Based on PHP to give you some tips on anti-brush ticket _php Example

Brush ticket behavior, has always been a difficult problem, can not fundamentally prevent.

But we can minimize the damage to the ticket, for example, by artificially increasing the logic limit.

Based on PHP, here are some tips for anti-brush tickets:

1. Using Curl for information forgery

$ch = Curl_init ();
curl_setopt ($ch, Curlopt_url, "http://localhost/2.php");
curl_setopt ($ch, Curlopt_httpheader, Array (' x-forwarded-for:8.8.8.8 ', ' client-ip:8.8.8.8 '));
curl_setopt ($ch, Curlopt_referer, "http://localhost/");
curl_setopt ($ch, Curlopt_header, 1);
curl_setopt ($ch, Curlopt_useragent, "mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.0) ");
$out = curl_exec ($ch);
Curl_close ($ch);

2, Verification code: Using a very complex verification code

The exact appearance of the verification code is not directed at the person, but on the machine. Through the complexity and identification of the difficulty of the control to block off part of the brush ticket machine, thereby reducing the occurrence of the brush ticket. But with the development of software technology, identification technology more and more verification code facing the advanced Brush ticket software has also lost its preventive role, but the professional brush ticket machine can be breached. If you do not have to verify the code, the vote is basically the rest of the dish, the verification code to get the way, using asynchronous loading, that is, click the input box, only to request, after the successful vote, delete the verification code Session

3. Limited time voting

For example: from 8 o'clock to 23 o'clock in the evening

4. Set the polling interval

After the user polls, how often does it take to continue to vote.

Many polling sites basically have this limitation, but there is no way to change the IP attack.

5. Poll results display: Delayed display, friendly display

On the page to vote, JS immediately add 1, but refresh the page, not necessarily immediately show the latest poll results, return status to the page (thank you for your vote!) or vote successfully! As to whether there was success, another said! ）

6, Deduction logic: Common in some software selection and other votes

It's a killer, backstage run. Script real-time monitoring of abnormal growth (brush ticket) items, and then implement the deduction logic
That is, for this item, 10 votes will be counted for one vote.

7, Cookies: common means. Relatively low

After the poll, the client writes a cookie, and the next poll determines whether the cookie exists
However, this approach is very easy to break because cookies can be deleted

8. Encryption option ID: Random encryption for the ID of some voting options

Encryption algorithm, add salt, and set the effective time, for example, within 5 minutes
Server-side decryption and validation

9, Nginx limit the number of links

Ngx_http_limit_conn_module
Ngx_http_limit_req_module
Nginx_limit_speed_module

Can use these three modules to limit, but this is not a good solution

10. Iptables Limit

/sbin/iptables-a input-p TCP--dport--syn-m recent--name webpool--rcheck--seconds--hitcount 10-j DROP
/sbin/iptables-a input-p TCP--dport--syn-m recent--name webpool--set-j ACCEPT
/sbin/iptables-t filter-a input-p tcp--dport--tcp-flags fin,syn,rst,ack syn-m connlimit--connlimit-above Ten--co Nnlimit-mask
32-j REJECT

Specific script

#!/bin/bash# date:2015-09-29# # author:cpz@erongtu.comshopt-s-o nounsetexport path=/usr/bin/:/biniptables_log= "/tmp /iptables_conf.log/sbin/iptables-a input-p TCP--dport--syn-m recent--name webpool--rcheck--seconds--hitcou NT 10-j drop/sbin/iptables-a input-p TCP--dport--syn-m recent--name webpool--set-j accept/sbin/iptables-t fil Ter-a input-p TCP--dport--tcp-flags fin,syn,rst,ack syn-m connlimit--connlimit-above--connlimit-mask 32-j RE Jectwhile [true]; Do  #sleep 1 for  IPs in ' Netstat-an | grep-i ': ' |grep ' estab ' | awk ' {print $} ' | cut-d:-F 1 | sort | uniq -C |  awk ' {if ($ > && $2!= "127.0.0.1") {print $}} ' do  /sbin/iptables-l-    n | grep $IP >/dev/null | | /sbin/iptables-a input-p TCP--dport 80-s $IP-j drop    echo "/sbin/iptables-a input-p tcp-s $IP-j Drop" >> ; ${iptables_log}  Donedone

The above is a small part to introduce you to the PHP based on the anti-brush tickets for some of the skills, I hope you like.

