NST Web Based Anti-DoS v0.1

[дٳŦ٭]

Código (php) [Seleccionar] Expandir

<?
/*
/************************************************************
/                                                                                                       
/           NST Anti Denial of Service Script  v 0.1                                           
/                                                                                                       
/                                                                                                       
/                                                                                                       
/             Author: Link   < link07@gmail.com >                             
/                                                                                                       
/              ..::[N]eo [S]ecurity [T]eam::..                                         
/                                                                                                         
/              http://www.neosecurityteam.net   
/
/                   Date:  October - 2006               
/                                                                                                         
/                                                                                                         
/*************************************************************


     This script will prevent Dos and DDos attacks using request flood
     of http packets, that causes your server to excecute to much connections
     with the database and execute tha php interpreter a lot of times in a few
     seconds, all you have to do to install this is include it in a script that
     all your scripts use , an script for the database connection for example
     and create three empty txt files on the same folder with write and read
     permissions: log.txt , bans.txt , counter.txt
     This script will ban users using the .htaccess file, so dont forget to put
     this is script on the same folder as the .htaccess file as well
     It is very configurable just modify the parameters indicated below , to
     asign how sctrict the script will act. 

*/

$data = "";

$ban = "";

$visits = 1;

$error = 0;

$ahora = date("Y-n-j H:i:s");

$safemode = 0;

$new = "";

$flooder =0;

$registered = 0;

$wwwdir = "/home/neosecur/public_html/";

$ahora = date("Y-n-j H:i:s");

if(!$file = @fopen($wwwdir."log.txt","r"))

$error = 1;

while (!@feof($file))

{

$data .= @fgets($file);

}

$visitor = explode("\n",$data);

$i=0;

while($visitor[$i])

{

$iptime = explode("@",$visitor[$i]);

if ($_SERVER['REMOTE_ADDR'] == $iptime[0])

{



$tiempo = strtotime($ahora) - $iptime[1];

if ($tiempo <= 1)  // this line controls the acces of an ip, only one request during the number of seconds you replace here

{

$safemode = 1;


$flooder = 1;

}


$iptime[1]=strtotime($ahora);





$registered = 1;

}

$new .=$iptime[0]."@".$iptime[1]."\n";

$i++;

}


if (!$registered)

$new.=$_SERVER['REMOTE_ADDR']."@".strtotime($ahora)."\n";



if (!@fclose($file))

$error = 1;



if(!$file = @fopen($wwwdir."log.txt","wt"))

$error = 1;



@fwrite($file,$new);

if (!@fclose($file))

$error = 1;



if (!$fcount = @fopen($wwwdir."counter.txt","rt"))

$error = 1;

$vst = @fgets($fcount);

$count = explode("@",$vst);

if (strtotime($ahora) == $count[1])

{

$visits = $count[0] + 1;

$count[0] = $visits;

}

else

{

$count[0] = 1;

$count[1] = strtotime($ahora);

}

if (!@fclose($fcount))

$error = 1;



$new = $count[0]."@".$count[1];



if (!$fcount = @fopen($wwwdir."counter.txt","wt"))

$error = 1;



@fwrite($fcount,$new);



if (!@fclose($fcount))

$error = 1;




$new = "";

$registered = 0;



if ($visits > 4) // this line controls visits during a second, it is used to prevent ddos attacks you can modify this depending on the capacity of your server

{

$safemode = 1;

if ($flooder)

{

if (!$fban = @fopen($wwwdir."bans.txt","rt")) $error = 1;

while (!@feof($fban))

{

$ban .= @fgets($fban);

}

$ips = explode ("\n",$ban);

$i=0;

while ($ips[$i])

{

if ($_SERVER['REMOTE_ADDR'] == $ips[$i])

$registered = 1;

$i++;

$new .=$ips[$i];

}

if (!@fclose($fban)) $error = 1;



if (!$registered)

{

if (!$fban = @fopen($wwwdir."bans.txt","wt")) $error = 1;

$new .=$_SERVER['REMOTE_ADDR']."\n";

@fwrite($fban,$new);

if (!@fclose($fban)) $error = 1;

}

else

{

if (!$fht = @fopen($wwwdir.".htaccess","rt"))

$error = 1;

$cont = "";
$cont2 = "";
$eob = 0;
while (!@feof($fht))

{

$a = @fgets($fht);

if ($eob)
$cont2.=$a;
else
{
if ($a == "</Limit>\r\n" or $a == "</Limit>" or $a == "</Limit>\n")
{
$eob = 1;
$cont2.=$a;
}
else
$cont.=$a;
}

}



if (!@fclose($fht))

$error = 1;

if (!$fht = @fopen($wwwdir.".htaccess","wt"))

$error = 1;


$cont .= "Deny from ".$_SERVER['REMOTE_ADDR']."\n";
$cont .= $cont2;

@fwrite($fht,$cont);

if (!@fclose($fht))

$error = 1;

}

}


}


if ($error)

{

echo "ocurrio un error inesperado por favor trata actualizando de nuevo o vuelve en un rato. Gracias por tu comprensión.";

exit(0);

}

if($safemode)

{

echo '<META HTTP-EQUIV="Refresh" CONTENT="2;URL=">';

exit(0);

}



// if no restrictions have been activated , the content of the web will be displayed normally
//echo "contenido";
?>