Home > Backend Development > PHP Tutorial > Website anti-IP attack code under PHP, super practical_PHP tutorial

Website anti-IP attack code under PHP, super practical_PHP tutorial

WBOY
Release: 2016-07-21 15:34:11
Original
961 people have browsed it

Today I developed the following code, which is considered a success. I intercepted 15 IPs in one day and the server load was normal.

Copy code The code is as follows:

//Query banned IP
$ip = $_SERVER['REMOTE_ADDR'];
$fileht=".htaccess2";
if(!file_exists($fileht))file_put_contents($fileht,"");
$filehtarr=@file($ fileht);
if(in_array($ip."rn",$filehtarr))die("Warning:"."
"."Your IP address are forbided by some reason, IF you have any question Pls emill to shop@mydalle.com!");

//Add banned IP
$time=time();
$fileforbid="log/forbidchk.dat";
if(file_exists($fileforbid))
{ if($time-filemtime($fileforbid)>60)unlink($fileforbid);
else{
$fileforbidarr=@file($fileforbid);
if($ip==substr($fileforbidarr[0],0,strlen($ip)))
{
if($time-substr($fileforbidarr[1],0,strlen( $time))>600)unlink($fileforbid);
elseif($fileforbidarr[2]>600){file_put_contents($fileht,$ip."rn",FILE_APPEND);unlink($fileforbid); }
else{$fileforbidarr[2]++;file_put_contents($fileforbid,$fileforbidarr);}
}
}
}
//Anti-refresh
$str=" ";
$file="log/ipdate.dat";
if(!file_exists("log")&&!is_dir("log"))mkdir("log",0777);
if (!file_exists($file))file_put_contents($file,"");
$allowTime = 120;//anti-refresh time
$allowNum=10;//anti-refresh times
$uri=$ _SERVER['REQUEST_URI'];
$checkip=md5($ip);
$checkuri=md5($uri);
$yesno=true;
$ipdate=@file($file );
foreach($ipdate as $k=>$v)
{ $iptem=substr($v,0,32);
$uritem=substr($v,32,32) ;
$timetem=substr($v,64,10);
$numtem=substr($v,74);
if($time-$timetem<$allowTime){
if ($iptem!=$checkip)$str.=$v;
else{
$yesno=false;
if($uritem!=$checkuri)$str.=$iptem.$checkuri. $time."1rn";
elseif($numtem<$allowNum)$str.=$iptem.$uritem.$timetem.($numtem+1)."rn";
else
{
if(!file_exists($fileforbid)){$addforbidarr=array($ip."rn",time()."rn",1);file_put_contents($fileforbid,$addforbidarr);}
file_put_contents ("log/forbided_ip.log",$ip."--".date("Y-m-d H:i:s",time())."--".$uri."rn",FILE_APPEND);
$timepass=$timetem+$allowTime-$time;
die("Warning:"."
"."Sorry, you are forbided by refreshing frequently too much, Pls wait for ".$timepass." seconds to continue!");
}
}
}
}
if($yesno) $str.=$checkip.$checkuri.$time."1rn";
file_put_contents($file,$str);
?>

Include the program into the head of the php file to be processed.
The program first determines whether the IP is in the banned list, and exits if it is;
Otherwise, if the IP is in the monitoring list and clicks more than 600 times within 10 minutes, it will be added to the banned list.
If the time and number of times are not exceeded, the number will be increased by 1. At the same time, monitor whether the IP frequently operates on the same page.
Since it is a machine flash, the program does not need to judge the session.
Also, when updating, files cannot be processed exclusively.
Using pseudo-static storage IP will also cause errors.
This program still has room for change and improvement. You can also refer to the downgrading principle in QQ Farm. Basically, the farm is also developed according to this principle.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/322504.htmlTechArticleToday I developed the following code, which is considered a success. I intercepted 15 IPs in one day and the server load was normal. Copy the code The code is as follows: ?php //Query banned IP $ip =$_SERVER['REMOTE_ADD...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template