Форум   Статьи   Новости   Файлы   Bugtraq   Сниффер   Друзья   О Клубе
Вернуться   HPC / Безопасность / English Forum
   
  Страница 1
  , 19:51   #1
Новичок
 
Аватар для KrypTik
 
Регистрация: 06.09.2014
Сообщений: 8

Репутация: 0 / 0
Lightbulb protect your site against DDOS with PHP script

Hello

<?php

/*
chmod /iplog/ to 777
create and chmod /iplog/iplogfile.dat to 666
add the following line in any important .php file in the same directory as your anti_dos.php file so it can check ips when that file is loaded, best example is index.php if you have it.
include("anti_dos.php"); //anti-dos, prevents rapid accessing

if you have a known cookie on your site,
you can use this, otherwise just ignore this, it will set a different limit
for people with this cookie

i use yourothercookie as the cookie id for the forum, my forum uses id
greater than 0 for all members and -1 for guests and members who have logged out,
so making it match greater than zero means members will get better access and
guests with or without cookies won't

also i use these cookies in the "flood alert" emails to make sure an important user didn't get banned. someone could fake a cookie, so always be suspicious. tez
*/
$cookie = $_cookie['yourcookie'];
$othercookie = $_cookie['yourothercookie'];

if($cookie && $othercookie > 0) $iptime = 20; // minimum number of seconds between visits for users with certain cookie
else $iptime = 10; // minimum number of seconds between visits for everyone else

$ippenalty = 60; // seconds before visitor is allowed back

if($cookie && $othercookie > 0)$ipmaxvisit = 30; // maximum visits, per $iptime segment
else $ipmaxvisit = 20; // maximum visits per $iptime segment

$iplogdir = "./iplog/";
$iplogfile = "iplog.dat";

$ipfile = substr(md5($_server["remote_addr"]), -2);
$oldtime = 0;
if (file_exists($iplogdir.$ipfile)) $oldtime = filemtime($iplogdir.$ipfile);

$time = time();
if ($oldtime < $time) $oldtime = $time;
$newtime = $oldtime + $iptime;

if ($newtime >= $time + $iptime*$ipmaxvisit)
{
touch($iplogdir.$ipfile, $time + $iptime*($ipmaxvisit-1) + $ippenalty);
$oldref = $_server['http_referer'];
header("http/1.0 503 service temporarily unavailable");
header("connection: close");
header("content-type: text/html");
echo "<html><body bgcolor=#999999 text=#ffffff link=#ffff00>
<font face='verdana, arial'><p><b>
<h1>temporary access denial</h1>too many quick page views by your ip address (more than ".$ipmaxvisit." visits within ".$iptime." seconds).</b>
";
echo "<br />please wait ".$ippenalty." seconds and reload.</p></font></body></html>";
touch($iplogdir.$iplogfile); //create if not existing
$fp = fopen($iplogdir.$iplogfile, "a");
$yourdomain = $_server['http_host'];
if ($fp)
{
$useragent = "<unknown user agent>";
if (isset($_server["http_user_agent"])) $useragent = $_server["http_user_agent"];
fputs($fp, $_server["remote_addr"]." ".date("d/m/y h:i:s")." ".$useragent."\n");
fclose($fp);
$yourdomain = $_server['http_host'];

//the @ symbol before @mail means 'supress errors' so you wont see errors on the page if email fails.
if($_session['reportedflood'] < 1 && ($newtime < $time + $iptime + $iptime*$ipmaxvisit))
@mail('flood_alert@'.$yourdomain, 'site flooded by '.$cookie.' '
.$_server['remote_addr'],'http://'.$yourdomain.' rapid website access flood occured and ban for ip '.$_server['remote_addr'].' at http://'.$yourdomain.$_server['request_uri'].' from '.$oldref.' agent '.$_server['http_user_agent'].' '
.$cookie.' '.$othercookie, "from: ".$yourdomain."\n");
$_session['reportedflood'] = 1;
}
exit();
}
else $_session['reportedflood'] = 0;

//echo("loaded ".$cookie.$iplogdir.$iplogfile.$ipfile.$newtime);
touch($iplogdir.$ipfile, $newtime); //this just updates the ip file access date or creates a new file if it doesn't exist in /iplog
?>


Give me please +1 like
 
Пользователь вне форума    
Наши Спонсоры
  , 22:01   #2
Форумчанин
 
Аватар для SharkyUA
 
Регистрация: 31.12.2010
Сообщений: 62

Репутация: 13 / 1
По умолчанию

Sorry, but it's not a solution.
If you're need protection, then you'll should setup hardware firewall or use CDN services.
Such as Cloudflare, Cloud Front, etc.

And you should use CODE forum tag.

Didn't see post date =\
__________________
Главные события происходят внутри нас, любое событие с нами с нас и начинается.
Не будьте рабами событий.
Это события — слуги нам.

Последний раз редактировалось SharkyUA; 26.10.2014 в 22:03.
Пользователь вне форума    
 

Похожие темы
Тема Автор Раздел Ответов Последнее сообщение
Редакторы PHP кода Mafan PHP 28 06.01.2014 19:45
Social Engineering Toolkit michael2208 Уязвимости и защита 0 06.07.2013 08:11
Раздача уинов ICQ ishmai Раздачи 57 01.06.2012 08:00
блек icq 826314 eXtreme Cash - До 1000$ с 1k инсталлов и больше! dufox Black List 1 08.02.2011 17:09
отчетник GIPING Раздачи 0 25.02.2010 15:35



Часовой пояс GMT +2
Powered by vBulletin® 3.x.x Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.

Copyright © 2008 - 2013 «HPC» Реклама на сайте Правила Форума Пользовательское соглашение Работа на сайте
При копировании материалов ставьте ссылку на источник
Все материалы представлены только в ознакомительных целях, администрация за их использование ответственности не несет.