Php website anti-IP attack code, super practical. Today, I developed the following code, which is the first success. I intercepted 15 IP addresses a day and the server load was normal. Copy the code as follows :? Php query to prohibit IP $ ip $ _ SERVER [REMOTE_ADD today I developed the following code, which is the first success. I intercepted 15 IP addresses a day and the SERVER load is normal.
The code is as follows:
// Query the forbidden IP address
$ Ip = $ _ SERVER ['remote _ ADDR '];
$ Fileht = ". htaccess2 ";
If (! File_exists ($ fileht) file_put_contents ($ fileht ,"");
$ Filehtarr = @ file ($ fileht );
If (in_array ($ ip. "\ r \ n", $ filehtarr) die ("Warning :"."
"." Your IP address are forbided by some reason, IF you have any question Pls emill to shop@mydalle.com! ");
// Add a prohibited IP address
$ Time = time ();
$ Fileforbid = "log/forbidchk. dat ";
If (file_exists ($ fileforbid ))
{If ($ time-filemtime ($ fileforbid)> 60) unlink ($ fileforbid );
Else {
$ Fileforbidarr = @ file ($ fileforbid );
If ($ ip = substr ($ fileforbidarr [0], 0, strlen ($ ip )))
{
If ($ time-substr ($ fileforbidarr [1], 0, strlen ($ time)> 600) unlink ($ fileforbid );
Elseif ($ fileforbidarr [2]> 600) {file_put_contents ($ fileht, $ ip. "\ r \ n", FILE_APPEND); unlink ($ fileforbid );}
Else {$ fileforbidarr [2] ++; file_put_contents ($ fileforbid, $ fileforbidarr );}
}
}
}
// Anti-refresh
$ Str = "";
$ File = "log/ipdate. dat ";
If (! File_exists ("log ")&&! Is_dir ("log") mkdir ("log", 0777 );
If (! File_exists ($ file) file_put_contents ($ file ,"");
$ AllowTime = 120; // Anti-refresh time
$ AllowNum = 10; // number of anti-refresh attempts
$ Uri = $ _ SERVER ['request _ URI '];
$ Checkip = md5 ($ ip );
$ Checkuri = md5 ($ uri );
$ Yesno = true;
$ Ipdate = @ file ($ file );
Foreach ($ ipdate as $ k => $ v)
{$ Iptem = substr ($ v, 0, 32 );
$ Uritem = substr ($ v, 32, 32 );
$ Timetem = substr ($ v, 64, 10 );
$ Numtem = substr ($ v, 74 );
If ($ time-$ timetem <$ allowTime ){
If ($ iptem! = $ Checkip) $ str. = $ v;
Else {
$ Yesno = false;
If ($ uritem! = $ Checkuri) $ str. = $ iptem. $ checkuri. $ time. "1 \ r \ n ";
Elseif ($ numtem <$ allowNum) $ str. = $ iptem. $ uritem. $ timetem. ($ numtem + 1). "\ r \ n ";
Else
{
If (! File_exists ($ fileforbid) {$ addforbidarr = array ($ ip. "\ r \ n", time (). "\ r \ n", 1); file_put_contents ($ fileforbid, $ addforbidarr );}
File_put_contents ("log/forbided_ip.log", $ ip. "--". date ("Y-m-d H: I: s", time ()). "--". $ uri. "\ r \ n", FILE_APPEND );
$ Timepass = $ timetem + $ allowTime-$ time;
Die ("Warning :"."
"." Sorry, you are forbided by refreshing frequently too much, Pls wait for ". $ timepass." seconds to continue! ");
}
}
}
}
If ($ yesno) $ str. = $ checkip. $ checkuri. $ time. "1 \ r \ n ";
File_put_contents ($ file, $ str );
?>
Include the program into the header of the PHP file to be executed.
The program first checks whether the IP address is in the forbidden list. If yes, it exits;
Otherwise, if the IP address is in the monitoring list and you click more than 600 times in 10 minutes, the list will be added.
If the time and frequency are not exceeded, the number of times is increased by 1. at the same time, the monitored IP addresses perform frequent operations on the same page.
The program does not need to be judged by session because it is a machine with frequent flushing.
In addition, files cannot be exclusively processed during update.
An error occurs when you use a pseudo static storage IP address.
There is still room for change and improvement in this program. you can refer to the downgrade principle in QQ Farm. Basically, the farm is developed based on this principle.
Bytes. The code is as follows :? Php // query forbidden IP address $ ip = $ _ SERVER ['remote _ ADD...