API tools faq
paste
Advertisement
Sa_Ve

proteger de ataque DDoS

Sa_Ve
Apr 3rd, 2014
350
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.31 KB | None | 0 0
raw download clone embed print report
  1. 1.-Crean un directorio llamado "iplog" en el servidor, con permisos 777.
  2. 2.-Crean un archivo de texto llamado "iplog.dat" y lo agregan dentro del directorio "iplog", con permisos 666.
  3. 3.-Agregan...
  4.     <?php include("anti_dos.php"); ?>
  5. En todos los archivos en donde quieren agregar la protección. O en uno general, como "config.php" o "index.php".
  6. 4.-Crear un archivo llamado "anti_dos.php" donde colocaremos el siguiente código:
  7.     <?php
  8.      
  9.     /*
  10.     CHMOD /iplog/ to 777
  11.     Create and CHMOD /iplog/iplogfile.dat to 666
  12.     add the following line in any important .php file in the same directory as your anti_dos.php file so it can check IPs when that file is loaded, best example is index.php if you have it.
  13.     include("anti_dos.php"); //anti-DoS, prevents rapid accessing
  14.      
  15.     if you have a known cookie on your site,
  16.     you can use this, otherwise just ignore this, it will set a different limit
  17.     for people with this cookie
  18.      
  19.     I use yourothercookie as the cookie ID for the forum, my forum uses ID
  20.     greater than 0 for all members and -1 for guests and members who have logged out,
  21.     so making it match greater than zero means members will get better access and
  22.     guests with or without cookies won't
  23.      
  24.     Also I use these cookies in the "flood alert" emails to make sure an important user didn't get banned. Someone could fake a cookie, so always be suspicious. Tez
  25.     */
  26.     $cookie = $_COOKIE['yourcookie'];
  27.     $othercookie = $_COOKIE['yourothercookie'];
  28.      
  29.      
  30.     if($cookie && $othercookie > 0) $iptime = 20;  // Minimum number of seconds between visits for users with certain cookie
  31.     else $iptime = 10; // Minimum number of seconds between visits for everyone else
  32.      
  33.      
  34.     $ippenalty = 60; // Seconds before visitor is allowed back
  35.      
  36.      
  37.     if($cookie && $othercookie > 0)$ipmaxvisit = 30; // Maximum visits, per $iptime segment
  38.     else $ipmaxvisit = 20; // Maximum visits per $iptime segment
  39.      
  40.      
  41.     $iplogdir = "./iplog/";
  42.     $iplogfile = "iplog.dat";
  43.      
  44.     $ipfile = substr(md5($_SERVER["REMOTE_ADDR"]), -2);
  45.     $oldtime = 0;
  46.     if (file_exists($iplogdir.$ipfile)) $oldtime = filemtime($iplogdir.$ipfile);
  47.      
  48.     $time = time();
  49.     if ($oldtime < $time) $oldtime = $time;
  50.     $newtime = $oldtime + $iptime;
  51.      
  52.     if ($newtime >= $time + $iptime*$ipmaxvisit)
  53.     {
  54.     touch($iplogdir.$ipfile, $time + $iptime*($ipmaxvisit-1) + $ippenalty);
  55.     $oldref = $_SERVER['HTTP_REFERER'];
  56.     header("HTTP/1.0 503 Service Temporarily Unavailable");
  57.     header("Connection: close");
  58.     header("Content-Type: text/html");
  59.     echo "<html><body bgcolor=#999999 text=#ffffff link=#ffff00>
  60.    <font face='Verdana, Arial'><p><b>
  61.    <h1>Temporary Access Denial</h1>Too many quick page views by your IP address (more than ".$ipmaxvisit." visits within ".$iptime." seconds).</b>
  62.    ";
  63.     echo "<br />Please wait ".$ippenalty." seconds and reload.</p></font></body></html>";
  64.     touch($iplogdir.$iplogfile); //create if not existing
  65.     $fp = fopen($iplogdir.$iplogfile, "a");
  66.     $yourdomain = $_SERVER['HTTP_HOST'];
  67.        if ($fp)
  68.        {
  69.        $useragent = "<unknown user agent>";
  70.        if (isset($_SERVER["HTTP_USER_AGENT"])) $useragent = $_SERVER["HTTP_USER_AGENT"];
  71.        fputs($fp, $_SERVER["REMOTE_ADDR"]." ".date("d/m/Y H:i:s")." ".$useragent."\n");
  72.        fclose($fp);
  73.        $yourdomain = $_SERVER['HTTP_HOST'];
  74.        
  75.        //the @ symbol before @mail means 'supress errors' so you wont see errors on the page if email fails.
  76.     if($_SESSION['reportedflood'] < 1 && ($newtime < $time + $iptime + $iptime*$ipmaxvisit))
  77.        @mail('flood_alert@'.$yourdomain, 'site flooded by '.$cookie.' '
  78.        .$_SERVER['REMOTE_ADDR'],'http://'.$yourdomain.' rapid website access flood occured and ban for IP '.$_SERVER['REMOTE_ADDR'].' at http://'.$yourdomain.$_SERVER['REQUEST_URI'].' from '.$oldref.' agent '.$_SERVER['HTTP_USER_AGENT'].' '
  79.        .$cookie.' '.$othercookie, "From: ".$yourdomain."\n");
  80.        $_SESSION['reportedflood'] = 1;
  81.        }
  82.        exit();
  83.     }
  84.     else $_SESSION['reportedflood'] = 0;
  85.      
  86.     //echo("loaded ".$cookie.$iplogdir.$iplogfile.$ipfile.$newtime);
  87.     touch($iplogdir.$ipfile, $newtime); //this just updates the IP file access date or creates a new file if it doesn't exist in /iplog
  88.     ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!