欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  php教程

php网站防止刷流量攻击方法

程序员文章站 2022-05-04 08:09:23
...
流量攻击是一种比较初级的网站攻击方法,就是不停的去刷样网站,导致服务器处理不过来或数据库负载不了,导致网站无法正常方法的一种攻击手段了,下面我来介绍一个利用php防网站刷流量攻击方法.

php网站防止刷流量攻击方法实例代码如下:

" . "Your IP address are forbided by some reason, IF you have any question Pls emill to shop@mydalle.com!");
//加入禁止IP
$time = time();
$fileforbid = "log/forbidchk.dat";
if (file_exists($fileforbid)) {
    if ($time - filemtime($fileforbid) > 60) unlink($fileforbid);
    else {
        $fileforbidarr = @file($fileforbid);
        if ($ip == substr($fileforbidarr[0], 0, strlen($ip))) {
            if ($time - substr($fileforbidarr[1], 0, strlen($time)) > 600) unlink($fileforbid);
            elseif ($fileforbidarr[2] > 600) {
                file_put_contents($fileht, $ip . "rn", FILE_APPEND);
                unlink($fileforbid);
            } else {
                $fileforbidarr[2]++;
                file_put_contents($fileforbid, $fileforbidarr);
            }
        }
    }
}
//防刷新
$str = "";
$file = "log/ipdate.dat";
if (!file_exists("log") && !is_dir("log")) mkdir("log", 0777);
if (!file_exists($file)) file_put_contents($file, "");
$allowTime = 120; //防刷新时间
$allowNum = 10; //防刷新次数
$uri = $_SERVER['REQUEST_URI'];
$checkip = md5($ip);
$checkuri = md5($uri);
$yesno = true;
$ipdate = @file($file);
foreach ($ipdate as $k => $v) {
    $iptem = substr($v, 0, 32);
    $uritem = substr($v, 32, 32);
    $timetem = substr($v, 64, 10);
    $numtem = substr($v, 74);
    if ($time - $timetem " . "Sorry,you are forbided by refreshing frequently too much, Pls wait for " . $timepass . " seconds to continue!");
            } //开源代码phprm.com
            
        }
    }
}
if ($yesno) $str.= $checkip . $checkuri . $time . "1rn";
file_put_contents($file, $str);
?>

利用session 跟踪防post提交,代码如下:

]+@([-a-z0-9]+.)+[a-z]{2,}$/i';
if (preg_match($email_pattern, $_POST['email'])) {
    $clean['email'] = $_POST['email'];
    $user = $_SESSION['user'];
    $new_password = md5(uniqid(rand() , TRUE));
    if ($_SESSION['verified']) {
        /* Update Password */
        mail($clean['email'], 'Your New Password', $new_password);
    }
}
?>