投稿

网站简单的防止CC攻击(5秒盾)PHP通用

Vedu 程序开发 阅读 260

WordPress 简单的防止 CC(5 秒盾)PHP 通用

利用检测 cookie 是否为正常的值,来判断是否为正常用户访问..PHP写的所以如果攻击的人代理很多的话,效果还是不大的!所以!做人要低调!

建立个cc.php
代码:

  1. <?php
  2. define(‘SYSTEM_ROOT’, dirname(preg_replace(‘@\\(.*\\(.*$@’, , preg_replace(‘@\\(.*\\(.*$@’, , __FILE__))) . ‘/’);
  3. session_start();
  4. date_default_timezone_set(‘Asia/Shanghai’);
  5. header(‘Content-Type: text/html; charset=UTF-8’);
  6. function getspider($useragent=){
  7. if(CC_Defender==2)return false;
  8. if(!$useragent){$useragent = $_SERVER[‘HTTP_USER_AGENT’];}
  9. $useragent=strtolower($useragent);
  10. if (strpos($useragent, ‘baiduspider’) !== false){return ‘baiduspider’;}
  11. if (strpos($useragent, ‘googlebot’) !== false){return ‘googlebot’;}
  12. if (strpos($useragent, ‘soso’) !== false){return ‘soso’;}
  13. if (strpos($useragent, ‘bing’) !== false){return ‘bing’;}
  14. if (strpos($useragent, ‘yahoo’) !== false){return ‘yahoo’;}
  15. if (strpos($useragent, ‘sohu-search’) !== false){return ‘Sohubot’;}
  16. if (strpos($useragent, ‘sogou’) !== false){return ‘sogou’;}
  17. if (strpos($useragent, ‘youdaobot’) !== false){return ‘YoudaoBot’;}
  18. if (strpos($useragent, ‘yodaobot’) !== false){return ‘YodaoBot’;}
  19. if (strpos($useragent, ‘robozilla’) !== false){return ‘Robozilla’;}
  20. if (strpos($useragent, ‘msnbot’) !== false){return ‘msnbot’;}
  21. if (strpos($useragent, ‘lycos’) !== false){return ‘Lycos’;}
  22. if (strpos($useragent, ‘ia_archiver’) !== false || strpos($useragent, ‘iaarchiver’) !== false){return ‘alexa’;}
  23. if (strpos($useragent, ‘archive.org_bot’) !== false){return ‘Archive’;}
  24. if (strpos($useragent, ‘robozilla’) !== false){return ‘Robozilla’;}
  25. if (strpos($useragent, ‘sitebot’) !== false){return ‘SiteBot’;}
  26. if (strpos($useragent, ‘mj12bot’) !== false){return ‘MJ12bot’;}
  27. if (strpos($useragent, ‘gosospider’) !== false){return ‘gosospider’;}
  28. if (strpos($useragent, ‘gigabot’) !== false){return ‘Gigabot’;}
  29. if (strpos($useragent, ‘yrspider’) !== false){return ‘YRSpider’;}
  30. if (strpos($useragent, ‘gigabot’) !== false){return ‘Gigabot’;}
  31. if (strpos($useragent, ‘jikespider’) !== false){return ‘jikespider’;}
  32. if (strpos($useragent, ‘addsugarspiderbot’) !== false){return ‘AddSugarSpiderBot’;/*非常少*/}
  33. if (strpos($useragent, ‘testspider’) !== false){return ‘TestSpider’;}
  34. if (strpos($useragent, ‘etaospider’) !== false){return ‘EtaoSpider’;}
  35. if (strpos($useragent, ‘wangidspider’) !== false){return ‘WangIDSpider’;}
  36. if (strpos($useragent, ‘foxspider’) !== false){return ‘FoxSpider’;}
  37. if (strpos($useragent, ‘docomo’) !== false){return ‘DoCoMo’;}
  38. if (strpos($useragent, ‘yandexbot’) !== false){return ‘YandexBot’;}
  39. if (strpos($useragent, ‘ezooms’) !== false){return ‘Ezooms’;/*个人*/}
  40. if (strpos($useragent, ‘sinaweibobot’) !== false){return ‘SinaWeiboBot’;}
  41. if (strpos($useragent, ‘catchbot’) !== false){return ‘CatchBot’;}
