PHP anti-CC Attack Implementation code Summary _php tutorial

CC attack is the other side using the program or some agents on your site uninterrupted access, resulting in your site can not handle and in the state of the machine, below we summarize some anti-CC attack PHP instance code, you can refer to friends.

Example 1

The code is as follows

Copy Code

Proxy IP Direct exit Empty ($_server[' Http_via ')) or exit (' Access Denied '); Prevent Quick refreshes Session_Start (); $seconds = ' 3 '; time period [s] $refresh = ' 5 '; Number of refreshes Setting up monitoring variables $cur _time = time (); if (Isset ($_session[' last_time ')) { $_session[' refresh_times '] + = 1; }else{ $_session[' refresh_times '] = 1; $_session[' last_time '] = $cur _time; } Process monitoring Results if ($cur _time-$_session[' last_time ') < $seconds) { if ($_session[' refresh_times ' >= $refresh) { Jump to attacker server address Header (sprintf (' location:%s ', ' http://127.0.0.1 ')); Exit (' Access Denied '); } }else{ $_session[' refresh_times '] = 0; $_session[' last_time '] = $cur _time; }

Example Two

code as follows

copy code

$P _s_t = $t _array[0] + $t _array[1]; $timestamp = time (); Session_Start (); $ll _nowtime = $timestamp; if (session_is_registered (' Ll_lasttime ')) { $ll _lasttime = $_session[' ll_lasttime '); $ll _times = $_session[' ll_times ') + 1; $_session[' ll_times '] = $ll _times; }else{ $ll _lasttime = $ll _nowtime; $ll _times = 1; $_session[' ll_times '] = $ll _times; $_session[' ll_lasttime '] = $ll _lasttime; } if (($ll _nowtime-$ll _lasttime) <3) { if ($ll _times>=5) { Header (sprintf ("Location:%s", ' http://127.0.0.1 ')); Exit } }else{ $ll _times = 0; $_session[' ll_lasttime '] = $ll _nowtime; $_session[' ll_times '] = $ll _times; }

One instance, I'm testing it myself.

Log analysis

[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:12] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:12] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:12] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:11] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:11] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:11] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:10] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:10] [Client 61.217.192.39]/index.php

Here's the PHP method: Save the following code as a PHP file, and then include the first line in your common.php file.

The code is as follows

Copy Code

/* * Anti-CC attack depressed to die, not die version. * * If the site refreshes more than 2 times per second, the delay is 5 seconds after the visit. */ $CC _min_nums = ' 1 '; Times, refresh times $CC _url_time = ' 5 '; seconds, delay time $CC _log = ' cc_log.txt '; Enable this behavior logging $CC _forward = ' http://localhost '; Release to URL //-------------------------------------------- Return URL $CC _uri = $_server[' Request_uri ']?$_server[' Request_uri ']:($_server[' php_self ']?$_server[' php_self ']:$_SERVER[' Script_name ']); $site _url = ' http://'. $_server [' Http_host ']. $CC _uri; Enable session if (!isset ($_session)) session_start (); $_session["Visiter"] = true; if ($_session["Visiter"] <> true) { echo ""; Header ("Location:". $CC _forward); Exit } $timestamp = time (); $CC _nowtime = $timestamp; if (session_is_registered (' Cc_lasttime ')) { $CC _lasttime = $_session[' cc_lasttime '); $CC _times = $_session[' cc_times ') + 1; $_session[' cc_times '] = $CC _times; }else{ $CC _lasttime = $CC _nowtime; $CC _times = 1; $_session[' cc_times '] = $CC _times; $_session[' cc_lasttime '] = $CC _lasttime; } Get real IP if (Isset ($_server)) { $real _ip = $_server[' http_x_forwarded_for '); }else{ $real _ip = getenv ("Http_x_forwarded_for"); } Print_r ($_session); //Release IP if (($cc _nowtime-$cc _lasttime) <=0) { if ($cc _times>= $cc _min_nums) { if (!empty ($CC _log)) cc _log (Get_ip (), $real _ip, $cc _log, $cc _uri); Generate Log echo "Wait Please, try again later!"; //printf (' Your refresh is too fast, please later. '); //header ("Location:". $CC _forward); Exit; } }else{ $cc _times = 0; $_session[' cc_lasttime '] = $cc _nowtime; $_session[' cc_times '] = $cc _times;< br>} //Record cc log function Cc_log ($client _ip, $real _ip, $cc _log, $cc _uri) { $temp _time = Date ("Y-m-d h:i:s", Time () + 360 0*8); $temp _result = "[". $temp _time. "] [Client ". $client _ip."] "; if ($real _ip) $temp _result. = "[real". $real _ip. "]"; $temp _result. = $cc _uri. "RN"; $handle = fopen ("$cc _log", "RB"), $oldcontent = Fread ($handle, FileSize ("$CC _log")), Fclose ($handle); br> $newcontent = $temp _result. $oldcontent; $fhandle =fopen ("$cc _log", "WB"), Fwrite ($fhandle, $newcontent , strlen ($newcontent)); Fclose ($fhandle); } Get online IP function Get_ip () { Global $_c; if (Empty ($_c[' client_ip ')) { if (getenv (' http_client_ip ') && strcasecmp (getenv (' http_client_ip '), ' unknown ') { $client _ip = getenv (' http_client_ip '); } elseif (getenv (' http_x_forwarded_for ') && strcasecmp (getenv (' http_x_forwarded_for '), ' unknown ') { $client _ip = getenv (' http_x_forwarded_for '); } elseif (getenv (' remote_addr ') && strcasecmp (getenv (' remote_addr '), ' unknown ') { $client _ip = getenv (' remote_addr '); } elseif (Isset ($_server[' remote_addr ") && $_server[' remote_addr '] && strcasecmp ($_server[' Remote_ ADDR '], ' unknown ') { $client _ip = $_server[' remote_addr '); } $_c[' client_ip ' = $client _ip? $client _ip: ' Unknown '; } Return $_c[' client_ip ']; } ?>

This can be prevented by the basic industries, but if the more advanced accounted for no way, you can try to use the relevant hardware fire strong to set.

http://www.bkjia.com/PHPjc/629601.html www.bkjia.com true http://www.bkjia.com/PHPjc/629601.html techarticle cc attack is the other side using the program or some agents on your site uninterrupted access, resulting in your website can not be processed and in the state of the machine, below we summarize some anti-CC attacks ...

