我發現這個腳本PHP防洪改進腳本
Quick and easy flood protection?
,我已經把它變成一個功能。
適用於大多數情況。不時看到錯誤:
[<a href='function.unlink'>function.unlink</a>]: No such file or directory
符合
:
else if ($diff>3600) { unlink($path); } // If first request was more than 1 hour, new ip file
顯然,由於某種原因,一些IP的文件越來越刪除嗎?
我試圖找到邏輯錯誤,但我並不擅長這一點。也許有人可以幫忙。
功能:
function ht_request_limiter() {
if (!isset($_SERVER['REMOTE_ADDR'])) { return; } // Maybe its impossible, however we check it first
if (empty($_SERVER['REMOTE_ADDR'])) { return; } // Maybe its impossible, however we check it first
$path = '/home/czivbaby/valuemarket.gr/ip-sec/'; // I use a function to validate a path first and return if false...
$path = $path.$_SERVER['REMOTE_ADDR'].'.txt'; // Real file path (filename = <ip>.txt)
$now = time(); // Current timestamp
if (!file_exists($path)) { // If first request or new request after 1 hour/24 hour ban, new file with <timestamp>|<counter>
if ($handle = fopen($path, 'w+')) {
if (fwrite($handle, $now.'|0')) { chmod($path, 0700); } // Chmod to prevent access via web
fclose($handle);
}
}
else if (($content = file_get_contents($path)) !== false) { // Load existing file
$content = explode('|',$content); // Create paraset [0] -> timestamp [1] -> counter
$diff = (int)$now-(int)$content[0]; // Time difference in seconds from first request to now
if ($content[1] == 'ban') { // If [1] = ban we check if it was less than 24 hours and die if so
if ($diff>86400) { unlink($path); } // 24 hours in seconds.. if more delete ip file
else {
header("HTTP/1.1 503 Service Unavailable");
exit("Your IP is banned for 24 hours, because of too many requests.");
}
}
else if ($diff>3600) { unlink($path); } // If first request was more than 1 hour, new ip file
else {
$current = ((int)$content[1])+1; // Counter + 1
if ($current>200) { // We check rpm (request per minute) after 200 request to get a good ~value
$rpm = ($current/($diff/60));
if ($rpm>10) { // If there was more than 10 rpm -> ban (if you have a request all 5 secs. you will be banned after ~17 minutes)
if ($handle = fopen($path, 'w+')) {
fwrite($handle, $content[0].'|ban');
fclose($handle);
// Maybe you like to log the ip once -> die after next request
}
return;
}
}
if ($handle = fopen($path, 'w+')) { // else write counter
fwrite($handle, $content[0].'|'.$current .'');
fclose($handle);
}
}
}
}
錯誤出現隨機。如果這是一個請求問題,在5000次命中時它肯定會出現。還從我的電腦模擬洪水,它不會產生錯誤。 – user2517612
如果您沒有太多流量(5000次點擊並不多,除非在短時間內發生),您可能會很少看到錯誤,具體取決於您的Web服務器設置。您可以通過生成並行查詢來重現它。同時運行一個小腳本的多個副本:'while:;做curl -s -o/dev/null http://example.com/script.php;做' – oh7lzb
我會(嘗試)實現一些文件鎖定。我不能接受腳本的OP,他可以很容易地添加它。 – user2517612