例1
代码如下 复制代码
//代理ip直接退出
empty($_server['http_via']) or exit('access denied');
//防止快速刷新
session_start();
$seconds = '3'; //时间段[秒]
$refresh = '5'; //刷新次数
//设置监控变量
$cur_time = time();
if(isset($_session['last_time'])){
$_session['refresh_times'] += 1;
}else{
$_session['refresh_times'] = 1;
$_session['last_time'] = $cur_time;
}
//处理监控结果
if($cur_time - $_session['last_time'] if($_session['refresh_times'] >= $refresh){
//跳转至攻击者服务器地址
header(sprintf('location:%s', 'http://127.0.0.1'));
exit('access denied');
}
}else{
$_session['refresh_times'] = 0;
$_session['last_time'] = $cur_time;
}
例二
代码如下 复制代码
$p_s_t = $t_array[0] + $t_array[1];
$timestamp = time();
session_start();
$ll_nowtime = $timestamp ;
if (session_is_registered('ll_lasttime')){
$ll_lasttime = $_session['ll_lasttime'];
$ll_times = $_session['ll_times'] + 1;
$_session['ll_times'] = $ll_times;
}else{
$ll_lasttime = $ll_nowtime;
$ll_times = 1;
$_session['ll_times'] = $ll_times;
$_session['ll_lasttime'] = $ll_lasttime;
}
if (($ll_nowtime - $ll_lasttime)if ($ll_times>=5){
header(sprintf(location: %s,'http://127.0.0.1'));
exit;
}
}else{
$ll_times = 0;
$_session['ll_lasttime'] = $ll_nowtime;
$_session['ll_times'] = $ll_times;
}
一个实例我自己亲测的
日志分析
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:13] [client 61.217.192.39] /index.php
[2011-04-16 03:03:12] [client 61.217.192.39] /index.php
[2011-04-16 03:03:12] [client 61.217.192.39] /index.php
[2011-04-16 03:03:12] [client 61.217.192.39] /index.php
[2011-04-16 03:03:11] [client 61.217.192.39] /index.php
[2011-04-16 03:03:11] [client 61.217.192.39] /index.php
[2011-04-16 03:03:11] [client 61.217.192.39] /index.php
[2011-04-16 03:03:10] [client 61.217.192.39] /index.php
[2011-04-16 03:03:10] [client 61.217.192.39] /index.php
下面是php方法:将以下代码另存为php文件,然后首行include入你的common.php文件中。
代码如下 复制代码
=$cc_min_nums){
if(!empty($cc_log)) cc_log(get_ip(), $real_ip, $cc_log, $cc_uri); //产生log
echo wait please, try again later!;
//printf('您的刷新过快,请稍后。');
//header(location: .$cc_forward);
exit;
}
}else{
$cc_times = 0;
$_session['cc_lasttime'] = $cc_nowtime;
$_session['cc_times'] = $cc_times;
}
//记录cc日志
function cc_log($client_ip, $real_ip, $cc_log, $cc_uri){
$temp_time = date(y-m-d h:i:s, time() + 3600*8);
$temp_result = [.$temp_time.] [client .$client_ip.] ;
if($real_ip) $temp_result .= [real .$real_ip.] ;
$temp_result .= $cc_uri . rn;
$handle = fopen ($cc_log, rb);
$oldcontent = fread($handle,filesize($cc_log));
fclose($handle);
$newcontent = $temp_result . $oldcontent;
$fhandle=fopen($cc_log, wb);
fwrite($fhandle,$newcontent,strlen($newcontent));
fclose($fhandle);
}
//获取在线ip
function get_ip() {
global $_c;
if(empty($_c['client_ip'])) {
if(getenv('http_client_ip') && strcasecmp(getenv('http_client_ip'), 'unknown')) {
$client_ip = getenv('http_client_ip');
} elseif(getenv('http_x_forwarded_for') && strcasecmp(getenv('http_x_forwarded_for'), 'unknown')) {
$client_ip = getenv('http_x_forwarded_for');
} elseif(getenv('remote_addr') && strcasecmp(getenv('remote_addr'), 'unknown')) {
$client_ip = getenv('remote_addr');
} elseif(isset($_server['remote_addr']) && $_server['remote_addr'] && strcasecmp($_server['remote_addr'], 'unknown')) {
$client_ip = $_server['remote_addr'];
}
$_c['client_ip'] = $client_ip ? $client_ip : 'unknown';
}
return $_c['client_ip'];
}
?>
这样就可以基础工业防止了,但是如果更高级占的就没办法,大家可尝试使用相关硬件防火强来设置。
http://www.bkjia.com/phpjc/629601.htmlwww.bkjia.comtruehttp://www.bkjia.com/phpjc/629601.htmltecharticlecc攻击就是对方利用程序或一些代理对您的网站进行不间断的访问,造成您的网站处理不了而处于当机状态,下面我们来总结一些防cc攻击的...