Anti-DDos Class v1.2[PHP]

Este o clasa care va reduce sansele de a lua ddos pe paginile unde va fi instalat!Este foarte usor de utilizat nu necesita prea multe cunostinte! O recomand in special persoanelor care detin situri cu banda limitata!

File : anti-ddos.php

Cod:

<?php

########################################
/* Name : Anti-DDos class
*  Details : Protect your pages from ddos attack
*  Creator : AnDrEwBoY
*  Contact : andrew_boy200664@yahoo.com
*/
########################################
class Anti_Ddos {

#################################################################
//Connection details
var $server = "";            //database server
var $user    = "";            //database login name
var $pass = "";            //database login password
var $tb_hist = "";            //table history name
var $tb_ban     = "";            //table list banned users
var $db         = "anti_ddos";   //database name

//Internal info
var $ip         = "";            //client ip
var $Time       = 0;             //curent time
var $status     = 0;             //status client (-1 = was banned;0 = clean; 1 = banned;)
var $limit      = 5;             //how many requests accept in 2 seconds
var $reason     = "";            //if banned show the reason
#################################################################
       
   ##################
#-# constructor() #-#
function __construct($server = "",$user = "",$pass = "",$tb_hist = "",$tb_ban = "")
{
   $this->Time = time(); //current time

   $this->tb_hist = ($tb_hist != "") ? $tb_hist : "ddos_hist";
$this->tb_ban = ($tb_ban != "") ? $tb_ban : "ddos_ban";

   $this->server = ($server != "") ? $server : "localhost";
$this->user = ($user != "") ? $user : "root";
$this->pass = $pass;
   $this->Init_Con();

$this->ip = $_SERVER['REMOTE_ADDR'];
   
$this->Ban_Check(); //ban current user or not
$this->Check_IS_Banned(); //check if is banned
$this->Save_Trace(); //save current request
$this->Clead_DB(); //clean db from rows older than 2h

}#-# constructor() #-#

################## Initializize new connection(mysql) ##################
#-# Init_Con() #-#
function Init_Con()
{
   $con = @mysql_connect($this->server,$this->user,$this->pass) or die("Connection problem!"); //connect to server
mysql_select_db($this->db, $con) or die("Database connection problem!"); //conect to database

}#-# Init_Con() #-#

   ################## Check if this ip is banned or was banned! ##################
#-# Check_IS_Banned() #-#
function Check_IS_Banned()
{
    $sql = "SELECT * FROM `".$this->tb_ban."` WHERE client_ip = '".$this->ip."' ORDER BY `client_time_start` DESC LIMIT 0,1";
$query = mysql_query($sql);
if(mysql_num_rows($query) > 0)
{    
   $row = mysql_fetch_array($query);
if($this->Time - $row["client_time_start"] < 86400)
{//is banned
  $this->status = 1;
  $this->reason = $row['client_reason'];
  die("<b>You have been banned!
Reason : <font color='#FF0000'>".$this->reason."</font></b>");
}
else
{//was banned
  $this->status = -1;
}
}
}#-# Check_IS_Banned() #-#

################## Save into database this request! ##################
#-# Save_Trace() #-#
function Save_Trace()
{
  $sql = "INSERT INTO `".$this->tb_hist."` (`client_ip`,`client_time`,`client_page`) VALUES ('".$this->ip."','".$this->Time."','".mysql_escape_string($_SERVER['PHP_SELF'])."')";
  mysql_query($sql);
}#-# Save_Trace() #-#

################## Check if current client have do more than limit request,if yes then ban it else do nothing! ##################
#-#  Ban_Check() #-#
function Ban_Check()
{
   $counter = 0; $reason = "Too many requests in a short time!Banned for 24 h!";

   $sql = "SELECT * FROM `".$this->tb_hist."` WHERE client_ip = '".$this->ip."' ORDER BY `client_time` DESC LIMIT 0 ,".$this->limit;
$query = mysql_query($sql);

while($row = mysql_fetch_array($query))
{
   if($this->Time - $row['client_time'] < 3) $counter++;
}
if($counter == $this->limit)
{
  $sql = "INSERT INTO `".$this->tb_ban."` (`client_ip`,`client_time_start`,`client_reason`) VALUES ('".$this->ip."','".$this->Time."','".$reason."')";
  mysql_query($sql);
}
}#-#  Ban_Check() #-#

     ################## Clear DB from rows older than 2h! ##################
#-#  Clead_DB() #-#
function Clead_DB()
{
   $sql = "DELETE FROM ".$this->tb_hist." WHERE client_time <= ".($this->Time - 7200);
echo $sql."-".$this->Time;
mysql_query($sql);
}#-#  Clead_DB() #-#
}//end class

?>

File:index.php

Cod:

<?php
include("anti-ddos.php");

$anti_ddos = new Anti_Ddos();
echo "Normal!";
?>

File : Test.php

Cod:

<?php

function curl($url, $cookie = "") {
  $rand = rand(100000,400000);
  $agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/".$rand." Netscape/7.1 (ax)";
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $url);
  curl_setopt($ch, CURLOPT_USERAGENT, $agent);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  curl_setopt($ch, CURLOPT_COOKIE, $cookie);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
  $result = curl_exec ($ch);
  return $result;
  curl_close ($ch);
}

$x = 0;
while($x < 10)
{
$x++;
$string = curl('http://localhost/OOP%20Programming/advance%20class/$Anti-DDos/');
}

?>

Sql Code

Cod:

-- phpMyAdmin SQL Dump
-- version 2.9.1.1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Jun 25, 2008 at 04:08 PM
-- Server version: 5.0.27
-- PHP Version: 5.2.0
--
-- Database: `anti_ddos`
--

-- --------------------------------------------------------

--
-- Table structure for table `ddos_ban`
--

CREATE TABLE `ddos_ban` (
 `client_id` int(11) NOT NULL auto_increment,
 `client_ip` char(100) NOT NULL,
 `client_time_start` int(11) NOT NULL,
 `client_reason` text NOT NULL,
 PRIMARY KEY  (`client_id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=28 ;

--
-- Dumping data for table `ddos_ban`
--

-- --------------------------------------------------------

--
-- Table structure for table `ddos_hist`
--

CREATE TABLE `ddos_hist` (
 `client_id` int(11) NOT NULL auto_increment,
 `client_ip` char(100) NOT NULL,
 `client_time` char(50) NOT NULL,
 `client_page` text NOT NULL,
 PRIMARY KEY  (`client_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

--
-- Dumping data for table `ddos_hist`
--

Utilizare:
index.php reprezinta pagina pe care o vom proteja!
Test.php reprezinta flooderul!

Rulati pentru prima data index.php si va returna "Normal!",apoi rulati test.php(simulam un atac) si din nou index.php!
Ma voi gandi pentru viitor interzicerea accesului prin .htaccess....dar asta alta data!!Nu e cn stie ce dar sper sa va ajute!

Have fun!AnDrEwBoY Winking

Bun venit pe SkullBox!
Bine ai venit, Vizitator. Trebuie să te autentifici sau să îţi creezi un cont. Ai pierdut sau nu ai primit emailul care conţine codul de activare al contului? Autentifică-te cu numele de utilizator, parola şi precizează durata sesiunii.

Bun venit pe SkullBox!