本文介绍的这段代码,可以用来防止简单的ddos、dns、以及集群攻击,希望这段php代码,对大家有所帮助吧。 <?php /* vim: set expandtab tabstop=4 shiftwidth=4: */ // +----------------------------------------------------------------------+ // | PHP version 5 | // +----------------------------------------------------------------------+ // | Copyright (c) 1997-2004 The PHP Group | // +----------------------------------------------------------------------+ // | This source file is subject to version 3.0 of the PHP license, | // | that is bundled with this package in the file LICENSE, and is | // | available through the world-wide-web at the following url: | // | http://www.php.net/license/3_0.txt. | // | If you did not receive a copy of the PHP license and are unable to | // | obtain it through the world-wide-web, please send a note to | // | license@php.net so we can mail you a copy immediately. | // +----------------------------------------------------------------------+ // | Authors: Original Author <author@example.com> | // | Your Name <you@example.com> | // +----------------------------------------------------------------------+ // // $Id:$ /** * 防止ddos、dns、集群等攻击 * edit www.cxyblog.com */ //查询禁止IP $ip = $_SERVER['REMOTE_ADDR']; $fileht = ".htaccess2"; if (!file_exists($fileht)) file_put_contents($fileht, ""); $filehtarr = @file($fileht); if (in_array($ip . " ", $filehtarr)) die("Warning:" . "<br>" . "Your IP address are forbided by some reason, IF you have any question Pls emill to shop@jbxue.com!"); //加入禁止IP $time = time(); $fileforbid = "log/forbidchk.dat"; if (file_exists($fileforbid)) { if ($time - filemtime($fileforbid) > 60) unlink($fileforbid); else { $fileforbidarr = @file($fileforbid); if ($ip == substr($fileforbidarr[0], 0, strlen($ip))) { if ($time - substr($fileforbidarr[1], 0, strlen($time)) > 600) unlink($fileforbid); elseif ($fileforbidarr[2] > 600) { file_put_contents($fileht, $ip . " ", FILE_APPEND); unlink($fileforbid); } else { $fileforbidarr[2]++; file_put_contents($fileforbid, $fileforbidarr); } } } } //防刷新 $str = ""; $file = "log/ipdate.dat"; if (!file_exists("log") && !is_dir("log")) mkdir("log", 0777); if (!file_exists($file)) file_put_contents($file, ""); $allowTime = 120; //防刷新时间 $allowNum = 10; //防刷新次数 $uri = $_SERVER['REQUEST_URI']; $checkip = md5($ip); $checkuri = md5($uri); $yesno = true; $ipdate = @file($file); foreach ($ipdate as $k => $v) { $iptem = substr($v, 0, 32); $uritem = substr($v, 32, 32); $timetem = substr($v, 64, 10); $numtem = substr($v, 74); if ($time - $timetem < $allowTime) { if ($iptem != $checkip) $str.= $v; else { $yesno = false; if ($uritem != $checkuri) $str.= $iptem . $checkuri . $time . "1 "; elseif ($numtem < $allowNum) $str.= $iptem . $uritem . $timetem . ($numtem + 1) . " "; else { if (!file_exists($fileforbid)) { $addforbidarr = array( $ip . " ", time() . " ", 1 ); file_put_contents($fileforbid, $addforbidarr); } file_put_contents("log/forbided_ip.log", $ip . "--" . date("Y-m-d H:i:s", time()) . "--" . $uri . " ", FILE_APPEND); $timepass = $timetem + $allowTime - $time; die("Warning:" . "<br>" . "Sorry,you are forbided by refreshing frequently too much, Pls wait for " . $timepass . " seconds to continue!"); } } } } if ($yesno) $str.= $checkip . $checkuri . $time . "1 "; file_put_contents($file, $str); ?>(责任编辑:好模板) |