Hello Mirko,
No. In fact anyone who says that implementing anti-flood features in a Joomla! extension is a good idea has either no idea what they're talking about or lying profusely (or wants to sell their software, which falls in the "lying profusely" category). I can explain why.
An anti-flood feature will block users who are trying to access many URLs on your site (let call this number X) in a very short period of time (let's call it Y). This means that the site needs to keep track of which URLs are visited by an IP for a period of time which is at least marginally larger than the time period Y. In other words, for each and every request you need to:
- Have Apache parse its internal configuration
- Have Apache read and parse all .htaccess files applicable to the request
- Apache passes the execution to PHP (ideally this will be a preloaded FastCGI process, typically it needs to waste a relatively big amount of time to create a new thread / process for a mod_php instance)
- PHP needs to load its configuration and any user configuration overrides
- Joomla! needs to be loaded off the disk and boot up
- All Joomla! plugins have to run
- We need to wait for MySQL to insert a record of the IP/URL pair of this visit
- We need to wait for MySQL to return the number of IP or IP/URL instances recorded the last Y amount of time and then compare it with X
- If it's larger than X we need to raise an exception which will be caught by Joomla!
- Joomla! needs to load its error template, parse it into HTML and return it to Apache
- Apache needs to push this data back to the browser
This takes a monumental amount of time, CPU, disk I/O and memory resources. The easiest way for someone to kill your site is having a few dozen computers all trying to visit the same URL 0.5 seconds apart. In other words: an anti-flood feature implemented in a Joomla! extension acts as a Denial of Service amplification vector.
Instead, what you need is something which sites BEFORE Apache and ideally before your server itself. This is why instead of implementing a bad feature which has the exact opposite effect than what you need we suggest using CloudFlare (or a similar service) instead.
CloudFlare is a CDN which sits between your users and your server. When it detects abnormal behaviour it will catch the requests, block them (with an explanatory message) and NOT forward the request to your server. This means that the real problem makers no longer have the opportunity to attack your server because they're caught in the CloudFlare net. This protection is only possible because CloudFlare is a third party service running outside your server. There is no way anyone can provide this kind of protection with software running on your server, especially with PHP-based software.
Davide Tampellini
Developer and Support Staff
🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!