Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 08-26-2006, 01:31 PM
org knopper org knopper is offline
 
Join Date: Jul 2006
Posts: 133
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default anti-DOS Script 100% Working With Vbulletin 3.5 don't know how to apply it ...lol

Code:
   1. 
      <?php
   2.
       
   3.
      //   ENGLISH-LANGUAGE VERSION:
   4.
       
   5.
      /*
   6.
   7.
      Notes...
   8.
   9.
          * $itime is the minimum number of seconds between visits _on average_ over
  10.
            $itime*$imaxvisit seconds.  So in the example, a visitor isn't blocked
  11.
            if it  visits the script multiple times in the first 5 seconds, as long
  12.
            as it doesn't visit more than 60 times within 300 seconds (5 minutes).
  13.
  14.
          * If the limit is reached, $ipenalty is the number of seconds a visitor
  15.
            has to wait before being allowed back.
  16.
  17.
      An MD5 hash is made of each visitor's IP address, and the last 3 hex digits of that hash are used to generate one of a possible 4096 filenames.  If it is a new visitor, or a visitor who hasn't been seen for a while, the timestamp of the file is set to the then-current time; otherwise, it must be a recent visitor, and the time stamp is increased by $itime.
  18.
  19.
      If the visitor starts loading the timer script more rapidly than $itime seconds per visit,the time stamp on the IP-hashed filename will be increasing faster than the actual time is increasing.  If the time stamp gets too far ahead of the current time, the visitor is branded a bad visitor and the penalty is applied by increasing the time stamp on its file even further.
  20.
  21.
      4096 separate hash files is enough that it's very unlikely you'll get two visitors at exactly the same time with the same hash, but not so many that you need to keep tidying up the files.
  22.
  23.
      (Even if you do get more than one visitor with the same hash file at the same time, it's no great disaster: they'll just approach the throttle limit a little faster, which in most cases won't matter, as the limits in the example--5/60/60--are quite generous.)
  24.
  25.
      This script can be simply included in each appropriate php script with this:
  26.
  27.
  28.
        //   Spam-Block:
  29.
        include('timer.inc');
  30.
  31.
      */
  32.
       
  33.
        // INITIALIZATIONS:
  34.
       
  35.
        //   Constants:
  36.
       
  37.
        //     Fixed:
  38.
        $crlf=chr(13).chr(10);
  39.
        $itime=5;  // minimum number of seconds between one-visitor visits
  40.
        $imaxvisit=60;  // maximum visits in $itime x $imaxvisits seconds
  41.
        $ipenalty=60;  // seconds before visitor is allowed back
  42.
        $iplogdir="../logs/";
  43.
        $iplogfile="ErrantIPs.Log";
  44.
       
  45.
        //     Language-dependent:
  46.
        $spammer1='The Server is momentarily under heavy load.';
  47.
        $spammer2='Please wait ';
  48.
        $spammer3=' seconds and try again.';
  49.
       
  50.
       
  51.
       
  52.
        // OPERATION:
  53.
       
  54.
        //   Make Check:
  55.
       
  56.
        //     Get file time:
  57.
        $ipfile=substr(md5($_SERVER["REMOTE_ADDR"]),-3);  // -3 means 4096 possible files
  58.
        $oldtime=0;
  59.
        if (file_exists($iplogdir.$ipfile)) $oldtime=filemtime($iplogdir.$ipfile);
  60.
       
  61.
        //     Update times:
  62.
        $time=time();
  63.
        if ($oldtime<$time) $oldtime=$time;
  64.
        $newtime=$oldtime+$itime;
  65.
       
  66.
        //     Stop overuser:
  67.
        if ($newtime>=$time+$itime*$imaxvisit)
  68.
        {
  69.
          //     block visitor:
  70.
          touch($iplogdir.$ipfile,$time+$itime*($imaxvisit-1)+$ipenalty);
  71.
          header("HTTP/1.0 503 Service Temporarily Unavailable");
  72.
          header("Connection: close");
  73.
          header("Content-Type: text/html");
  74.
          echo '<html><head><title>Overload Warning</title></head><body><p align="center"><strong>'
  75.
                .$spammer1.'</strong>'.$br;
  76.
          echo $spammer2.$ipenalty.$spammer3.'</p></body></html>'.$crlf;
  77.
          //     log occurrence:
  78.
          $fp=@fopen($iplogdir.$iplogfile,"a");
  79.
          if ($fp!==FALSE)
  80.
          {
  81.
            $useragent='<unknown user agent>';
  82.
            if (isset($_SERVER["HTTP_USER_AGENT"])) $useragent=$_SERVER["HTTP_USER_AGENT"];
  83.
            @fputs($fp,$_SERVER["REMOTE_ADDR"].' on '.date("D, d M Y, H:i:s").' as '.$useragent.$crlf);
  84.
          }
  85.
          @fclose($fp);
  86.
          exit();
  87.
        }
  88.
       
  89.
        //     Modify file time:
  90.
        touch($iplogdir.$ipfile,$newtime);
  91.
       
  92.
      ?>


Anyone Can Help With This How to Apply This ????? My Friend is useing and it's working fine
Reply With Quote
  #2  
Old 08-26-2006, 05:56 PM
FleaBag's Avatar
FleaBag FleaBag is offline
 
Join Date: Dec 2001
Posts: 1,674
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why not try asking your friend?
Reply With Quote
  #3  
Old 08-26-2006, 07:05 PM
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Posts: 550
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

just enable mod_security and mod_evasive on apache.
Reply With Quote
  #4  
Old 08-27-2006, 01:42 PM
bashy bashy is offline
 
Join Date: Nov 2005
Posts: 2,544
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How would i know if these are enabled?
If there not how would i do it please?

Quote:
Originally Posted by mentalrz
just enable mod_security and mod_evasive on apache.
Reply With Quote
  #5  
Old 08-28-2006, 04:52 PM
MentaL's Avatar
MentaL MentaL is offline
 
Join Date: Jan 2003
Posts: 550
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

http://www.howtoforge.com/apache_mod_security

http://www.webhostingtalk.com/showthread.php?t=481249
Reply With Quote
  #6  
Old 08-29-2006, 05:09 PM
org knopper org knopper is offline
 
Join Date: Jul 2006
Posts: 133
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Got it Now i am by forum is safe from http flooders and ddos attack i just apply the script in template (hader) and now it's working 100% thanx
Reply With Quote
  #7  
Old 08-29-2006, 06:08 PM
Ntfu2 Ntfu2 is offline
 
Join Date: Feb 2006
Posts: 1,247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

A script isnt going to 100% protect you from ddos and httpd flooders, if you are on shared hosting your hosting company should arleady have preventative measures in place that will stop it long before it should reach you.

and bashy, be very careful using mod_security and mod_evasive if you enter a bad ruleset then its going to render you're server useless but they are great tools when used correctly. Also check out APF firewall and brute force detection to help reduce DDOs attacks
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:35 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03761 seconds
  • Memory Usage 2,222KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete