Example of php implementing cc attack defense and preventing quick page refreshes
- 2020-12-21 18:00:17
- OfStack
<?php
// The agent IP Directly out of
empty($_SERVER['HTTP_VIA']) or exit('Access Denied');
// Prevent rapid refresh
session_start();
$seconds = '3'; // Period of time [ seconds ]
$refresh = '5'; // The refresh frequency
// Set monitoring variables
$cur_time = time();
if(isset($_SESSION['last_time'])){
$_SESSION['refresh_times'] += 1;
}else{
$_SESSION['refresh_times'] = 1;
$_SESSION['last_time'] = $cur_time;
}
// Processing monitoring results
if($cur_time - $_SESSION['last_time'] < $seconds){
if($_SESSION['refresh_times'] >= $refresh){
// Jump to the attacker's server address
header(sprintf('Location:%s', 'http://127.0.0.1'));
exit('Access Denied');
}
}else{
$_SESSION['refresh_times'] = 0;
$_SESSION['last_time'] = $cur_time;
}
?>