, then you can write a lock file (or better use the semaphore module). Then you can sleep to get your webserver cycle out of workers. Your page will be inaccessible them. I am sure that is not what you really want.