<?php
/**
EasySite FireWall 防火墙模块
13:25 2012/7/23
*/
define('FW_ADMIN_KEY', '21232f297a57a5a743894a0e4a801fc3'); // 超级管理员密钥
define('FW_IP_RULE_FILE', APP_PATH.'Runtime/Conf/Config.Iprule.php');
$FW_DEFEND_IP_ON = false; // 开启IP规则过滤
$FW_DEFEND_IP_TP = 1; // 开设置IP过滤模式 0-IP黑名单过滤 1-IP白名单过滤
$FW_DEFEND_CC_ON = false; // 开启防恶意刷新
$FW_DEFEND_CC_TL = 5; // 每五次请求最小间隔时间/S
if(isset($_GET['fwkey']) || isset($_COOKIE['es_admin_fwkey'])){
$fwkey = isset($_GET['fwkey']) ? trim($_GET['fwkey']) :
(isset($_COOKIE['es_admin_fwkey']) ? $_COOKIE['es_admin_fwkey'] : '');
if($fwkey === FW_ADMIN_KEY) $FW_DEFEND_IP_ON = $FW_DEFEND_CC_ON = false;
setcookie('es_admin_fwkey', $fwkey, time()+3600*24, SITE_PATH);
}
if(true === $FW_DEFEND_IP_ON){
$client_ip = get_client_ip2();
$MYFW_LIST = (include FW_IP_RULE_FILE);
if(1 === $FW_DEFEND_IP_TP){
$allowed = false;
$MYFW_LIST = parse_ip_list($MYFW_LIST['whitelist']);
foreach($MYFW_LIST as $ip){
if(preg_match($ip, $client_ip)){
$allowed = true;
break;
}
}
if(!$allowed){
header('HTTP/1.1 403 Forbidden');
exit('HTTP/1.1 403 ES FireWall Forbidden : Not allowed IP');
}
}else{
$MYFW_LIST = parse_ip_list($MYFW_LIST['blacklist']);
foreach($MYFW_LIST as $ip){
if(preg_match($ip, $client_ip)){
header('HTTP/1.1 403 Forbidden');
exit('HTTP/1.1 403 ES FireWall Forbidden : Not allowed IP');
}
}
}
unset($allowed, $client_ip, $MYFW_LIST);
}
if(true === $FW_DEFEND_CC_ON){
if(!session_id()) session_start();
$nowtime = $lasttime = $_SERVER['REQUEST_TIME'];
if(isset($_SESSION['FireWall'])){
$lasttime = intval($_SESSION['FireWall']['lasttime']);
$fwtimes = intval($_SESSION['FireWall']['fwtimes']) +
(isset($_SERVER['HTTP_X_REQUESTED_WITH']) ? 0 : 1);
$_SESSION['FireWall']['fwtimes'] = $fwtimes;
if(($nowtime - $lasttime) < $FW_DEFEND_CC_TL){
if($fwtimes >= 5){
header('HTTP/1.1 403 Forbidden');
$_SESSION['FireWall']['lasttime'] = $nowtime;
exit('HTTP/1.1 403 ES FireWall Forbidden : Not allowed CC');
}
}else{
$_SESSION['FireWall']['fwtimes'] = 0;
$_SESSION['FireWall']['lasttime'] = $nowtime;
}
}else{
$_SESSION['FireWall']['fwtimes'] = 1;
$_SESSION['FireWall']['lasttime'] = $nowtime;
}
unset($nowtime, $lasttime, $fwtimes);
}
?> 2. [PHP]代码
<?php
/**
* 获取客户端IP
* @param void
* @return String 客户端IP
*/
function get_client_ip2(){
if(getenv('HTTP_CLIENT_IP')){
$client_ip = getenv('HTTP_CLIENT_IP');
}elseif(getenv('HTTP_X_FORWARDED_FOR')){
$client_ip = getenv('HTTP_X_FORWARDED_FOR');
}elseif(getenv('REMOTE_ADDR')) {
$client_ip = getenv('REMOTE_ADDR');
}else{
$client_ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
}
return $client_ip;
}
/**
* 解析IP规则列表
* @param void
* @return Array IP规则列表
*/
function parse_ip_list($rules){
$arr = array();
foreach($rules as $rule){
if($rule['start_time'] > $_SERVER['REQUEST_TIME'] || $rule['end_time']
< $_SERVER['REQUEST_TIME']) continue;
$ip = str_replace('.', '\.', $rule['ip']);
if($start = strstr($ip, '-')){
$start = substr($ip, 0, - strlen(strrchr($ip, '.')) + 1);
$pos = explode('-', trim(strrchr($ip, '.'), '.'));
for($i=intval($pos[0]),$a=intval($pos[1])+1; $i < $a; $i++ ){
$arr[] = '#^'.$start.$i.'$#i';
}
}elseif($start = strstr($ip, '[')){
$_ips = explode('|', substr($start, 1, -1));
$arr[] = '#^'.substr($ip, 0, - strlen($start)).'(('.implode(')|(',$_ips ).'))'.'$#i';
}elseif(strpos($ip, '*')){
$arr[] = '#^'.str_replace('*', '((25[0-5])|(2[0-4]\\d)|(1\\d{2})|(\\d{1,2}))', $ip).'$#i';
}else{
$arr[] = '#^'.$ip.'$#i';
}
}
return $arr;
}
?>
以上就是EasySite FireWall 防火墙模块的内容,更多相关内容请关注PHP中文网(www.php.cn)!
Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Roblox: Grow A Garden - Complete Mutation Guide
3 weeks agoByDDD
Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
How to fix KB5055612 fails to install in Windows 10?
3 weeks agoByDDD
Nordhold: Fusion System, Explained
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Mandragora: Whispers Of The Witch Tree - How To Unlock The Grappling Hook
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hot Tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
