The strategy method of WordPress anti-CC class malicious attack under LNMP environment

Source: Internet
Author: User

Since the beginning of last month, the blog's WordPress site, often suffer from all kinds of unknown attacks, performance for the same IP address, in a short period of time to a certain page or a picture to visit, began to think that it is their own articles were reprinted, others of the site was CC attack, but later through the Web site log found, Not so, a large number of IP, in different time period suddenly hit, all of a sudden CPU occupy to 100%, there is no way, from Baidu found a piece of code, together to see this method.

This, if your WordPress site has not been attacked, do not operate. Because this piece of code obviously has an impact on the speed of the site.

First take a look at the tribal site after the attack, Aliyun SMS notification,:

This is not an attack every moment, but only in our casual time will initiate, and often change IP, people quite headache.

Tribe from the site to find a section of the blog before the code, I believe there are many people in use, the tribe is just the operation.

A method of WordPress anti-CC class malicious attack

Take a look at this method, the effect of words, now the tribe also said not clear, a few days to feedback it.

1. First, we create a new forbiddencc.php file that includes the following:

The code is as follows Copy Code

<?php
Session_Start ();//Open session
$timestamp = time ();
$ll _nowtime = $timestamp;
//To determine if the session exists if there is a value from the session if there is no initialization assignment
if ($_session) {
  $ll _lasttime = $_session[' Ll_lasttime ' ];
  $ll _times = $_session[' ll_times '] + 1;
  $_session[' ll_times ' = $ll _times;
}else{
  $ll _lasttime = $ll _nowtime;
  $ll _times = 1;
  $_session[' ll_times ' = $ll _times;
  $_session[' ll_lasttime ' = $ll _lasttime;
}
//Now time-start logon time to determine if the login is frequently jump otherwise assign the session to
if (($ll _nowtime-$ll _lasttime) < 3) {
  if ($ll _ times>=5) {
Header ("location:http://127.0.0.1");
  Exit;
 }
}else{
  $ll _times = 0;
  $_session[' ll_lasttime ' = $ll _nowtime;
  $_session[' ll_times ' = $ll _times;
}

Then call it in this file in the header,php of your current topic. Here the tribe to hint, this call must be out of the front, otherwise there will be an error.

The code is as follows Copy Code
<?php include (' includes/forbiddencc.php ');?>

That is, it appears in front of the DOCTYPE HTML.

To illustrate, the main role of this code is to verify the frequent refresh, if frequent refresh, then exit the current page, wait 2 seconds to continue access.

In this way, we can kill those unscrupulous low-level other cc attacks, but everything has its two sides, this method is the same, it will affect the loading speed of the page. Of course, the tribe has not found any other negative effects at the moment.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.