How to apply rate limit on the website

[pushpendra]

Hi, today I got an alert from a cybersecurity agency that they have observed that My website is vulnerable to Application Logic (No Rate Limit). 

Could you suggest me how to mitigate this vulnerability? I am using IPS 4.6.7 on self hosted environment and website is behind a load balancer.

The message I received is pasted below.

No rate limiting is used to control the amount of incoming and outgoing traffic to or from a network. No rate limit means their is no mechanism to protect against the requests you made in a short frame of time.

it is recommended that necessary actions to harden the security posture of the above mentioned portal may be taken up on priority. further, system administrators may kindly be directed to undertake a thorough cyber security audit to ensure that the similar deficiencies do not exist elsewhere.

Bearbeitet 26. November 2021 von pushpendra

[V0RT3X]

Ask them, they're professionals

I usually delete such spam. 

[pushpendra]

vor 6 Stunden schrieb V0RT3X:

Ask them, they're professionals

I usually delete such spam. 

Ha Ha ha. Highly professionals thats why they sent the warning only not the solution/suggestion. 😁

So I am asking you guys. Is there any option in admin panel or in Apache to manage this? Please help.

[V0RT3X]

Usually such guys only make panic because they want to sell something. Honestly said I stopped reading at "alert from an agency".

If you want to secure your site (DDOS and more) you could check out something like Cloudflare, but I am not an expert in server security and should not give any advice on this.