CODE

Joomla Rate Limiter Plugin

Joomla Rate Limiter Plugin Technical Overview

Purpose

The Joomla Rate Limiter plugin provides a lightweight, session-based protection mechanism against form abuse or accidental rapid submissions. It ensures that users can only submit forms a limited number of times within a defined time window.

Joomla Rate Limiter Plugin

Key Features

  • Session-based Tracking: Keeps submission logs in the user session, no database storage needed.
  • Customizable Limits: Easily configure the allowed number of submissions and time window through the plugin settings.
  • Frontend-only Protection: Only applies on the site’s frontend, leaving backend functionality unaffected.
  • Form-specific Rate Limits: Supports multiple forms by optionally passing a form_id to track submissions independently.

 

Download this Plugin

 

How it works

  • When a form is submitted (POST request), the Joomla Rate Limiter plugin checks how many times that form has been submitted by this user within the configured time window.
  • If the submission count exceeds the limit, the plugin:
    • Displays a warning message (You are submitting too frequently...).
    • Redirects the user back to the homepage or another defined page.
  • If under the limit, it logs the current submission timestamp and allows the request to proceed.

Technical Workflow

1️⃣ Initialization:

  • The plugin loads when Joomla fires onAfterInitialise().

2️⃣ Frontend-only Execution:

  • The plugin skips execution if running on the Joomla administrator.

3️⃣ Configuration Parameters:

  • timeWindow (seconds): e.g. 600 (10 minutes).
  • submissionLimit: e.g. 5 submissions allowed.

4️⃣ Submission Tracking:

  • Submission timestamps are stored in PHP session (per user).
  • Older submissions outside the time window are automatically discarded.

5️⃣ Rate Limiting:

  • If submission count exceeds the allowed limit, user is blocked and redirected.

    Purpose

    The Joomla Rate Limiter plugin provides a lightweight, session-based protection mechanism against form abuse or accidental rapid submissions. It ensures that users can only submit forms a limited number of times within a defined time window.

    Key Features

    • Session-based Tracking: Keeps submission logs in the user session, no database storage needed.
    • Customizable Limits: Easily configure the allowed number of submissions and time window through the plugin settings.
    • Frontend-only Protection: Only applies on the site’s frontend, leaving backend functionality unaffected.
    • Form-specific Rate Limits: Supports multiple forms by optionally passing a form_id to track submissions independently.

    How it works

    • When a form is submitted (POST request), the plugin checks how many times that form has been submitted by this user within the configured time window.
    • If the submission count exceeds the limit, the plugin:
      • Displays a warning message (You are submitting too frequently...).
      • Redirects the user back to the homepage or another defined page.
    • If under the limit, it logs the current submission timestamp and allows the request to proceed.

    Technical Workflow

    1️⃣ Initialization:

    • The plugin loads when Joomla fires onAfterInitialise().

    2️⃣ Frontend-only Execution:

    • The plugin skips execution if running on the Joomla administrator.

    3️⃣ Configuration Parameters:

    • timeWindow (seconds): e.g. 600 (10 minutes).
    • submissionLimit: e.g. 5 submissions allowed.

    4️⃣ Submission Tracking:

    • Submission timestamps are stored in PHP session (per user).
    • Older submissions outside the time window are automatically discarded.

    5️⃣ Rate Limiting:

    • If submission count exceeds the allowed limit, user is blocked and redirected.