Can php achieve this by only delaying the response to one user, but not to other users?

Source: Internet
Author: User
Tags connection reset
Because of the recent project suspicion that someone has been maliciously flushed, it is intended to delay his response if anyone is suspected of being flushed. However, the access speed of others should not be affected. As far as I know, php will open a thread for each request. for example, if there are 1000 access requests at the same time, the interface response is slow. I will use 999 of them... because of the recent project suspicion that someone has been maliciously flushed, it is intended to delay his response if anyone is suspected of being flushed. However, the access speed of others should not be affected. As far as I know, php will open a thread for each request. for example, if there are 1000 access requests at the same time, the interface response is slow, I used this delayed response method for 999 of them. is the remaining 1 request faster? Or the same speed?

At present, I only think of the sleep method. I don't know whether it is reliable...

I already have methods to identify users. what I want to know is how to delay this user's request.

A friend mentioned returning an http error code. this is acceptable, but I restrict the way to judge a user, mainly the ip address and his identification code. both of them can be changed at any time, in case of changing the ip address, he knows that he only imposes restrictions on his ip address. then, he only needs to use a dynamic ip address to change his ID at any time, and then he can continue to refresh my interface, the delayed return will be considered as a server being dragged down by him. if he is satisfied

Reply content:

Because of the recent project suspicion that someone has been maliciously flushed, it is intended to delay his response if anyone is suspected of being flushed. However, the access speed of others should not be affected. As far as I know, php will open a thread for each request. for example, if there are 1000 access requests at the same time, the interface response is slow, I used this delayed response method for 999 of them. is the remaining 1 request faster? Or the same speed?

At present, I only think of the sleep method. I don't know whether it is reliable...

I already have methods to identify users. what I want to know is how to delay this user's request.

A friend mentioned returning an http error code. this is acceptable, but I restrict the way to judge a user, mainly the ip address and his identification code. both of them can be changed at any time, in case of changing the ip address, he knows that he only imposes restrictions on his ip address. then, he only needs to use a dynamic ip address to change his ID at any time, and then he can continue to refresh my interface, the delayed return will be considered as a server being dragged down by him. if he is satisfied

Send an HTTP 104 Status Code (the legendary "connection reset ").

$Code = 104;$Text = 'connection reset by peer';http_response_code($Code);$Protocol = (isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1');header($Protocol . ' ' . $Code . ' ' . $Text);

Of course, it can be done by Nginx: send 444 (server timeout response) or 499 (client can't wait to actively close the connection): Judge the IP address andreturn 444;.

The sleep method is unreliable, and sleep will block the process. after sleep, it will not be able to provide services to other requests. There are so many php processes, and some blocking operations may affect the throughput. how can we sleep.
There is another problem with the delayed return scheme. since it is a malicious brush, he must be able to send multiple requests at the same time, the delayed return cannot fundamentally reduce the number of requests, this causes a server backlog of requests. If you use your own client or webpage, it is difficult to achieve "malicious 』.
There is also a way to delay the return, asynchronous return request, do not block the process anyway.
In summary, it is better to give him the 4xx method upstairs.

Do you know the ip address?

Limit access frequency

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.