Based on PHP, I would like to explain some tips for anti-ticket farming _ php instances

Ticket scalping has always been a problem and cannot be fundamentally solved. Currently, the best solution is to manually add logical restrictions, the following describes some tips for anti-ticket farming based on PHP. It has always been a problem and cannot be fundamentally prevented.

However, we can minimize the damage caused by ticket scalping. For example, we can use the logic limitations that are manually added.

Based on PHP, the following describes some anti-ticket farming techniques:

1. Use CURL for information forgery

$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "http: // localhost/2.php ");
Curl_setopt ($ ch, CURLOPT_HTTPHEADER, array ('x-FORWARDED-FOR: 8.8.8.8 ', 'client-IP: 8.8.8.8 '));
Curl_setopt ($ ch, CURLOPT_REFERER, "http: // localhost /");
Curl_setopt ($ ch, CURLOPT_HEADER, 1 );
Curl_setopt ($ ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.0 )");
$ Out = curl_exec ($ ch );
Curl_close ($ ch );

2. Verification Code: Use a very complex verification code

Specifically, the appearance of the verification code is not for humans, but for machines. By controlling the complexity and difficulty of recognition, part of the ticket refresh machine is blocked to reduce the number of ticket refresh. However, with the development of software technology and recognition technology, more and more verification codes face advanced ticketing software, which also loses its defense function. However, professional ticketing machines can be cracked. If you do not need a verification code, the voting is basically closed. The method for obtaining the verification code is asynchronously loaded, that is, when you click the input box, the request is sent. After the voting is successful, the verification code Session is deleted.

3. limited-time voting

For example, from AM to AM

4. Set the voting Interval

After the user votes, it will take several minutes to continue.

Many voting sites basically have this restriction, but there is no way to change the IP address.

5. display of voting results: delayed display and friendly display

Vote on the page. JS immediately adds 1, but refreshing the page does not necessarily immediately display the latest voting results and returns the status to the page (Thank you for your vote! Or the vote is successful! As to whether it is successful, let's talk about it !)

6. Deduction logic: it is common in voting for some software selections.

This is a killer. The script runs in the background to monitor abnormal growth (fake tickets) in real time, and then implements the deduction logic.
That is, for this item, 10 votes are considered as one vote.

7. Cookie: a common method. Relatively low

After voting, write the Cookie on the client and determine whether the Cookie exists in the next voting.
However, this method is very easy to crack because cookies can be deleted.

8. encryption option ID: performs random encryption on the ID of some voting options.

Encryption Algorithm, add Salt, and set the effective time, for example, within 5 minutes
Decrypt and verify on the server

9. nginx limit on the number of links

Ngx_http_limit_conn_module
Ngx_http_limit_req_module
Nginx_limit_speed_module

These three modules can be used to limit, but this is not a good solution.

10. iptables restrictions

/Sbin/iptables-a input-p tcp -- dport 80 -- syn-m recent -- name webpool -- rcheck -- seconds 60 -- hitcount 10-j DROP
/Sbin/iptables-a input-p tcp -- dport 80 -- syn-m recent -- name webpool -- set-j ACCEPT
/Sbin/iptables-t filter-a input-p tcp -- dport 80 -- tcp-flags FIN, SYN, RST, ack syn-m connlimit -- connlimit-above 10 -- connlimit-mask
32-j REJECT

Script

#!/bin/bash# Date: 2015-09-29# # Author: cpz@erongtu.comshopt -s -o nounsetexport PATH=/usr/bin/:/biniptables_log="/tmp/iptables_conf.log"/sbin/iptables -A INPUT -p tcp --dport 80 --syn -m recent --name webpool --rcheck --seconds 60 --hitcount 10 -j DROP/sbin/iptables -A INPUT -p tcp --dport 80 --syn -m recent --name webpool --set -j ACCEPT/sbin/iptables -t filter -A INPUT -p tcp --dport 80 --tcp-flags FIN,SYN,RST,ACK SYN -m connlimit --connlimit-above 10 --connlimit-mask 32 -j REJECTwhile [ true ]; do  #sleep 1  for IP in `netstat -an | grep -i ':80 '|grep 'ESTAB' | awk '{print $5}' | cut -d : -f 1 | sort | uniq -c | awk '{if($1 > 30 && $2!="127.0.0.1" ) {print $2}}'`  do    /sbin/iptables -L -n | grep $IP >/dev/null || /sbin/iptables -A INPUT -p tcp --dport 80 -s $IP -j DROP    echo "/sbin/iptables -A INPUT -p tcp -s $IP -j DROP" >> ${iptables_log}  donedone

The above content is a small series to introduce you to some tips on Anti-ticket farming based on PHP. I hope you will like it.