Php website anti-IP attack code, super practical _ PHP Tutorial

Source: Internet
Author: User
Tags php website
Php website anti-IP attack code, super practical. Today, I developed the following code, which is the first success. I intercepted 15 IP addresses a day and the server load was normal. Copy the code as follows :? Php query to prohibit IP $ ip $ _ SERVER [REMOTE_ADD today I developed the following code, which is the first success. I intercepted 15 IP addresses a day and the SERVER load is normal.

The code is as follows:


// Query the forbidden IP address
$ Ip = $ _ SERVER ['remote _ ADDR '];
$ Fileht = ". htaccess2 ";
If (! File_exists ($ fileht) file_put_contents ($ fileht ,"");
$ Filehtarr = @ file ($ fileht );
If (in_array ($ ip. "\ r \ n", $ filehtarr) die ("Warning :"."
"." Your IP address are forbided by some reason, IF you have any question Pls emill to shop@mydalle.com! ");

// Add a prohibited IP address
$ Time = time ();
$ Fileforbid = "log/forbidchk. dat ";
If (file_exists ($ fileforbid ))
{If ($ time-filemtime ($ fileforbid)> 60) unlink ($ fileforbid );
Else {
$ Fileforbidarr = @ file ($ fileforbid );
If ($ ip = substr ($ fileforbidarr [0], 0, strlen ($ ip )))
{
If ($ time-substr ($ fileforbidarr [1], 0, strlen ($ time)> 600) unlink ($ fileforbid );
Elseif ($ fileforbidarr [2]> 600) {file_put_contents ($ fileht, $ ip. "\ r \ n", FILE_APPEND); unlink ($ fileforbid );}
Else {$ fileforbidarr [2] ++; file_put_contents ($ fileforbid, $ fileforbidarr );}
}
}
}
// Anti-refresh
$ Str = "";
$ File = "log/ipdate. dat ";
If (! File_exists ("log ")&&! Is_dir ("log") mkdir ("log", 0777 );
If (! File_exists ($ file) file_put_contents ($ file ,"");
$ AllowTime = 120; // Anti-refresh time
$ AllowNum = 10; // number of anti-refresh attempts
$ Uri = $ _ SERVER ['request _ URI '];
$ Checkip = md5 ($ ip );
$ Checkuri = md5 ($ uri );
$ Yesno = true;
$ Ipdate = @ file ($ file );
Foreach ($ ipdate as $ k => $ v)
{$ Iptem = substr ($ v, 0, 32 );
$ Uritem = substr ($ v, 32, 32 );
$ Timetem = substr ($ v, 64, 10 );
$ Numtem = substr ($ v, 74 );
If ($ time-$ timetem <$ allowTime ){
If ($ iptem! = $ Checkip) $ str. = $ v;
Else {
$ Yesno = false;
If ($ uritem! = $ Checkuri) $ str. = $ iptem. $ checkuri. $ time. "1 \ r \ n ";
Elseif ($ numtem <$ allowNum) $ str. = $ iptem. $ uritem. $ timetem. ($ numtem + 1). "\ r \ n ";
Else
{
If (! File_exists ($ fileforbid) {$ addforbidarr = array ($ ip. "\ r \ n", time (). "\ r \ n", 1); file_put_contents ($ fileforbid, $ addforbidarr );}
File_put_contents ("log/forbided_ip.log", $ ip. "--". date ("Y-m-d H: I: s", time ()). "--". $ uri. "\ r \ n", FILE_APPEND );
$ Timepass = $ timetem + $ allowTime-$ time;
Die ("Warning :"."
"." Sorry, you are forbided by refreshing frequently too much, Pls wait for ". $ timepass." seconds to continue! ");
}
}
}
}
If ($ yesno) $ str. = $ checkip. $ checkuri. $ time. "1 \ r \ n ";
File_put_contents ($ file, $ str );
?>


Include the program into the header of the PHP file to be executed.
The program first checks whether the IP address is in the forbidden list. If yes, it exits;
Otherwise, if the IP address is in the monitoring list and you click more than 600 times in 10 minutes, the list will be added.
If the time and frequency are not exceeded, the number of times is increased by 1. at the same time, the monitored IP addresses perform frequent operations on the same page.
The program does not need to be judged by session because it is a machine with frequent flushing.
In addition, files cannot be exclusively processed during update.
An error occurs when you use a pseudo static storage IP address.
There is still room for change and improvement in this program. you can refer to the downgrade principle in QQ Farm. Basically, the farm is developed based on this principle.

Bytes. The code is as follows :? Php // query forbidden IP address $ ip = $ _ SERVER ['remote _ ADD...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.