Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Php Anti-DDos code
#1
Well i have this in my forums, i got it a while back off the internet somewhere.
Code:
<?php

/*
CHMOD /iplog/ to 777
Create and CHMOD /iplog/iplogfile.dat to 666
add the following line in any important .php file in the same directory as your anti_dos.php file so it can check IPs when that file is loaded, best example is index.php if you have it.
include("anti_dos.php"); //anti-DoS, prevents rapid accessing

if you have a known cookie on your site,
you can use this, otherwise just ignore this, it will set a different limit
for people with this cookie

I use yourothercookie as the cookie ID for the forum, my forum uses ID
greater than 0 for all members and -1 for guests and members who have logged out,
so making it match greater than zero means members will get better access and
guests with or without cookies won't

Also I use these cookies in the "flood alert" emails to make sure an important user didn't get banned. Someone could fake a cookie, so always be suspicious. Tez
*/
$cookie = $_COOKIE['yourcookie'];
$othercookie = $_COOKIE['yourothercookie'];


if($cookie && $othercookie > 0) $iptime = 20;  // Minimum number of seconds between visits for users with certain cookie
else $iptime = 10; // Minimum number of seconds between visits for everyone else


$ippenalty = 60; // Seconds before visitor is allowed back


if($cookie && $othercookie > 0)$ipmaxvisit = 30; // Maximum visits, per $iptime segment
else $ipmaxvisit = 20; // Maximum visits per $iptime segment


$iplogdir = "./iplog/";
$iplogfile = "iplog.dat";

$ipfile = substr(md5($_SERVER["REMOTE_ADDR"]), -2);
$oldtime = 0;
if (file_exists($iplogdir.$ipfile)) $oldtime = filemtime($iplogdir.$ipfile);

$time = time();
if ($oldtime < $time) $oldtime = $time;
$newtime = $oldtime + $iptime;

if ($newtime >= $time + $iptime*$ipmaxvisit)
{
touch($iplogdir.$ipfile, $time + $iptime*($ipmaxvisit-1) + $ippenalty);
$oldref = $_SERVER['HTTP_REFERER'];
header("HTTP/1.0 503 Service Temporarily Unavailable");
header("Connection: close");
header("Content-Type: text/html");
echo "<html><body bgcolor=#999999 text=#ffffff link=#ffff00>
<font face='Verdana, Arial'><p><b>
<h1>Temporary Access Denial</h1>Too many quick page views by your IP address (more than ".$ipmaxvisit." visits within ".$iptime." seconds).</b>
";
echo "<br />Please wait ".$ippenalty." seconds and reload.</p></font></body></html>";
touch($iplogdir.$iplogfile); //create if not existing
$fp = fopen($iplogdir.$iplogfile, "a");
$yourdomain = $_SERVER['HTTP_HOST'];
    if ($fp)
    {
    $useragent = "<unknown user agent>";
    if (isset($_SERVER["HTTP_USER_AGENT"])) $useragent = $_SERVER["HTTP_USER_AGENT"];
    fputs($fp, $_SERVER["REMOTE_ADDR"]." ".date("d/m/Y H:i:s")." ".$useragent."\n");
    fclose($fp);
    $yourdomain = $_SERVER['HTTP_HOST'];
    
    //the @ symbol before @mail means 'supress errors' so you wont see errors on the page if email fails.
if($_SESSION['reportedflood'] < 1 && ($newtime < $time + $iptime + $iptime*$ipmaxvisit))
    @mail('flood_alert@'.$yourdomain, 'site flooded by '.$cookie.' '
    .$_SERVER['REMOTE_ADDR'],'http://'.$yourdomain.' rapid website access flood occured and ban for IP '.$_SERVER['REMOTE_ADDR'].' at http://'.$yourdomain.$_SERVER['REQUEST_URI'].' from '.$oldref.' agent '.$_SERVER['HTTP_USER_AGENT'].' '
    .$cookie.' '.$othercookie, "From: ".$yourdomain."\n");
    $_SESSION['reportedflood'] = 1;
    }
    exit();
}
else $_SESSION['reportedflood'] = 0;

//echo("loaded ".$cookie.$iplogdir.$iplogfile.$ipfile.$newtime);
touch($iplogdir.$ipfile, $newtime); //this just updates the IP file access date or creates a new file if it doesn't exist in /iplog
?>
#2
Sorry, what is to stop them removing the cookie?
#3
Hm, I wasn't aware that it was possible to do such a thing in PHP.

Good find.
I have been studying the traits and dispositions of the "lower animals" (so called) and contrasting them with the traits and dispositions of man. I find the result humiliating to me.
--Mark Twain
#4
Will this prevent a large attack? Looks like it will only work on smaller attacks.
#5
I haven't tested it with a large attack yet.
#6
(02-22-2010, 03:12 PM)ßeowulf Wrote: Hm, I wasn't aware that it was possible to do such a thing in PHP.

Good find.

It's not. The fact that you run a script is a severe problem. Apache will stop working easy from this script and you can also create filesystem issues.

Don't use this script. It won't effective against any DDOS attack that it's meant to prevent.

This could be rewritten though to instead write to htaccess a deny line. Which would be more effective.
Superman I am here to rescue you.
This is Support Forums not Support PMs.  Do not PM me for support unless it's private and site related.
#7
Yes Yes Yes
But what if your computer is attacked by a beaver or worse? how will that script help then? hmmmmmmm

I ask you this with confidence in your response
#8
Ben, your going to get banned extremely quickly.
#9
dude i have +4 rep

they love me.....
and why would i get banned. not as if its a headless woman as my sig
#10
(02-22-2010, 10:15 PM)Omniscient Wrote: It's not. The fact that you run a script is a severe problem. Apache will stop working easy from this script and you can also create filesystem issues.

Don't use this script. It won't effective against any DDOS attack that it's meant to prevent.

This could be rewritten though to instead write to htaccess a deny line. Which would be more effective.
Alright thanks for that Omni,i am having this closed because i don't want to give a bad script.


Possibly Related Threads…
Thread Author Replies Views Last Post
  PHP Framework List: An Ultimate Guide to 102 PHP Frameworks for Web Developers tk-hassan 0 943 07-27-2020, 11:26 PM
Last Post: tk-hassan
  PHP Video Tutorials (PHP For Beginners) Eleqtriq 4 3,671 10-10-2011, 01:00 PM
Last Post: Greyersting
  How to write good php code [Must Read] BannedPoop 19 6,501 08-30-2011, 08:28 AM
Last Post: Slash
  [CODE] Update Twitter using cURL and PHP Jamza 4 2,291 02-23-2011, 12:07 AM
Last Post: sup_hlw
  Debugging your PHP code Gaijin 4 2,188 10-11-2009, 12:14 AM
Last Post: Gaijin

Forum Jump:


Users browsing this thread: 2 Guest(s)