php网站防止刷流量攻击方法
程序员文章站
2022-05-20 17:17:53
...
流量攻击是一种比较初级的网站攻击方法,就是不停的去刷样网站,导致服务器处理不过来或数据库负载不了,导致网站无法正常方法的一种攻击手段了,下面我来介绍一个利用php防网站刷流量攻击方法.
php网站防止刷流量攻击方法实例代码如下:
" . "Your IP address are forbided by some reason, IF you have any question Pls emill to shop@mydalle.com!"); //加入禁止IP $time = time(); $fileforbid = "log/forbidchk.dat"; if (file_exists($fileforbid)) { if ($time - filemtime($fileforbid) > 60) unlink($fileforbid); else { $fileforbidarr = @file($fileforbid); if ($ip == substr($fileforbidarr[0], 0, strlen($ip))) { if ($time - substr($fileforbidarr[1], 0, strlen($time)) > 600) unlink($fileforbid); elseif ($fileforbidarr[2] > 600) { file_put_contents($fileht, $ip . "rn", FILE_APPEND); unlink($fileforbid); } else { $fileforbidarr[2]++; file_put_contents($fileforbid, $fileforbidarr); } } } } //防刷新 $str = ""; $file = "log/ipdate.dat"; if (!file_exists("log") && !is_dir("log")) mkdir("log", 0777); if (!file_exists($file)) file_put_contents($file, ""); $allowTime = 120; //防刷新时间 $allowNum = 10; //防刷新次数 $uri = $_SERVER['REQUEST_URI']; $checkip = md5($ip); $checkuri = md5($uri); $yesno = true; $ipdate = @file($file); foreach ($ipdate as $k => $v) { $iptem = substr($v, 0, 32); $uritem = substr($v, 32, 32); $timetem = substr($v, 64, 10); $numtem = substr($v, 74); if ($time - $timetem " . "Sorry,you are forbided by refreshing frequently too much, Pls wait for " . $timepass . " seconds to continue!"); } //开源代码phprm.com } } } if ($yesno) $str.= $checkip . $checkuri . $time . "1rn"; file_put_contents($file, $str); ?>
利用session 跟踪防post提交,代码如下:
]+@([-a-z0-9]+.)+[a-z]{2,}$/i'; if (preg_match($email_pattern, $_POST['email'])) { $clean['email'] = $_POST['email']; $user = $_SESSION['user']; $new_password = md5(uniqid(rand() , TRUE)); if ($_SESSION['verified']) { /* Update Password */ mail($clean['email'], 'Your New Password', $new_password); } } ?>