Anti-DDos Class v1.2[PHP]

[AnDrEwBoY]

Este o clasa care va reduce sansele de a lua ddos pe paginile unde va fi instalat!Este foarte usor de utilizat nu necesita prea multe cunostinte! O recomand in special persoanelor care detin situri cu banda limitata!

File : anti-ddos.php

Cod:

########################################
/* Name : Anti-DDos class
*  Details : Protect your pages from ddos attack
*  Creator : AnDrEwBoY
*  Contact : andrew_boy200664@yahoo.com
*/
########################################
class Anti_Ddos {

#################################################################
//Connection details
var $server = "";            //database server
var $user    = "";            //database login name
var $pass = "";            //database login password
var $tb_hist = "";            //table history name
var $tb_ban     = "";            //table list banned users
var $db         = "anti_ddos";   //database name

//Internal info
var $ip         = "";            //client ip
var $Time       = 0;             //curent time
var $status     = 0;             //status client (-1 = was banned;0 = clean; 1 = banned;)
var $limit      = 5;             //how many requests accept in 2 seconds
var $reason     = "";            //if banned show the reason
#################################################################
       
    ##################
#-# constructor() #-#
function __construct($server = "",$user = "",$pass = "",$tb_hist = "",$tb_ban = "")
{
   $this->Time = time(); //current time

   $this->tb_hist = ($tb_hist != "") ? $tb_hist : "ddos_hist";
$this->tb_ban = ($tb_ban != "") ? $tb_ban : "ddos_ban";

   $this->server = ($server != "") ? $server : "localhost";
$this->user = ($user != "") ? $user : "root";
$this->pass = $pass;
   $this->Init_Con();

$this->ip = $_SERVER['REMOTE_ADDR'];
   
$this->Ban_Check(); //ban current user or not
$this->Check_IS_Banned(); //check if is banned
$this->Save_Trace(); //save current request
$this->Clead_DB(); //clean db from rows older than 2h

}#-# constructor() #-#


################## Initializize new connection(mysql) ##################
#-# Init_Con() #-#
function Init_Con()
{
   $con = @mysql_connect($this->server,$this->user,$this->pass) or die("Connection problem!"); //connect to server
mysql_select_db($this->db, $con) or die("Database connection problem!"); //conect to database

}#-# Init_Con() #-#


    ################## Check if this ip is banned or was banned! ##################
#-# Check_IS_Banned() #-#
function Check_IS_Banned()
{
    $sql = "SELECT * FROM `".$this->tb_ban."` WHERE client_ip = '".$this->ip."' ORDER BY `client_time_start` DESC LIMIT 0,1";
$query = mysql_query($sql);
if(mysql_num_rows($query) > 0)
{    
   $row = mysql_fetch_array($query);
if($this->Time - $row["client_time_start"] < 86400)
{//is banned
  $this->status = 1;
  $this->reason = $row['client_reason'];
  die("You have been banned!
Reason : ".$this->reason."");
}
else
{//was banned
  $this->status = -1;
}
}
}#-# Check_IS_Banned() #-#

################## Save into database this request! ##################
#-# Save_Trace() #-#
function Save_Trace()
{
  $sql = "INSERT INTO `".$this->tb_hist."` (`client_ip`,`client_time`,`client_page`) VALUES ('".$this->ip."','".$this->Time."','".mysql_escape_string($_SERVER['PHP_SELF'])."')";
  mysql_query($sql);
}#-# Save_Trace() #-#

################## Check if current client have do more than limit request,if yes then ban it else do nothing! ##################
#-#  Ban_Check() #-#
function Ban_Check()
{
   $counter = 0; $reason = "Too many requests in a short time!Banned for 24 h!";

   $sql = "SELECT * FROM `".$this->tb_hist."` WHERE client_ip = '".$this->ip."' ORDER BY `client_time` DESC LIMIT 0 ,".$this->limit;
$query = mysql_query($sql);

while($row = mysql_fetch_array($query))
{
   if($this->Time - $row['client_time'] < 3) $counter++;
}
if($counter == $this->limit)
{
  $sql = "INSERT INTO `".$this->tb_ban."` (`client_ip`,`client_time_start`,`client_reason`) VALUES ('".$this->ip."','".$this->Time."','".$reason."')";
  mysql_query($sql);
}
}#-#  Ban_Check() #-#

