how to flood protect a website..

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
babylon
Forum Newbie
Posts: 6
Joined: Sun Dec 07, 2003 4:51 pm

how to flood protect a website..

Post by babylon »

hi i dont have a example otherwise i probably wouldnt need the help,but can anyone help me on my way how to protect a website from being attacked .
few days ago a friend and myself got suddenly over 500 visitors on the site that cause the site to drop dead instantly.
Believe me thats not funny,so can anyone help help me with some code or where i can find it.
maybe a code that not more then 20 or 30 people can visit all at once.just an idea.
Anyone know of such code or has a better idea ?

Thanks
microthick
Forum Regular
Posts: 543
Joined: Wed Sep 24, 2003 2:15 pm
Location: Vancouver, BC

Post by microthick »

Look into changing some of the settings in your Apache web servers's httpd.conf. Particularly, look at the settings:

MaxKeepAliveRequests
KeepAliveTimeout
MaxRequestsPerChild
ThreadsPerChild

You might also want to look at http://www.freshmeat.net or http://www.sourceforge.net for mods that will particularly help you in this type of situation.

If you only want to use php, you could consider counting how many session files you have in your session folder. If number of files > 30, then display some stock html file.
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

few days ago a friend and myself got suddenly over 500 visitors on the site that cause the site to drop dead instantly.
what was the error that it gave you? Wouldn't this be a problem with your host instead of a problem with your code?
babylon
Forum Newbie
Posts: 6
Joined: Sun Dec 07, 2003 4:51 pm

Post by babylon »

hi thanx for reply,no its not my host.
the website runs phpnuke and is secure enough but they manage it somehow to flood the system so i got more then 500 visitors online,hammering sometimes on my index.php
but also some connections like....fake example..
200.116.091.122
200.116.091.123
200.116.091.124
200.116.091.125
200.116.091.126

Get the idea...
so i hoped there is some code around that can prevent it...
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

are you saying that you are getting DOS'ed ? If so, why not jsut report it to your host, and have them take care of it? Because (and if i'm wrong with this, please someone step in ), I don't think you are gonna be able to prevent such attacks with php UNLESS you know how to write a dos protection program.. which i don't think i've ever seen one for php out on the net.
babylon
Forum Newbie
Posts: 6
Joined: Sun Dec 07, 2003 4:51 pm

Post by babylon »

well infolock,good point..

who is to blaim anyway ?
But the attack is on my site...
so i had more then 500 IP's on my site as visitors being online...
so its like you ask 500 friends to come online....
so how is that done,but some code would be also nice..
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

is your first page a php page? your index a index.php?

if not, redirect the index.htm to load on index.php

and count users as they get to your page... there are counters out there that will display the # of users on your site at any given time ( phpBB does this, and i'm pretty sure you coudl use it's counter, or another counter on like http://www.hotscripts.com or http://www.evilwalrus.com or find one on google ), so say something like

If ($user_count >450)
{
echo 'Sorry, the page is too busy. Try again Later.';
exit;
}
// continue on...

or maybe add a field to your table called Break_point or something, and when the counter hits 450, add a 1 to it, and when the page loads, have it check it every time :

select breakpoint from mytable.

if ($row['breakpoint'] == '1')
{
echo 'Sorry, the page is too busy. Try again Later.';
exit;
}
babylon
Forum Newbie
Posts: 6
Joined: Sun Dec 07, 2003 4:51 pm

Post by babylon »

well with that code should do it i think.....,yes my nuke site is not in the root and its a index.php
so that code should do the trick....
is the code complete ?
Or can you paste it here perhaps how i should include or put it into the index.php...?

Im not that good at this.
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

it's really not that hard. i don't have the time unfortunately to do the entire thing for you, as i have other projects that i have to do myself, so i can only give you methods and suggestions. you'll have to do this yourself or somenoe else that has the time might post a complete solution.

but the code i gave you is merely ideas in which to impliment a strategy.

go to the sites i posted and look for counters that display the total users on your page. when you get that code, and put it in your index.php code, post it ( excluding any sensative data such as username/passwords for the site, or for your database ), and then we'll help you out from there.

but, i'll at least give you a very short and simple way to do this :

#1 Create a field in a table called Break_Point. Set it as an integer field.

#2. after the counter portion that you added to tell how many users you have on your page, put this code ( replace variables as needed to reflect what it shoudl be ):

Code: Select all

// after end of counter code..

if ($count_users > 450)
{
   $sql="UPDATE mytable set Break_Point ='1'";
   mysql_query($sql);
}
elseif ($count_user<450)
{
   $sql="select Break_Point from mytable";
   $result=mysql_query($sql);
   $row=mysql_fetch_assoc($sql);
   if ($row['Break_Point'] == '1')
   {
       mysql_query("UPDATE my_table set Break_Point='0' where Break_Point = '1'");
    }
}
and at the beginning of your page, do something like this :

Code: Select all

<?php

// connect to mysql, select db then check :
$sql = "Select Break_Point from my_table";
$result = mysql_query($sql);
$row=myqsl_fetch_assoc($sql);
if ($row['Break_Point'] == '1')
{
   echo 'Sorry, this page is too busy.. Try again later';
   exit;
}

// otherwise, continue with the show

?>
maybe there is a better method than this, but this is whati've come up with so use it at your own risk. shoudl work even though it's untested.

hope this helps...
babylon
Forum Newbie
Posts: 6
Joined: Sun Dec 07, 2003 4:51 pm

Post by babylon »

thanks infolock,il give this a try....

and i asume you mean with ..my_table
the table where my ???????? are in stored ?

that was my last question....
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

any table can work, so long as you add that field i suggested to it.
babylon
Forum Newbie
Posts: 6
Joined: Sun Dec 07, 2003 4:51 pm

Post by babylon »

ok thanks ,see how it goes...
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

babylon wrote:few days ago a friend and myself got suddenly over 500 visitors on the site that cause the site to drop dead instantly.
Tell me who is your host so I can avoid ever signing up there.
User avatar
Pyrite
Forum Regular
Posts: 769
Joined: Tue Sep 23, 2003 11:07 pm
Location: The Republic of Texas
Contact:

Post by Pyrite »

May be his site got /. 'ed :D
Post Reply