PHP website anti IP attack code super practical
- 2020-03-31 21:21:20
- OfStack
Today, I developed the following code, which is the initial success. I intercepted 15 IP in one day, and the server load is normal.
Include the program in the header of the PHP file you want to work on.
The program first determines whether the IP is in the prohibited list, if so, exit;
Otherwise, if the IP is in the monitor list, click more than 600 times in 10 minutes to join the forbidden list.
If the time and times are not exceeded, The Times are increased by 1. Meanwhile, monitor whether the IP operates frequently on the same page.
Because it is machine brush frequency, the program does not use session judgment.
Also, when updating, you can't use exclusive handling of files.
Using pseudo-static storage IP can also cause errors.
There is room for change and improvement in this procedure, you can also refer to the degradation principle in QQ farm, basically the farm is developed according to this principle.
<?php
//Query disable IP
$ip =$_SERVER['REMOTE_ADDR'];
$fileht=".htaccess2";
if(!file_exists($fileht))file_put_contents($fileht,"");
$filehtarr=@file($fileht);
if(in_array($ip."rn",$filehtarr))die("Warning:"."<br>"."Your IP address are forbided by some reason, IF you have any question Pls emill to shop@mydalle.com!");
//Add forbidden IP
$time=time();
$fileforbid="log/forbidchk.dat";
if(file_exists($fileforbid))
{ if($time-filemtime($fileforbid)>60)unlink($fileforbid);
else{
$fileforbidarr=@file($fileforbid);
if($ip==substr($fileforbidarr[0],0,strlen($ip)))
{
if($time-substr($fileforbidarr[1],0,strlen($time))>600)unlink($fileforbid);
elseif($fileforbidarr[2]>600){file_put_contents($fileht,$ip."rn",FILE_APPEND);unlink($fileforbid);}
else{$fileforbidarr[2]++;file_put_contents($fileforbid,$fileforbidarr);}
}
}
}
//The refresh
$str="";
$file="log/ipdate.dat";
if(!file_exists("log")&&!is_dir("log"))mkdir("log",0777);
if(!file_exists($file))file_put_contents($file,"");
$allowTime = 120;//Anti-refresh time
$allowNum=10;//Anti-refresh times
$uri=$_SERVER['REQUEST_URI'];
$checkip=md5($ip);
$checkuri=md5($uri);
$yesno=true;
$ipdate=@file($file);
foreach($ipdate as $k=>$v)
{ $iptem=substr($v,0,32);
$uritem=substr($v,32,32);
$timetem=substr($v,64,10);
$numtem=substr($v,74);
if($time-$timetem<$allowTime){
if($iptem!=$checkip)$str.=$v;
else{
$yesno=false;
if($uritem!=$checkuri)$str.=$iptem.$checkuri.$time."1rn";
elseif($numtem<$allowNum)$str.=$iptem.$uritem.$timetem.($numtem+1)."rn";
else
{
if(!file_exists($fileforbid)){$addforbidarr=array($ip."rn",time()."rn",1);file_put_contents($fileforbid,$addforbidarr);}
file_put_contents("log/forbided_ip.log",$ip."--".date("Y-m-d H:i:s",time())."--".$uri."rn",FILE_APPEND);
$timepass=$timetem+$allowTime-$time;
die("Warning:"."<br>"."Sorry,you are forbided by refreshing frequently too much, Pls wait for ".$timepass." seconds to continue!");
}
}
}
}
if($yesno) $str.=$checkip.$checkuri.$time."1rn";
file_put_contents($file,$str);
?>
Include the program in the header of the PHP file you want to work on.
The program first determines whether the IP is in the prohibited list, if so, exit;
Otherwise, if the IP is in the monitor list, click more than 600 times in 10 minutes to join the forbidden list.
If the time and times are not exceeded, The Times are increased by 1. Meanwhile, monitor whether the IP operates frequently on the same page.
Because it is machine brush frequency, the program does not use session judgment.
Also, when updating, you can't use exclusive handling of files.
Using pseudo-static storage IP can also cause errors.
There is room for change and improvement in this procedure, you can also refer to the degradation principle in QQ farm, basically the farm is developed according to this principle.