Home > Developer > PHP

Example of PHP anti-CC attack and quick page refresh prevention

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
The reason for the CC attack is that the dynamic page is constantly refreshed, such as the page for reading and writing databases from php + mysql. if the page is refreshed quickly, the page may be stuck or the server resource usage exceeds the limit, as a result, the server crashes. The following describes some examples to prevent CC attacks .... the reason for the CC attack is that the dynamic page is constantly refreshed, such as the page for reading and writing databases from php + mysql. if the page is refreshed quickly, the page may be stuck or the server resource usage exceeds the limit, as a result, the server crashes. The following provides some examples to prevent CC attacks.

CC attack causes

The principle of CC attack is that attackers control some hosts to repeatedly send a large number of packets to the other server, causing server resource depletion until the server crashes. CC is mainly used to attack pages, everyone has this experience. when a webpage has a large number of visitors, it will be slow to open the webpage. CC is used to simulate multiple users, and the number of threads is the number of users, non-stop access to pages that require a large amount of data operations, that is, pages that require a large amount of CPU time, resulting in a waste of server resources. the CPU time is at 100% for a long time, there will always be endless connections until network congestion occurs and normal access is terminated.

Refreshing the page for cc attacks does not make any sense to us. to make it meaningful, we use all our website resources. we can prevent CC attacks by disabling website proxy access in multiple ways, try to make the website static pages, limit the number of connections, and modify the maximum timeout time.

The PHP instance code is as follows:

 = $ Refresh) {// jump to the attacker server address header (sprintf ('Location: % s', 'http: // 127.0.0.1 ')); exit ('Access Denied ') ;}} else {$ _ SESSION ['refresh _ times'] = 0; $ _ SESSION ['last _ time'] = $ cur_time;}?>

Firewall is a very good solution to prevent CC attacks. it not only has no impact on the server, but also effectively prevents CC attacks.

We recommend that webmasters use dongle to defend against CC attacks or linux iptalbs to prevent CC attacks. Similarly, if my server has a server room firewall, these attacks are automatically blocked.


Tutorial address:

Reprinted! But please include the article address ^

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
php refresh page php refresh page once how to refresh page php path traversal attack prevention phishing attack prevention php injection attack example xss attack example php

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More