Page 1 of 1
how to flood protect a website..
Posted: Sun Dec 07, 2003 4:51 pm
by babylon
hi i dont have a example otherwise i probably wouldnt need the help,but can anyone help me on my way how to protect a website from being attacked .
few days ago a friend and myself got suddenly over 500 visitors on the site that cause the site to drop dead instantly.
Believe me thats not funny,so can anyone help help me with some code or where i can find it.
maybe a code that not more then 20 or 30 people can visit all at once.just an idea.
Anyone know of such code or has a better idea ?
Thanks
Posted: Sun Dec 07, 2003 6:09 pm
by microthick
Look into changing some of the settings in your Apache web servers's httpd.conf. Particularly, look at the settings:
MaxKeepAliveRequests
KeepAliveTimeout
MaxRequestsPerChild
ThreadsPerChild
You might also want to look at
http://www.freshmeat.net or
http://www.sourceforge.net for mods that will particularly help you in this type of situation.
If you only want to use php, you could consider counting how many session files you have in your session folder. If number of files > 30, then display some stock html file.
Posted: Sun Dec 07, 2003 6:11 pm
by infolock
few days ago a friend and myself got suddenly over 500 visitors on the site that cause the site to drop dead instantly.
what was the error that it gave you? Wouldn't this be a problem with your host instead of a problem with your code?
Posted: Sun Dec 07, 2003 6:17 pm
by babylon
hi thanx for reply,no its not my host.
the website runs phpnuke and is secure enough but they manage it somehow to flood the system so i got more then 500 visitors online,hammering sometimes on my index.php
but also some connections like....fake example..
200.116.091.122
200.116.091.123
200.116.091.124
200.116.091.125
200.116.091.126
Get the idea...
so i hoped there is some code around that can prevent it...
Posted: Sun Dec 07, 2003 6:34 pm
by infolock
are you saying that you are getting DOS'ed ? If so, why not jsut report it to your host, and have them take care of it? Because (and if i'm wrong with this, please someone step in ), I don't think you are gonna be able to prevent such attacks with php UNLESS you know how to write a dos protection program.. which i don't think i've ever seen one for php out on the net.
Posted: Sun Dec 07, 2003 6:53 pm
by babylon
well infolock,good point..
who is to blaim anyway ?
But the attack is on my site...
so i had more then 500 IP's on my site as visitors being online...
so its like you ask 500 friends to come online....
so how is that done,but some code would be also nice..
Posted: Sun Dec 07, 2003 7:08 pm
by infolock
is your first page a php page? your index a index.php?
if not, redirect the index.htm to load on index.php
and count users as they get to your page... there are counters out there that will display the # of users on your site at any given time ( phpBB does this, and i'm pretty sure you coudl use it's counter, or another counter on like
http://www.hotscripts.com or
http://www.evilwalrus.com or find one on google ), so say something like
If ($user_count >450)
{
echo 'Sorry, the page is too busy. Try again Later.';
exit;
}
// continue on...
or maybe add a field to your table called Break_point or something, and when the counter hits 450, add a 1 to it, and when the page loads, have it check it every time :
select breakpoint from mytable.
if ($row['breakpoint'] == '1')
{
echo 'Sorry, the page is too busy. Try again Later.';
exit;
}
Posted: Sun Dec 07, 2003 7:19 pm
by babylon
well with that code should do it i think.....,yes my nuke site is not in the root and its a index.php
so that code should do the trick....
is the code complete ?
Or can you paste it here perhaps how i should include or put it into the index.php...?
Im not that good at this.
Posted: Sun Dec 07, 2003 7:38 pm
by infolock
it's really not that hard. i don't have the time unfortunately to do the entire thing for you, as i have other projects that i have to do myself, so i can only give you methods and suggestions. you'll have to do this yourself or somenoe else that has the time might post a complete solution.
but the code i gave you is merely ideas in which to impliment a strategy.
go to the sites i posted and look for counters that display the total users on your page. when you get that code, and put it in your index.php code, post it ( excluding any sensative data such as username/passwords for the site, or for your database ), and then we'll help you out from there.
but, i'll at least give you a very short and simple way to do this :
#1 Create a field in a table called Break_Point. Set it as an integer field.
#2. after the counter portion that you added to tell how many users you have on your page, put this code ( replace variables as needed to reflect what it shoudl be ):
Code: Select all
// after end of counter code..
if ($count_users > 450)
{
$sql="UPDATE mytable set Break_Point ='1'";
mysql_query($sql);
}
elseif ($count_user<450)
{
$sql="select Break_Point from mytable";
$result=mysql_query($sql);
$row=mysql_fetch_assoc($sql);
if ($row['Break_Point'] == '1')
{
mysql_query("UPDATE my_table set Break_Point='0' where Break_Point = '1'");
}
}
and at the beginning of your page, do something like this :
Code: Select all
<?php
// connect to mysql, select db then check :
$sql = "Select Break_Point from my_table";
$result = mysql_query($sql);
$row=myqsl_fetch_assoc($sql);
if ($row['Break_Point'] == '1')
{
echo 'Sorry, this page is too busy.. Try again later';
exit;
}
// otherwise, continue with the show
?>
maybe there is a better method than this, but this is whati've come up with so use it at your own risk. shoudl work even though it's untested.
hope this helps...
Posted: Sun Dec 07, 2003 7:48 pm
by babylon
thanks infolock,il give this a try....
and i asume you mean with ..my_table
the table where my ???????? are in stored ?
that was my last question....
Posted: Sun Dec 07, 2003 8:03 pm
by infolock
any table can work, so long as you add that field i suggested to it.
Posted: Sun Dec 07, 2003 8:15 pm
by babylon
ok thanks ,see how it goes...
Posted: Sun Dec 07, 2003 11:59 pm
by m3mn0n
babylon wrote:few days ago a friend and myself got suddenly over 500 visitors on the site that cause the site to drop dead instantly.
Tell me who is your host so I can avoid ever signing up there.
Posted: Mon Dec 08, 2003 3:27 am
by Pyrite
May be his site got /. 'ed
