Shielding proxy servers in website security attacks and defense
Shielding proxy servers in website security attacks and defense
Website security has always been an important topic. I have written code for shielding proxy servers against network attacks:
1. Write a webpage request class:
using System;using System.Collections.Generic;using System.IO;using System.Linq;using System.Net;using System.Text;using System.Threading;using System.Threading.Tasks;namespace ConsoleApplication1{ public class WebRequestUtil { public static string responseBody = string.Empty; public static bool GetWeb(string uri, string proxyAddress = "", int proxyPort = 0) { string serverUri = string.Format(uri); ////set limit for supporting 200 connection ServicePointManager.DefaultConnectionLimit = 1000; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(serverUri); if (!string.IsNullOrEmpty(proxyAddress)) { WebProxy myproxy = new WebProxy(proxyAddress, proxyPort); request.Proxy = myproxy; } ////extend timeout for decrease request timeout re-trying times request.Timeout = 60 * 1000; request.Method = @"GET"; UTF8Encoding encoding = new UTF8Encoding(); request.Headers.Set("Cache-Control", @"no-cache"); request.UserAgent = "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)"; try { HttpWebResponse response = (HttpWebResponse)request.GetResponse(); bool isSent = false; int retryCount = 0; string errorStr = string.Empty; while (!isSent && retryCount <= 2) { retryCount++; try { using (StreamReader stream = new StreamReader(response.GetResponseStream(), Encoding.UTF8)) { responseBody = stream.ReadToEnd(); } isSent = true; } catch (Exception exc) { if (!errorStr.Contains(exc.ToString())) { errorStr += exc.ToString(); } ////Re-try when operation timeout if (!exc.ToString().Contains("The operation has timed out")) { LogError(exc.ToString()); } Thread.Sleep(1000); } } if (retryCount > 100) { string err = string.Format("request.GetRequestStream try 100 times and timeout! detail error: {0}", errorStr); LogError(err); return false; } ////need to close or abort request for each call to fix timeout issue, otherwise it will fail when the 3rd call! if (request != null) { request.Abort(); } if (response.StatusCode != HttpStatusCode.OK) { string err = string.Format("Failed, error:{1}", response.ToString()); LogError(err); return false; } if (response != null) { response.Close(); } } catch (Exception exc) { LogError(exc.ToString()); return false; } return true; } public static void LogError(string content) { File.AppendAllText("log.log", "ERROR: " + content + Environment.NewLine); } }}
2. Collection proxy server code:
using System;using System.Collections.Generic;using System.Linq;using System.Net;using System.Reflection;using System.Text;using System.Threading.Tasks;using Microsoft.ServiceBus;using Microsoft.ServiceBus.Messaging;using System.Threading;using System.IO;using System.Text.RegularExpressions;namespace ConsoleApplication1{ class Program { static int FailCount = 0; static int TotalCount = 0; const string IPRegex = @"(\d{1,3}\.){3}\d{1,3}</td><td>\d{1,4}"; static void Main() { DateTime startTime = DateTime.Now; //int i = 0; //while (DateTime.Now < startTime.AddMinutes(5)) { //WriteLog("Try " + i++ + "th round! Begin" + DateTime.Now.ToString()); //WebRequestUtil.GetWeb(@"http://edu.laliyun.com/test.php", "147.47.106.36", 1920); //File.AppendAllText(@"test.txt", WebRequestUtil.responseBody, Encoding.UTF8); string url = @"http://proxy.com.ru/gaoni/list_{0}.html"; for (int i = 1; i <= 63; i++) { WebRequestUtil.GetWeb(string.Format(url, i)); string sourceString = WebRequestUtil.responseBody; string IPs = string.Empty; var matches = Regex.Matches(sourceString, IPRegex); if (matches.Count > 0) { foreach (var m in matches) { string ip = m.ToString().Replace("</td><td>", "#").Split('#')[0]; IPs += ip + Environment.NewLine; } } File.AppendAllText(@"blacklist.txt", IPs, Encoding.UTF8); Console.WriteLine("Done " + i.ToString() + " page."); } //Test2(1); //WriteLog("Total:" + TotalCount); //WriteLog("Fail:" + FailCount); //WriteLog("Try " + i++ + "th round! End" + DateTime.Now.ToString()); } Console.WriteLine("Please press any key to end of this program!\r\n"); Console.ReadKey(); } static void WriteTotalLog(string message) { //WriteLog(message, @"C:\TotalLog.txt"); } static void WriteLog(string message, string path = @"C:\Test\Test#log.txt") { message = "ThreadId:" + Thread.CurrentThread.ManagedThreadId + "," + message + Environment.NewLine; File.AppendAllText(path.Replace("#", Thread.CurrentThread.ManagedThreadId.ToString()), message); } static void WriteErrorLog(string message) { WriteLog(message, @"C:\TestError" + Thread.CurrentThread.ManagedThreadId + "log.txt"); }
3. multi-thread attack server code:
static void Test2(int numThreads) { ManualResetEvent resetEvent = new ManualResetEvent(false); int toProcess = numThreads; // Start workers. for (int i = 0; i < numThreads; i++) { new Thread(delegate() { test(); //Console.WriteLine(Thread.CurrentThread.ManagedThreadId); // If we're the last thread, signal if (Interlocked.Decrement(ref toProcess) == 0) resetEvent.Set(); }).Start(); } // Wait for workers. resetEvent.WaitOne(); WriteTotalLog("Done all!"); } static void test() { TotalCount++; try { WebRequestUtil.GetWeb(@"http://1111.ip138.com/ic.asp", "219.239.236.49", 8888); File.AppendAllText(@"response.html", WebRequestUtil.responseBody, Encoding.UTF8); Console.WriteLine(Thread.CurrentThread.ManagedThreadId + "pass"); } catch (Exception exc2) { FailCount++; WriteErrorLog("Error:" + exc2.ToString()); } } }}
4. Php web page shielding proxy server code:
<? Php $ page = file_get_contents ("blacklist.txt"); if (! Empty ($ _ SERVER ['HTTP _ CLIENT_IP ']) {// check ip from share internet $ ip =$ _ SERVER ['HTTP _ CLIENT_IP'];} else if (! Empty ($ _ SERVER ['HTTP _ X_FORWARDED_FOR ']) {// to check ip is pass from proxy $ ip =$ _ SERVER ['HTTP _ X_FORWARDED_FOR'];} else {$ ip = $ _ SERVER ['remote _ ADDR '];} echo $ ip; if (strpos ($ page, $ ip )! = False) echo "you are using a proxy to browse our website. Sorry, this site blocked the proxy for security reasons. Please use a non-proxy to browse. Thank you! "; Elseecho" normal logic of execution program ";?>
DEMO code: http://edu.laliyun.com/test.php