      ################## Clear DB from rows older than 2h! ##################
#-#  Clead_DB() #-#
function Clead_DB()
{
   $sql = "DELETE FROM ".$this->tb_hist." WHERE client_time <= ".($this->Time - 7200);
echo $sql."-".$this->Time;
mysql_query($sql);
}#-#  Clead_DB() #-#
}//end class

?>

File:index.php

Cod:

include("anti-ddos.php");

$anti_ddos = new Anti_Ddos();
echo "Normal!";
?>

File : Test.php

Cod:

function curl($url, $co[i]o[/i]kie = "") {
   $rand = rand(100000,400000);
   $agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/".$rand." Netscape/7.1 (ax)";
   $ch = curl_init();
   curl_setopt($ch, CURLOPT_URL, $url);
   curl_setopt($ch, CURLOPT_USERAGENT, $agent);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
   curl_setopt($ch, CURLOPT_co[i]o[/i]kie, $co[i]o[/i]kie);
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
   $result = curl_exec ($ch);
   return $result;
   curl_close ($ch);
}

$x = 0;
while($x < 10)
{
$x++;
$string = curl('http://localhost/OOP%20Programming/advance%20class/$Anti-DDos/');
}

?>

Sql Code

Cod:

-- phpMyAdmin SQL Dump
-- version 2.9.1.1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Jun 25, 2008 at 04:08 PM
-- Server version: 5.0.27
-- PHP Version: 5.2.0
--
-- Database: `anti_ddos`
--

-- --------------------------------------------------------

--
-- Table structure for table `ddos_ban`
--

CREATE TABLE `ddos_ban` (
  `client_id` int(11) NOT NULL auto_increment,
  `client_ip` char(100) NOT NULL,
  `client_time_start` int(11) NOT NULL,
  `client_reason` text NOT NULL,
  PRIMARY KEY  (`client_id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=28 ;

--
-- Dumping data for table `ddos_ban`
--


-- --------------------------------------------------------

--
-- Table structure for table `ddos_hist`
--

CREATE TABLE `ddos_hist` (
  `client_id` int(11) NOT NULL auto_increment,
  `client_ip` char(100) NOT NULL,
  `client_time` char(50) NOT NULL,
  `client_page` text NOT NULL,
  PRIMARY KEY  (`client_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

--
-- Dumping data for table `ddos_hist`
--

Utilizare:
index.php reprezinta pagina pe care o vom proteja!
Test.php reprezinta flooderul!

Rulati pentru prima data index.php si va returna "Normal!",apoi rulati test.php(simulam un atac) si din nou index.php!
Ma voi gandi pentru viitor interzicerea accesului prin .htaccess....dar asta alta data!!Nu e cn stie ce dar sper sa va ajute!


Have fun!AnDrEwBoY

[danieLs]

nu mai scrie cu galben, nu se intelege nimic

[AnDrEwBoY]

cu galben mi`am lasat semnatura.. asta te intereseaza pe tn sau scriptul in principiu?

[tercot]

^ nu va certati .. daniels a vazut o culoare galbena in loc de portocaliu fiindca nu erau inchise niste tag-uri. Si se pare ca cineva ti le-a inchis .
Ontopic: Felicitari pentru tutorial !

[danieLs]

cu galben mi`am lasat semnatura.. asta te intereseaza pe tn sau scriptul in principiu?

:lol: ce acidulat esti :lol:
ti-am facut o simpla observatie, nu era cazul sa te lezezi asa de usor

[AnDrEwBoY]

de ce credeti ca am zis`o cu ura sau altceva? a fost pur si simplu ! oricum preferam sa fie o discutie legata de script ,nu una offtopic..

[danieLs]

oky, peace
doar ca nu intelegeam sa citesc atata tot, bafta

[AnDrEwBoY]

edit script: am rezolvat un posibil sql injection(thanks to vladii) si multumita lenii mele de a`l rezolva la timpul crearii scriptului!

[dragons]

super super ,,,, cand v-a veni vremea sal il folosesc ,sper sa ma ajute ... Bafta .

[SkullAds]