  42. if (strpos($useragent, ‘surveybot’) !== false){return ‘SurveyBot’;}
  43. if (strpos($useragent, ‘dotbot’) !== false){return ‘DotBot’;}
  44. if (strpos($useragent, ‘purebot’) !== false){return ‘Purebot’;}
  45. if (strpos($useragent, ‘ccbot’) !== false){return ‘CCBot’;}
  46. if (strpos($useragent, ‘mlbot’) !== false){return ‘MLBot’;}
  47. if (strpos($useragent, ‘adsbot-google’) !== false){return ‘AdsBot-Google’;}
  48. if (strpos($useragent, ‘ahrefsbot’) !== false){return ‘AhrefsBot’;}
  49. if (strpos($useragent, ‘spbot’) !== false){return ‘spbot’;}
  50. if (strpos($useragent, ‘augustbot’) !== false){return ‘AugustBot’;}
  51. return false;
  52. }
  54. if($_GET[‘rand’] && $_SESSION[‘rand_session’]!=$_GET[‘rand’]){
  55. @header(‘Content-Type: text/html; charset=UTF-8’);
  56. exit(‘<b>浏览器不支持 COOKIE 或者不正常访问!</b>’);
  57. }
  58. if(!$_SESSION[‘rand_session’] && $nosecu!=true){
  59. if(!getspider()){
  60. $rand_session=md5(uniqid().rand(1,1000));
  61. $_SESSION[‘rand_session’]=$rand_session;
  62. exit(“<!DOCTYPE HTML>
  63. <html>
  64. <head>
  65. <meta charset=\”UTF-8\”/>
  66. <meta name=\”viewport\” content=\”width=device-width, initial-scale=1, maximum-scale=1\” />
  68. <title>安全检查中…</title>
  69. <script> var i = 5;
  70. var intervalid;
  71. intervalid = setInterval(\”fun()\”, 1000);
  72. function fun() {
  73. if (i == 0) {
  74. window.location.href = \”?{$_SERVER[‘QUERY_STRING’]}&rand={$rand_session}\”;
  75. clearInterval(intervalid);
  76. }
  77. document.getElementById(\”mes\”).innerHTML = i;
  78. i–;
  79. }
  80. </script>
  81. <style>
  82. html, body {width: 100%; height: 100%; margin: 0; padding: 0;}
  83. body {background-color: #ffffff; font-family: Helvetica, Arial, sans-serif; font-size: 100%;}
  84. h1 {font-size: 1.5em; color: #404040; text-align: center;}
  85. p {font-size: 1em; color: #404040; text-align: center; margin: 10px 0 0 0;}
  86. #spinner {margin: 0 auto 30px auto; display: block;}
  87. .attribution {margin-top: 20px;}
  88. </style>
  89. </head>
  90. <body>
  91. <table width=\”100%\” height=\”100%\” cellpadding=\”20\”>
  92. <tr>
  93. <td align=\”center\” valign=\”middle\”>
  94. <noscript><h2>请打开浏览器的 javascript,然后刷新浏览器</h2></noscript>
  95. <h1><span data-translate=\”checking_browser\”>浏览器安全检查中…</span></h1>
  96. <p data-translate=\”process_is_automatic\”></p>
  97. <p data-translate=\”allow_5_secs\”>还剩 <span id=\”mes\”>5</span> 秒</p>
  98. </div>
  99. </div>
  100. </td>
  101. </tr>
  102. </table></body></html>”);
  103. }
  104. }

调用:
网站调用,拿wordpress来举例,主题/header.php 第一行添加代码:

  1. <?php get_template_part( ‘template/cc’ ); ?>

首次访问网站检测浏览器 cookie 通过才能正常的访问你的网站,搜索引擎蜘蛛已经过滤,不影响收录,还有未加上的可以自己补充。平时没攻击的时候建议不要开启,影响网站体验,配合 Nginx lua waf 简单防御 CC 攻击效果更佳。

内容出处:,

声明:本网站所收集的部分公开资料来源于互联网,转载的目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。如果您发现网站上有侵犯您的知识产权的作品,请与我们取得联系,我们会及时修改或删除。文章链接:http://www.yixao.com/procedure/30552.html

(0)
打赏 微信扫一扫 微信扫一扫 支付宝扫一扫 支付宝扫一扫
VeduVedu
0 0
上一篇 2023-07-09 07:06
下一篇 2023-07-09 07:50

相关推荐

发表评论

登录后才能评论