Title: DOS attacks
Last modified: August 21, 2016

---

# DOS attacks

 *  Resolved [frisco](https://wordpress.org/support/users/frisco/)
 * (@frisco)
 * [13 years ago](https://wordpress.org/support/topic/dos-attacks-1/)
 * You cover DOS attacks in the FAQ, but we’re seeing more and more brute force 
   attacks that become de facto DOS attacks. Since PHP is a single process per request
   language, each request locks the process for the duration of the script execution.
   Let’s say a server has resources to handle 6 PHP processes. If those go to sleep
   because of LSS, there’s no process for a legitimate visitor. The brute force 
   attacker can throw enough requests in the queue that it’s easy to trigger a timeout.
   We’re now seeing this type of attack at least 1x per week.
 * I think the code and support of LSS is great, but we’ve had to recently deactivate
   it because creating many sleeping processes ends up being worse than the problem
   of brute force attacks. Do you have any suggestions for working around the problem
   we’re experiencing or is the scale/nature of the attacks we’re seeing unusual?
   We’d love to use LSS, but we can’t keep making more PHP processes to keep up 
   with the bad guys.
 * [http://wordpress.org/extend/plugins/login-security-solution/](http://wordpress.org/extend/plugins/login-security-solution/)

Viewing 1 replies (of 1 total)

 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years ago](https://wordpress.org/support/topic/dos-attacks-1/#post-3738181)
 * Hi Frisco:
 * You’re right. Login Security Solution doesn’t handle DDOS attacks and can be 
   used as a vector to implement such attacks.
 * Naturally, someone determined to DDOS a site will do it regardless of how many
   processes the server can run. The appropriate tools and procedures for dealing
   with them involve the server and networking layers.
 * –Dan

Viewing 1 replies (of 1 total)

The topic ‘DOS attacks’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/login-security-solution.svg)
 * [Login Security Solution](https://wordpress.org/plugins/login-security-solution/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/login-security-solution/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/login-security-solution/)
 * [Active Topics](https://wordpress.org/support/plugin/login-security-solution/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/login-security-solution/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/login-security-solution/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * Last activity: [13 years ago](https://wordpress.org/support/topic/dos-attacks-1/#post-3738181)
 * Status: resolved