Home >Backend Development >PHP Tutorial >PHP prevents websites from being attacked by banning frequent IP access

PHP prevents websites from being attacked by banning frequent IP access

墨辰丷
墨辰丷Original
2018-06-06 17:40:125403browse

This article mainly introduces PHP to prevent website from being attacked by prohibiting frequent IP access. Friends who are interested can refer to it. I hope it will be helpful to everyone.

If you find that a certain IP accesses the website too frequently, add it to the blacklist and prohibit access. This is not a good solution, but in an emergency, there is no better solution. It is just a stopgap measure. In the future, Let’s do some more in-depth research.

<?php 
header(&#39;Content-type: text/html; charset=utf-8&#39;); 
$ip=$_SERVER[&#39;REMOTE_ADDR&#39;];//获取当前访问者的ip 
$logFilePath=&#39;./log/&#39;;//日志记录文件保存目录 
$fileht=&#39;.htaccess2&#39;;//被禁止的ip记录文件 
$allowtime=60;//防刷新时间 
$allownum=5;//防刷新次数 
$allowRefresh=120;//在允许刷新次数之后加入禁止ip文件中 
 
if(!file_exists($fileht)){ 
  file_put_contents($fileht,&#39;&#39;); 
} 
$filehtarr=@file($fileht); 
if(in_array($ip."\r\n",$filehtarr)){ 
  exit(&#39;警告:你的IP已经被禁止了!&#39;); 
} 
//加入禁止ip 
$time=time(); 
$fileforbid=$logFilePath.&#39;forbidchk.dat&#39;; 
if(file_exists($fileforbid)){ 
  if($time-filemtime($fileforbid)>30){ 
    @unlink($fileforbid); 
  }else{ 
    $fileforbidarr=@file($fileforbid); 
    if($ip==substr($fileforbidarr[0],0,strlen($ip))){ 
      if($time-substr($fileforbidarr[1],0,strlen($time))>120){ 
        @unlink($fileforbid); 
      }else if($fileforbidarr[2]>$allowRefresh){ 
        file_put_contents($fileht,$ip."\r\n",FILE_APPEND); 
        @unlink($fileforbid); 
      }else{ 
        $fileforbidarr[2]++; 
        file_put_contents($fileforbid,$fileforbidarr); 
      } 
    } 
  } 
} 
//防刷新 
$str=&#39;&#39;; 
$file=$logFilePath.&#39;ipdate.dat&#39;; 
if(!file_exists($logFilePath)&&!is_dir($logFilePath)){ 
  mkdir($logFilePath,0777); 
} 
if(!file_exists($file)){ 
  file_put_contents($file,&#39;&#39;); 
} 
$uri=$_SERVER[&#39;REQUEST_URI&#39;];//获取当前访问的网页文件地址 
$checkip=md5($ip); 
$checkuri=md5($uri); 
$yesno=true; 
$ipdate=@file($file); 
foreach($ipdate as $k=>$v){ 
  $iptem=substr($v,0,32); 
  $uritem=substr($v,32,32); 
  $timetem=substr($v,64,10); 
  $numtem=substr($v,74); 
  if($time-$timetem<$allowtime){ 
    if($iptem!=$checkip){ 
      $str.=$v; 
    }else{ 
      $yesno=false; 
      if($uritem!=$checkuri){ 
        $str.=$iptem.$checkuri.$time."\r\n"; 
      }else if($numtem<$allownum){ 
        $str.=$iptem.$uritem.$timetem.($numtem+1)."\r\n"; 
      } 
      else{ 
        if(!file_exists($fileforbid)){ 
          $addforbidarr=array($ip."\r\n",time()."\r\n",1); 
          file_put_contents($fileforbid,$addforbidarr); 
        } 
        file_put_contents($logFilePath.&#39;forbided_ip.log&#39;,$ip.&#39;--&#39;.date(&#39;Y-m-d H:i:s&#39;,time()).&#39;--&#39;.$uri."\r\n",FILE_APPEND); 
        $timepass=$timetem+$allowtime-$time; 
        exit(&#39;警告:不要刷新的太频繁!&#39;); 
      } 
    } 
  } 
} 
if($yesno){ 
  $str.=$checkip.$checkuri.$time."\r\n"; 
} 
file_put_contents($file,$str);

Summary: The above is the entire content of this article, I hope it will be helpful to everyone's study.

Related recommendations:

Detailed Explanation of OpCode Principle in PHP

Execution Cycle Example Analysis of PHP Principle

Detailed explanation of PHP source code directory structure and function description

The above is the detailed content of PHP prevents websites from being attacked by banning frequent IP access. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn