php防止网站被攻击办法
最近网站经常被攻击,后来想到了一个利用php来防止网站受攻击的办法,下面是我的代码,代码不是最好的,根据自己的需求来做,下面来看看我的代码.
-
-
-
-
-
-
-
- $ip =$_server['remote_addr'];
- $fileht=".htaccess2";
- if(!file_exists($fileht))file_put_contents($fileht,"");
- $filehtarr=@file($fileht);
- if(in_array($ip."rn",$filehtarr))die("warning:"."
"."your ip address are forbided by mydalle.com anti-refresh mechanism, if you have any question pls emill to shop@mydalle.com!
(mydalle.com anti-refresh mechanism is to enable users to have a good shipping services, but there maybe some inevitable network problems in your ip address, so that you can mail to us to solve.)");
-
-
- $time=time();
- $fileforbid="log/forbidchk.dat";
- if(file_exists($fileforbid))
- { if($time-filemtime($fileforbid)>30)unlink($fileforbid);
- else{
- $fileforbidarr=@file($fileforbid);
- if($ip==substr($fileforbidarr[0],0,strlen($ip)))
- {
- if($time-substr($fileforbidarr[1],0,strlen($time))>120)unlink($fileforbid);
- elseif($fileforbidarr[2]>120){file_put_contents($fileht,$ip."rn",file_append);unlink($fileforbid);}
- else{$fileforbidarr[2]++;file_put_contents($fileforbid,$fileforbidarr);}
- }
- }
- }
-
- $str="";
- $file="log/ipdate.dat";
- if(!file_exists("log")&&!is_dir("log"))mkdir("log",0777);
- if(!file_exists($file))file_put_contents($file,"");
- $allowtime = 60;
- $allownum=5;
- $uri=$_server['request_uri'];
- $checkip=md5($ip);
- $checkuri=md5($uri);
- $yesno=true;
- $ipdate=@file($file);
- foreach($ipdate as $k=>$v)
- { $iptem=substr($v,0,32);
- $uritem=substr($v,32,32);
- $timetem=substr($v,64,10);
- $numtem=substr($v,74);
- if($time-$timetem<$allowtime){
- if($iptem!=$checkip)$str.=$v;
- else{
- $yesno=false;
- if($uritem!=$checkuri)$str.=$iptem.$checkuri.$time."1rn";
- elseif($numtem<$allownum)$str.=$iptem.$uritem.$timetem.($numtem+1)."rn";
- else
- {
- if(!file_exists($fileforbid)){$addforbidarr=array($ip."rn",time()."rn",1);file_put_contents($fileforbid,$addforbidarr);}
- file_put_contents("log/forbided_ip.log",$ip."--".date("y-m-d h:i:s",time())."--".$uri."rn",file_append);
- $timepass=$timetem+$allowtime-$time;
- die("warning:"."
"."pls don't refresh too frequently, and wait for ".$timepass." seconds to continue, if not your ip address will be forbided automatic by mydalle.com anti-refresh mechanism!
(mydalle.com anti-refresh mechanism is to enable users to have a good shipping services, but there maybe some inevitable network problems in your ip address, so that you can mail to us to solve.)");
- }
- }
- }
- }
- if($yesno) $str.=$checkip.$checkuri.$time."1rn";
- file_put_contents($file,$str);
- ?>