How to use PHP to protect against CC attacks

How to use PHP to protect against CC attacks

The attacker uses a proxy server to generate a legitimate request to the victim host, implementing DOS, and pretending to be called: CC (CHALLENGECOLLAPSAR).

The principle of the CC attack is that the attacker controls that some hosts keep sending large packets of data to the other server, causing the server to run out of resources until the outage crashes. CC is mainly used to attack the page, everyone has the experience: when a page access to a particularly large number of times, the opening of the Web page is slow, CC is to simulate multiple users (how many threads is how many users) constantly access to those who need a lot of data operations (that is, the need for a lot of CPU time) page, resulting in a waste of server resources, the CPU for a long time at 100%, always have to handle the connection until the network congestion, normal access is aborted.

The so-called CC attack is the other side use the program or some agents to make uninterrupted access to your site, resulting in your site can not be processed and in the state of the machine. At such times your statistical system (probably quantum, Baidu, etc.) is not statistically. However, we can use some anti-attack software to achieve, but the effect is sometimes not obvious. Below Long Minhong provides a section of PHP code, can play a certain anti-CC effect.

Especially with the virtual host users, if the CPU overload will appear "service unariable" prompt. There are many factors about overloading, such as the unreasonable structure of web pages and the excessive flow of traffic. There is also a possible malicious factor, which is the CC attack.

Main function: in 3 seconds continuously refresh the page 5 times will point to the native http://127.0.0.1

The code is as follows:

$P _s_t = $t _array[0] + $t _array[1];
$timestamp = time ();

Session_Start ();
$ll _nowtime = $timestamp;
if (session_is_registered (' Ll_lasttime ')) {
$ll _lasttime = $_session[' ll_lasttime ');
$ll _times = $_session[' ll_times ') + 1;
$_session[' ll_times '] = $ll _times;
}else{
$ll _lasttime = $ll _nowtime;
$ll _times = 1;
$_session[' ll_times '] = $ll _times;
$_session[' ll_lasttime '] = $ll _lasttime;
}
if (($ll _nowtime-$ll _lasttime) <3) {
if ($ll _times>=5) {
Header (sprintf ("Location:%s", ' http://127.0.0.1 '));
Exit
}
}else{
$ll _times = 0;
$_session[' ll_lasttime '] = $ll _nowtime;
$_session[' ll_times '] = $ll _times;
}

3 indicates the time interval, 5 indicates the number of refreshes

The above code can be placed in each PHP file containing files, so that each page can play a anti-CC effect. The parameters can also be set according to your own situation.

