search

Home  >  Article  >  php教程  >  The function of automatically blocking the other party's IP when being attacked by CC or DDOS

The function of automatically blocking the other party's IP when being attacked by CC or DDOS

大家讲道理
大家讲道理Original
2016-11-09 09:25:071283browse

This function is used to count how many times each visitor has visited in a short period of time. If the number of visits exceeds the limit, it returns TRUE. After that, you can use PHP to call linux's iptables to perform the blocking operation. I have used several I have actually tested DDOS tools and the results are very good.

By the way, by the way, I use files in the code to record the visitor IP and time. It is best not to use a database (and don’t be clever and save it in the session) ), and it’s best to put this file on the SSD hard drive. I won’t go into details about the reason. I guess everyone knows it

/**
    防止客戶端惡意重整
    用法:
        $isf5=Fun::isf5();
    返回:
        返回bool[true:對方在惡意重整;false:正常訪問]
/**/
public static function isf5(){
    $_f=Run.'_isf5';
    if(!file_exists($_f)){
        file_put_contents($_f,serialize(array()),LOCK_EX);
        chmod($_f,0777);
    }
    $arr=unserialize(file_get_contents($_f));
    $arr=(!is_array($arr)) ? array() : $arr;
 
    //清理掉10秒前訪問的用戶
    foreach($arr as $k=>$v){
        if($_ENV['now']-$v['t'] >= 10){
            unset($arr[$k]);
        }
    }
 
    $ip='_'.(self::cur('ip'));
 
    if(!isset($arr[$ip])){
        $arr[$ip]['n']=1;                       //1s內連線的次數
        $arr[$ip]['t']=$_ENV['now'];            //第1次訪問的時間
        file_put_contents($_f,serialize($arr),LOCK_EX);
        chmod($_f,0777);
        unset($_f,$arr,$ip);
        return FALSE;
    }else{
        if(!isset($arr[$ip]['t']) or !is_numeric($arr[$ip]['t'])){
            unset($arr[$ip]);
            file_put_contents($_f,serialize($arr),LOCK_EX);
            chmod($_f,0777);
            unset($_f,$arr,$ip);
            return FALSE;
        }
        if(($_ENV[&#39;now&#39;]-$arr[$ip][&#39;t&#39;]) <= 1){  //若距離上次訪問的時間沒有超過1s,則只累加次數
            $arr[$ip][&#39;n&#39;]+=1;
            if($arr[$ip][&#39;n&#39;]>=5){
                unset($_f,$arr,$ip);
                return TRUE;
            }else{
                file_put_contents($_f,serialize($arr),LOCK_EX);
                chmod($_f,0777);
                unset($_f,$arr,$ip);
                return FALSE;
            }
        }else{                                              //若距離上次訪問的時間已經超過1s,則重新計數
            $arr[$ip][&#39;n&#39;]=1;
            $arr[$ip][&#39;t&#39;]=$_ENV[&#39;now&#39;];
            file_put_contents($_f,serialize($arr),LOCK_EX);
            chmod($_f,0777);
            unset($_f,$arr,$ip);
            return FALSE;
        }
    }
    unset($_f,$arr,$ip);
    return FALSE;
}


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP, C#, general DES encryptionNext article:PHP, C#, general DES encryption

Related articles

See more