URGENT HELP: Site under attack

My app keeps getting attacked by a bot that is entering the same inputs into a field to slow my site down. It’s not enabling anything to work. How do I stop a certain phrase from being added to my database repetitively???!!! Please help!!! I’ve tried blocking the keyword and hiding the input field and button when that keyword is the input. I’ve tried adding a conditional action so the same inputs aren’t added to the database twice. Neither of those options have worked and I’m in desperate need of help!

The site is app.somekindwords.net for reference

From what I’m reading it might be something to do with SQL injection but I’m really not that literate in coding

Hi Kevin,

I’ve never seen this happen before, but when the user enters the site, try and land them on a modal page first (like a welcome splash modal). That might help reduce inputs as you won’t have the text input on the first open page on the internet.

Like Erik said this could be an issue with it being the first page accessible. Having a modal there with a simple ‘i’m not a robot’ style task could help.

Another thing would be to have a collection called ‘session’. Screen action ‘create session’ when the page is loaded. Each time something is submitted, update session > usage record +1. Then have a screen action to direct them to a dead modal if that number gets too high too quickly.

I just created a new collection and that seemed to solve the issue in the meantime. But if it happens again then I’ll definitely try your way. Is there a reason the site is loading so slowly though now even after the attack has been stopped? The first page you land on is still taking forever to be responsive (where I can enter something in the text field or press a button).

EDIT: found a way to fix the speed issue for now

Thanks I’ll definitely try that if it happens again. The site is still loading super slow though and I can’t figure out why. I (attempted) to stop people from submitting duplicate responses and switched out the collection which seemed to stop the attack, but the initial landing page still lags terribly. Someone on reddit mentioned that I was loading the entire database clientside or something. But yea if you have any thoughts on how I could speed the site up that would be super helpful.

EDIT: Found a way to fix the speed issue

Hi Kevin,

Please submit a ticket in urgent matters like this so the team can look into it as soon as possible. Submit a Support Ticket

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.