php防cc攻击实现代码总结

cc攻击就是对方利用程序或一些代理对您的网站进行不间断的访问,造成您的网站处理不了而处于当机状态,下面我们来总结一些防cc攻击的php实例代码,各位朋友可参考。

例1

代码如下

//代理ip直接退出
empty($_server[‘http_via’]) or exit(‘access denied’);
//防止快速刷新
session_start();
$seconds = ‘3’; //时间段[秒]
$refresh = ‘5’; //刷新次数
//设置监控变量
$cur_time = time();
if(isset($_session[‘last_time’])){
$_session[‘refresh_times’] += 1;
}else{
$_session[‘refresh_times’] = 1;
$_session[‘last_time’] = $cur_time;
}
//处理监控结果
if($cur_time – $_session[‘last_time’] < $seconds){ if($_session['refresh_times'] >= $refresh){
//跳转至攻击者服务器地址
header(sprintf(‘location:%s’, ‘http://127.0.0.1’));
exit(‘access denied’);
}
}else{
$_session[‘refresh_times’] = 0;
$_session[‘last_time’] = $cur_time;
}

例二

代码如下

$p_s_t = $t_array[0] + $t_array[1];
$timestamp = time();

session_start();
$ll_nowtime = $timestamp ;
if (session_is_registered(‘ll_lasttime’)){
$ll_lasttime = $_session[‘ll_lasttime’];
$ll_times = $_session[‘ll_times’] + 1;
$_session[‘ll_times’] = $ll_times;
}else{
$ll_lasttime = $ll_nowtime;
$ll_times = 1;
$_session[‘ll_times’] = $ll_times;
$_session[‘ll_lasttime’] = $ll_lasttime;
}
if (($ll_nowtime – $ll_lasttime)=5){
header(sprintf(“location: %s”,’http://127.0.0.1′));
exit;
}
}else{
$ll_times = 0;
$_session[‘ll_lasttime’] = $ll_nowtime;
$_session[‘ll_times’] = $ll_times;
}

一个实例我自己亲测的

日志分析

[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:12] [client 61.217.192.39] /index.php
[2011-04-16 03:03:12] [client 61.217.192.39] /index.php
[2011-04-16 03:03:12] [client 61.217.192.39] /index.php
[2011-04-16 03:03:11] [client 61.217.192.39] /index.php
[2011-04-16 03:03:11] [client 61.217.192.39] /index.php
[2011-04-16 03:03:11] [client 61.217.192.39] /index.php
[2011-04-16 03:03:10] [client 61.217.192.39] /index.php
[2011-04-16 03:03:10] [client 61.217.192.39] /index.php

下面是php方法:将以下代码另存为php文件,然后首行include入你的common.php文件中。

代码如下

这样就可以基础工业防止了,但是如果更高级占的就没办法,大家可尝试使用相关硬件防火强来设置。

http://www.bkjia.com/phpjc/629601.htmlwww.bkjia.comtruehttp://www.bkjia.com/phpjc/629601.htmltecharticlecc攻击就是对方利用程序或一些代理对您的网站进行不间断的访问,造成您的网站处理不了而处于当机状态,下面我们来总结一些防cc攻击的…

Posted in 未分类