The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
anti-DOS Script 100% Working With Vbulletin 3.5 don't know how to apply it ...lol
Code:
1. <?php 2. 3. // ENGLISH-LANGUAGE VERSION: 4. 5. /* 6. 7. Notes... 8. 9. * $itime is the minimum number of seconds between visits _on average_ over 10. $itime*$imaxvisit seconds. So in the example, a visitor isn't blocked 11. if it visits the script multiple times in the first 5 seconds, as long 12. as it doesn't visit more than 60 times within 300 seconds (5 minutes). 13. 14. * If the limit is reached, $ipenalty is the number of seconds a visitor 15. has to wait before being allowed back. 16. 17. An MD5 hash is made of each visitor's IP address, and the last 3 hex digits of that hash are used to generate one of a possible 4096 filenames. If it is a new visitor, or a visitor who hasn't been seen for a while, the timestamp of the file is set to the then-current time; otherwise, it must be a recent visitor, and the time stamp is increased by $itime. 18. 19. If the visitor starts loading the timer script more rapidly than $itime seconds per visit,the time stamp on the IP-hashed filename will be increasing faster than the actual time is increasing. If the time stamp gets too far ahead of the current time, the visitor is branded a bad visitor and the penalty is applied by increasing the time stamp on its file even further. 20. 21. 4096 separate hash files is enough that it's very unlikely you'll get two visitors at exactly the same time with the same hash, but not so many that you need to keep tidying up the files. 22. 23. (Even if you do get more than one visitor with the same hash file at the same time, it's no great disaster: they'll just approach the throttle limit a little faster, which in most cases won't matter, as the limits in the example--5/60/60--are quite generous.) 24. 25. This script can be simply included in each appropriate php script with this: 26. 27. 28. // Spam-Block: 29. include('timer.inc'); 30. 31. */ 32. 33. // INITIALIZATIONS: 34. 35. // Constants: 36. 37. // Fixed: 38. $crlf=chr(13).chr(10); 39. $itime=5; // minimum number of seconds between one-visitor visits 40. $imaxvisit=60; // maximum visits in $itime x $imaxvisits seconds 41. $ipenalty=60; // seconds before visitor is allowed back 42. $iplogdir="../logs/"; 43. $iplogfile="ErrantIPs.Log"; 44. 45. // Language-dependent: 46. $spammer1='The Server is momentarily under heavy load.'; 47. $spammer2='Please wait '; 48. $spammer3=' seconds and try again.'; 49. 50. 51. 52. // OPERATION: 53. 54. // Make Check: 55. 56. // Get file time: 57. $ipfile=substr(md5($_SERVER["REMOTE_ADDR"]),-3); // -3 means 4096 possible files 58. $oldtime=0; 59. if (file_exists($iplogdir.$ipfile)) $oldtime=filemtime($iplogdir.$ipfile); 60. 61. // Update times: 62. $time=time(); 63. if ($oldtime<$time) $oldtime=$time; 64. $newtime=$oldtime+$itime; 65. 66. // Stop overuser: 67. if ($newtime>=$time+$itime*$imaxvisit) 68. { 69. // block visitor: 70. touch($iplogdir.$ipfile,$time+$itime*($imaxvisit-1)+$ipenalty); 71. header("HTTP/1.0 503 Service Temporarily Unavailable"); 72. header("Connection: close"); 73. header("Content-Type: text/html"); 74. echo '<html><head><title>Overload Warning</title></head><body><p align="center"><strong>' 75. .$spammer1.'</strong>'.$br; 76. echo $spammer2.$ipenalty.$spammer3.'</p></body></html>'.$crlf; 77. // log occurrence: 78. $fp=@fopen($iplogdir.$iplogfile,"a"); 79. if ($fp!==FALSE) 80. { 81. $useragent='<unknown user agent>'; 82. if (isset($_SERVER["HTTP_USER_AGENT"])) $useragent=$_SERVER["HTTP_USER_AGENT"]; 83. @fputs($fp,$_SERVER["REMOTE_ADDR"].' on '.date("D, d M Y, H:i:s").' as '.$useragent.$crlf); 84. } 85. @fclose($fp); 86. exit(); 87. } 88. 89. // Modify file time: 90. touch($iplogdir.$ipfile,$newtime); 91. 92. ?> Anyone Can Help With This How to Apply This ????? My Friend is useing and it's working fine |
#2
|
||||
|
||||
Why not try asking your friend?
|
#3
|
||||
|
||||
just enable mod_security and mod_evasive on apache.
|
#4
|
|||
|
|||
How would i know if these are enabled?
If there not how would i do it please? Quote:
|
#5
|
||||
|
||||
|
#6
|
|||
|
|||
Got it Now i am by forum is safe from http flooders and ddos attack i just apply the script in template (hader) and now it's working 100% thanx
|
#7
|
|||
|
|||
A script isnt going to 100% protect you from ddos and httpd flooders, if you are on shared hosting your hosting company should arleady have preventative measures in place that will stop it long before it should reach you.
and bashy, be very careful using mod_security and mod_evasive if you enter a bad ruleset then its going to render you're server useless but they are great tools when used correctly. Also check out APF firewall and brute force detection to help reduce DDOs attacks |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|