Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases

Reply
 
Thread Tools
Reload Flood Control Details »»
Reload Flood Control
Version: 1.00, by Zzed Zzed is offline
Developer Last Online: Feb 2012 Show Printable Version Email this Page

Version: 2.2.x Rating:
Released: 09-05-2002 Last Update: Never Installs: 8
 
No support by the author.

This is a fairly simple hack. I implemented it a couple days ago. And realized
that it had also been requested by scotty back in June.

https://vborg.vbsupport.ru/showthrea...threadid=40297

This hack limits the number of http requests to 1 request per IP address
per second. It works for both registered users as well as guests. If a users
hits the refresh button more than once per second he will be taken to the
error screen. The hack actually terminates the loading process of the page
in the early stages and prevents the server load from going up. I have
tried the refresh flood with and without this hack. And without the hack
I got the server load to go from 0.7 to about 25 with about 30 people logged
on. With the hack in place, the same refresh flood caused the load to go as high
as 1.2.

This hack requires you to create a new template. And it modifies 2 source
files: global.php and showthread.php.

In admin CP add the following template: error_floodreload
Add the following text to the template:
Code:
Sorry! The administrator has specified that users can only make one http request every 1 second.
In global.php
Look for the following code:
PHP Code:
if (!$servertoobusy) {
  require(
'./admin/sessions.php');
} else {
  
$session = array();
  
$bbuserinfo = array();

Add this code directly above it:
PHP Code:
// Flood control for abusive relaods...
$user_ip=$DB_site->query_first("select host, location, lastactivity from session where host = '".addslashes($REMOTE_ADDR)."' order by lastactivity desc limit 1;");
if(
$REMOTE_ADDR == $user_ip[host]) {
  global 
$bbtitle,$logincode,$url,$scriptpath,$bbuserinfo,$session;
  
$time_now time();
  if(
$time_now == $user_ip[lastactivity]) {
    
$DB_site->query("update session set lastactivity='$time_now' where host='".addslashes($REMOTE_ADDR)."' and lastactivity='$user_ip[lastactivity]';");
    
$style=$DB_site->query_first("select * from style where userselect = 1;");
    
$templatesetid $style[templatesetid];
    
$styleid $style[styleid];
    
$replacementsetid $style[replacementsetid];
    eval(
"standarderror(\"".gettemplate("error_floodreload")."\");");
    exit;
  }

In showthread.php
Look for the following code:
PHP Code:
// goto last post
if ($goto=="lastpost") { 
Replace it with
PHP Code:
// goto last post
if ($goto=="lastpost") {

// Flood control for abusive relaods...
  
sleep(1); 
In showthread.php
Look for:
PHP Code:
// goto newest post
if ($goto=="newpost") { 
Replace it with:
PHP Code:
// goto newest post
if ($goto=="newpost") {

// Flood control for abusive relaods...
  
sleep(1); 
The reason for the 1 second sleeps is to prevent the error screen from popping up when
the user clicks on the goto newest or goto last post arrows in the forum display.
Those 2 calls end up making a second recursive call to showthread.php which ends up
being within the same 1 second interval of the click itself. This way you are fooling
the flood control so that it wont catch the back to back requests.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 09-06-2002, 09:20 AM
Logician's Avatar
Logician Logician is offline
 
Join Date: Nov 2001
Location: inside vb code
Posts: 4,449
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it's a very good idea and a must have hack especially for people having bandwidth problems. IMO it also fixes the gap someone could exploit by sending too many page requests for a long time and thus making your server busy all the times. It wouldnt be a problem for manual sending but a malicious hacker could always code a script to make it automatically and increase your server load dramatically. So great fix..

One minor issue though: it would prevent users open a few pages at the same time when they come to the site. For example when they make a search, they cant anymore open a few threads at the same time by clicking "Open in new browser windows" link. (which I do a lot!). Of course this is not related to you it's the nature of the hack but maybe setting the second to 0.5 instead of 1 may be a little help for these users...
Reply With Quote
  #3  
Old 09-06-2002, 09:24 AM
Zzed's Avatar
Zzed Zzed is offline
 
Join Date: Feb 2002
Location: Glendale, CA, USA
Posts: 463
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thank you for your kind words.

We do suffer from high loads on our server.

You can actually load multiple pages. I do that all the time. I am willing to bet you money that opening the subsequent windows will take longer than a one second interval.
Reply With Quote
  #4  
Old 09-06-2002, 12:30 PM
The Ghost's Avatar
The Ghost The Ghost is offline
 
Join Date: Feb 2002
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Very Great Hack, I have a lot of peoples which refreshs only to kill my board.......

thx
Reply With Quote
  #5  
Old 09-06-2002, 12:32 PM
MarkB's Avatar
MarkB MarkB is offline
 
Join Date: Oct 2001
Location: London, UK
Posts: 324
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Has it affected bandwidth at all?
Reply With Quote
  #6  
Old 09-06-2002, 01:22 PM
The Ghost's Avatar
The Ghost The Ghost is offline
 
Join Date: Feb 2002
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, I've installed your great Hack, but if I now press the "F5" Key (Refresh) ever and ever I don't see the Antiflood Message....

I've Tryed it very often......
Reply With Quote
  #7  
Old 09-06-2002, 02:27 PM
Zzed's Avatar
Zzed Zzed is offline
 
Join Date: Feb 2002
Location: Glendale, CA, USA
Posts: 463
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

MarkB, it will prevent the server load from going up.

The Ghost, can you double check your installation steps and make sure you haven't left anything out?
Reply With Quote
  #8  
Old 09-06-2002, 05:22 PM
Neo's Avatar
Neo Neo is offline
 
Join Date: Oct 2001
Location: Anywhere
Posts: 1,817
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice.
Reply With Quote
  #9  
Old 09-06-2002, 11:35 PM
The Ghost's Avatar
The Ghost The Ghost is offline
 
Join Date: Feb 2002
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi,

I checked it all again and again step by step, but I think it doesn't work for me
Reply With Quote
  #10  
Old 09-07-2002, 09:24 AM
Zzed's Avatar
Zzed Zzed is offline
 
Join Date: Feb 2002
Location: Glendale, CA, USA
Posts: 463
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Can you Email me a copy of your global.php?

edwink@seebeyond.com
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:04 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06891 seconds
  • Memory Usage 2,311KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (6)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete