加入收藏 | 设为首页 | 会员中心 | 我要投稿 永州站长网 (https://www.0746zz.cn/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 站长学院 > PHP教程 > 正文

PHP防CC攻击实现代码总结

发布时间:2022-02-10 14:34:15 所属栏目:PHP教程 来源:互联网
导读:CC攻击就是对方利用程序或一些代理对您的网站进行不间断的访问,造成您的网站处理不了而处于当机状态,下面我们来总结一些防CC攻击的php实例代码,各位朋友可参考. 例1,代码如下: //代理IP直接退出 emptyempty($_SERVER[HTTP_VIA]) or exit(Access Denied); /
  CC攻击就是对方利用程序或一些代理对您的网站进行不间断的访问,造成您的网站处理不了而处于当机状态,下面我们来总结一些防CC攻击的php实例代码,各位朋友可参考.
 
  例1,代码如下:
 
  //代理IP直接退出  
  emptyempty($_SERVER['HTTP_VIA']) or exit('Access Denied');  
  //防止快速刷新  
  session_start();  
  $seconds = '3'; //时间段[秒]  
  $refresh = '5'; //刷新次数  
  //设置监控变量  
  $cur_time = time();  
  if(isset($_SESSION['last_time'])){  
      $_SESSION['refresh_times'] += 1;  
  }else{  
      $_SESSION['refresh_times'] = 1;  
      $_SESSION['last_time'] = $cur_time;  
  }  
  //处理监控结果  
  if($cur_time - $_SESSION['last_time'] < $seconds){  
      if($_SESSION['refresh_times'] >= $refresh){  
          //跳转至攻击者服务器地址  
          header(sprintf('Location:%s', 'http://127.0.0.1'));  
          exit('Access Denied');  
      } //开源代码Cuoxin.com
  }else{  
      $_SESSION['refresh_times'] = 0;  
      $_SESSION['last_time'] = $cur_time;  
  }
  例二,代码如下:
 
  $P_S_T = $t_array[0] + $t_array[1];  
  $timestamp = time();
  
  session_start();  
  $ll_nowtime = $timestamp ;  
  if (session_is_registered('ll_lasttime')){  
  $ll_lasttime = $_SESSION['ll_lasttime'];  
  $ll_times = $_SESSION['ll_times'] + 1;  
  $_SESSION['ll_times'] = $ll_times;  
  }else{  
  $ll_lasttime = $ll_nowtime;  
  $ll_times = 1;  
  $_SESSION['ll_times'] = $ll_times;  
  $_SESSION['ll_lasttime'] = $ll_lasttime;  
  }  
  if (($ll_nowtime - $ll_lasttime)<3){  
  if ($ll_times>=5){  
  header(sprintf("Location: %s",'http://127.0.0.1'));  
  exit;  
  }  
  }else{  
  $ll_times = 0;  
  $_SESSION['ll_lasttime'] = $ll_nowtime;  
  $_SESSION['ll_times'] = $ll_times;  
  }
  一个实例我自己亲测的,日志分析:
 
  [2011-04-16 03:03:13] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:13] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:13] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:13] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:12] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:12] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:12] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:11] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:11] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:11] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:10] [client 61.217.192.39] /index.php
  [2011-04-16 03:03:10] [client 61.217.192.39] /index.php
  下面是PHP方法,将以下代码另存为php文件,然后首行include入你的common.php文件中,代码如下:
 
  <?php
  /*
   * 防CC攻击,不死版.
   *
   * 如果每秒内网站刷新次数超过2次,延迟5秒后访问。
   */
  
  $cc_min_nums = '1';                    //次,刷新次数
  $cc_url_time = '5';                    //秒,延迟时间
  //$cc_log = 'cc_log.txt';                //启用本行为记录日志
  $cc_forward = 'http://localhost';    //释放到URL
  
  //--------------------------------------------
  
  //返回URL
  $cc_uri = $_SERVER['REQUEST_URI']?$_SERVER['REQUEST_URI']:($_SERVER['PHP_SELF']?$_SERVER['PHP_SELF']:$_SERVER['SCRIPT_NAME']);
  $site_url = 'http://'.$_SERVER ['HTTP_HOST'].$cc_uri;
  
  //启用session
  if( !isset( $_SESSION ) ) session_start();
  $_SESSION["visiter"] = true;
  if ($_SESSION["visiter"] <> true){
   echo "<script>setTimeout("window.location.href ='$cc_forward';", 1);</script>";
   //header("Location: ".$cc_forward);
   exit;
  }
  
  $timestamp = time();  
  $cc_nowtime = $timestamp ;
  if (session_is_registered('cc_lasttime')){
   $cc_lasttime = $_SESSION['cc_lasttime'];
   $cc_times = $_SESSION['cc_times'] + 1;
   $_SESSION['cc_times'] = $cc_times;
  }else{
   $cc_lasttime = $cc_nowtime;
   $cc_times = 1;
   $_SESSION['cc_times'] = $cc_times;
   $_SESSION['cc_lasttime'] = $cc_lasttime;
  }
  
  //获取真实IP
  if (isset($_SERVER)){
   $real_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
  }else{
   $real_ip = getenv("HTTP_X_FORWARDED_FOR");
  }
  
  //print_r($_SESSION);
  
  //释放IP
  if (($cc_nowtime - $cc_lasttime)<=0){
   if ($cc_times>=$cc_min_nums){         
   if(!emptyempty($cc_log))    cc_log(get_ip(), $real_ip, $cc_log, $cc_uri);    //产生log
   echo "Wait please, try again later!<script>setTimeout("window.location.href ='$site_url';", 5000);</script>";
   //printf('您的刷新过快,请稍后。');
   //header("Location: ".$cc_forward);
   exit;
   }
  }else{
   $cc_times = 0;
   $_SESSION['cc_lasttime'] = $cc_nowtime;
   $_SESSION['cc_times'] = $cc_times;
  }
  
  //记录cc日志
  function cc_log($client_ip, $real_ip, $cc_log, $cc_uri){     
   $temp_time = date("Y-m-d H:i:s", time() + 3600*8);
  
   $temp_result = "[".$temp_time."] [client ".$client_ip."] ";     
   if($real_ip) $temp_result .= " [real ".$real_ip."] ";
   $temp_result .= $cc_uri . "rn";
  
   $handle = fopen ("$cc_log", "rb");
   $oldcontent = fread($handle,filesize("$cc_log"));
   fclose($handle);
  
   $newcontent = $temp_result . $oldcontent;
   $fhandle=fopen("$cc_log", "wb");
   fwrite($fhandle,$newcontent,strlen($newcontent));
   fclose($fhandle);
  }
  
  //获取在线IP
  function get_ip() {
   global $_C;
  
   if(emptyempty($_C['client_ip'])) {
   if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
   $client_ip = getenv('HTTP_CLIENT_IP');
   } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
   $client_ip = getenv('HTTP_X_FORWARDED_FOR');
   } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
   $client_ip = getenv('REMOTE_ADDR');
   } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
   $client_ip = $_SERVER['REMOTE_ADDR'];
   }
   $_C['client_ip'] = $client_ip ? $client_ip : 'unknown';
   }
   return $_C['client_ip'];
  }
  ?>
  这样就可以基础工业防止了,但是如果更高级占的就没办法,大家可尝试使用相关硬件防火强来设置.

(编辑:永州站长网)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!