PHP anti-CC Attack Implementation code Summary _php tutorial

Source: Internet
Author: User
Tags sprintf
CC attack is the other side using the program or some agents on your site uninterrupted access, resulting in your site can not handle and in the state of the machine, below we summarize some anti-CC attack PHP instance code, you can refer to friends.

Example 1

The code is as follows Copy Code

Proxy IP Direct exit
Empty ($_server[' Http_via ')) or exit (' Access Denied ');
Prevent Quick refreshes
Session_Start ();
$seconds = ' 3 '; time period [s]
$refresh = ' 5 '; Number of refreshes
Setting up monitoring variables
$cur _time = time ();
if (Isset ($_session[' last_time ')) {
$_session[' refresh_times '] + = 1;
}else{
$_session[' refresh_times '] = 1;
$_session[' last_time '] = $cur _time;
}
Process monitoring Results
if ($cur _time-$_session[' last_time ') < $seconds) {
if ($_session[' refresh_times ' >= $refresh) {
Jump to attacker server address
Header (sprintf (' location:%s ', ' http://127.0.0.1 '));
Exit (' Access Denied ');
}
}else{
$_session[' refresh_times '] = 0;
$_session[' last_time '] = $cur _time;
}

Example Two

code as follows copy code

$P _s_t = $t _array[0] + $t _array[1];
$timestamp = time ();

Session_Start ();
$ll _nowtime = $timestamp;
if (session_is_registered (' Ll_lasttime ')) {
$ll _lasttime = $_session[' ll_lasttime ');
$ll _times = $_session[' ll_times ') + 1;
$_session[' ll_times '] = $ll _times;
}else{
$ll _lasttime = $ll _nowtime;
$ll _times = 1;
$_session[' ll_times '] = $ll _times;
$_session[' ll_lasttime '] = $ll _lasttime;
}
if (($ll _nowtime-$ll _lasttime) <3) {
if ($ll _times>=5) {
Header (sprintf ("Location:%s", ' http://127.0.0.1 '));
Exit
}
}else{
$ll _times = 0;
$_session[' ll_lasttime '] = $ll _nowtime;
$_session[' ll_times '] = $ll _times;
}

One instance, I'm testing it myself.

Log analysis

[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:13] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:12] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:12] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:12] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:11] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:11] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:11] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:10] [Client 61.217.192.39]/index.php
[2011-04-16 03:03:10] [Client 61.217.192.39]/index.php

Here's the PHP method: Save the following code as a PHP file, and then include the first line in your common.php file.

The code is as follows Copy Code

/*
* Anti-CC attack depressed to die, not die version.
*
* If the site refreshes more than 2 times per second, the delay is 5 seconds after the visit.
*/

$CC _min_nums = ' 1 '; Times, refresh times
$CC _url_time = ' 5 '; seconds, delay time
$CC _log = ' cc_log.txt '; Enable this behavior logging
$CC _forward = ' http://localhost '; Release to URL

//--------------------------------------------

Return URL
$CC _uri = $_server[' Request_uri ']?$_server[' Request_uri ']:($_server[' php_self ']?$_server[' php_self ']:$_SERVER[' Script_name ']);
$site _url = ' http://'. $_server [' Http_host ']. $CC _uri;

Enable session
if (!isset ($_session)) session_start ();
$_session["Visiter"] = true;
if ($_session["Visiter"] <> true) {
echo "";
Header ("Location:". $CC _forward);
Exit
}

$timestamp = time ();
$CC _nowtime = $timestamp;
if (session_is_registered (' Cc_lasttime ')) {
$CC _lasttime = $_session[' cc_lasttime ');
$CC _times = $_session[' cc_times ') + 1;
$_session[' cc_times '] = $CC _times;
}else{
$CC _lasttime = $CC _nowtime;
$CC _times = 1;
$_session[' cc_times '] = $CC _times;
$_session[' cc_lasttime '] = $CC _lasttime;
}

Get real IP
if (Isset ($_server)) {
$real _ip = $_server[' http_x_forwarded_for ');
}else{
$real _ip = getenv ("Http_x_forwarded_for");
}

Print_r ($_session);

//Release IP
if (($cc _nowtime-$cc _lasttime) <=0) {
if ($cc _times>= $cc _min_nums) {
if (!empty ($CC _log)) cc _log (Get_ip (), $real _ip, $cc _log, $cc _uri); Generate Log
echo "Wait Please, try again later!";
//printf (' Your refresh is too fast, please later. ');
//header ("Location:". $CC _forward);
Exit;
}
}else{
$cc _times = 0;
$_session[' cc_lasttime '] = $cc _nowtime;
$_session[' cc_times '] = $cc _times;< br>}

//Record cc log
function Cc_log ($client _ip, $real _ip, $cc _log, $cc _uri) {
$temp _time = Date ("Y-m-d h:i:s", Time () + 360 0*8);

$temp _result = "[". $temp _time. "] [Client ". $client _ip."] ";
if ($real _ip) $temp _result. = "[real". $real _ip. "]";
$temp _result. = $cc _uri. "RN";

$handle = fopen ("$cc _log", "RB"),
$oldcontent = Fread ($handle, FileSize ("$CC _log")),
Fclose ($handle); br>
$newcontent = $temp _result. $oldcontent;
$fhandle =fopen ("$cc _log", "WB"),
Fwrite ($fhandle, $newcontent , strlen ($newcontent));
Fclose ($fhandle);
}

Get online IP
function Get_ip () {
Global $_c;

if (Empty ($_c[' client_ip ')) {
if (getenv (' http_client_ip ') && strcasecmp (getenv (' http_client_ip '), ' unknown ') {
$client _ip = getenv (' http_client_ip ');
} elseif (getenv (' http_x_forwarded_for ') && strcasecmp (getenv (' http_x_forwarded_for '), ' unknown ') {
$client _ip = getenv (' http_x_forwarded_for ');
} elseif (getenv (' remote_addr ') && strcasecmp (getenv (' remote_addr '), ' unknown ') {
$client _ip = getenv (' remote_addr ');
} elseif (Isset ($_server[' remote_addr ") && $_server[' remote_addr '] && strcasecmp ($_server[' Remote_ ADDR '], ' unknown ') {
$client _ip = $_server[' remote_addr ');
}
$_c[' client_ip ' = $client _ip? $client _ip: ' Unknown ';
}
Return $_c[' client_ip '];
}
?>

This can be prevented by the basic industries, but if the more advanced accounted for no way, you can try to use the relevant hardware fire strong to set.

http://www.bkjia.com/PHPjc/629601.html www.bkjia.com true http://www.bkjia.com/PHPjc/629601.html techarticle cc attack is the other side using the program or some agents on your site uninterrupted access, resulting in your website can not be processed and in the state of the machine, below we summarize some anti-CC attacks ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.