PHP prevents the site from being attacked by the emergency code, PHP Prevent emergency Code _php tutorial

PHP prevents the site from being attacked by emergency code, PHP prevents emergency code

Not long ago a website was attacked, the database was brushed off, fortunately the client machine has a database backup. In the face of such serious problems, we must seize the loopholes and prevent them from being attacked again. After all aspects of the inspection found that in addition to the server needs to be set up correctly, others can not start, but from the IP address to solve the problem of this attack.

If you find that an IP access site is too frequent to join the blacklist to prohibit access, this is not a good way, but the feeling of desperation to a better solution, is only a stopgap measure, and then in-depth study.

This approach is summed up in one sentence: prevent websites from being attacked by banning frequent IP access .

<?php header (' content-type:text/html; Charset=utf-8 '); $ip =$_server[' remote_addr '];//get the current visitor's IP $logFilePath = './log/';//log record file save directory $fileht = '. Htaccess2 ';//Forbidden IP record file $ allowtime=60;//anti-refresh time $allownum =5;//anti-refresh Count $allowRefresh =120;//Add a forbidden IP file to the IF (!file_exists ($fileht)) {File_ After the number of times the refresh is allowed) Put_contents ($fileht, "); } $filehtarr = @file ($fileht); if (In_array ($ip. " \ r \ n ", $filehtarr)) {exit (' Warning: Your IP has been banned! '); }//Join the Forbidden IP $time =time (); $fileforbid = $logFilePath. ' Forbidchk.dat ';   if (file_exists ($fileforbid)) {if ($time-filemtime ($fileforbid) >30) {@unlink ($fileforbid);     }else{$fileforbidarr = @file ($fileforbid);         if ($ip ==substr ($fileforbidarr [0],0,strlen ($IP))) {if ($time-substr ($fileforbidarr [1],0,strlen ($time)) >120) {       @unlink ($fileforbid); }else if ($fileforbidarr [2]> $allowRefresh) {file_put_contents ($fileht, $ip. "         \ r \ n ", file_append);       @unlink ($fileforbid);         }else{$fileforbidarr [2]++; File_put_contents ($fileforbid, $fileforbidarR); }}}}//anti-refresh $str = '; $file = $logFilePath. ' Ipdate.dat '; if (!file_exists ($logFilePath) &&!is_dir ($logFilePath)) {mkdir ($logFilePath, 0777);} if (!file_exists ($file) {file_put_contents ($file, ')} $uri =$_server[' Request_uri '];//get the address of the currently visited Web page file $checkip =md5 ($IP); $checkuri =md5 ($uri); $yesno =true; $ipdate = @file ($file);   foreach ($ipdate as $k = + $v) {$iptem =substr ($v, 0,32);   $uritem =substr ($v, 32,32);   $timetem =substr ($v, 64,10);   $numtem =substr ($v, 74);     if ($time-$timetem < $allowtime) {if ($iptem! = $checkip) {$str. = $v;       }else{$yesno =false; if ($uritem! = $checkuri) {$str. = $iptem. $checkuri. $time. "       \ r \ n "; }else if ($numtem < $allownum) {$str. = $iptem. $uritem. $timetem. ( $numtem + 1). "       \ r \ n "; } else{if (!file_exists ($fileforbid)) {$addforbidarr =array ($ip. " \ r \ n ", Time ()."           \ r \ n ", 1);         File_put_contents ($fileforbid, $addforbidarr); } file_put_contents ($logFilePath. ' Forbided_ip.loG ', $ip. '--'. Date (' y-m-d h:i:s ', Time ()). ' --'. $uri. '         \ r \ n ", file_append);         $timepass = $timetem + $allowtime-$time; Exit (' Warning: Do not refresh too often!       '); }}}} if ($yesno) {$str. = $checkip. $checkuri. $time. " \ r \ n ";  } file_put_contents ($file, $STR);

The above is the whole content of this article, I hope to learn from you to help.

http://www.bkjia.com/PHPjc/1063218.html www.bkjia.com true http://www.bkjia.com/PHPjc/1063218.html techarticle PHP to prevent the site is attacked by the emergency code, PHP to prevent the emergency code shortly before a website was attacked, the database was brushed off, fortunately the customer machine has a database backup. Meet so strict ...

