Tampilkan postingan dengan label ip address. Tampilkan semua postingan
Tampilkan postingan dengan label ip address. Tampilkan semua postingan

Rabu, 04 Desember 2013

PHP DosDetector Class (Add-ons)

PHP DosDetector Class Documentation



Version: 1.1


Release: June 2013


Keyword: security, php, class, firewall, DoS Attack, IDS/IPS





1. What is this class?


This PHP Class used for preventing Denial of Service (DoS) attack to your web server written by PHP. Running this script will monitoring all requests from an IP address and logged it into memory cache (PHP APC Caching). If an IP address sends too much request to your server, it will trigger the Intrustion Preventing System (IPS) and auto-ban this IP Address.





2. System Requirement








3. Installation


- First, copy class.dosdetector.php file to your project, such as ./classes/ directory on your project.


- Next, including class.docsdetector.php file.


- Now, just create an object from this class and call run method before the first line of your project (usally in bootstrap, start up or index file) to start monitoring. You can pass an URL to run method in case banned IP will be redirect to passed URL. If you do not pass this parameter, banned IP will see a default message on screen.


- Example code:



//Put this in the beginning of your all page
include_once('./classes/class.dosdetector.php');
$myDosDetector = new DosDetector();

//Default Running
$myDosDetector->run();

//Default Running with Custom Landing Page for Banned IP Access
//$myDosDetector->run('http://url/to/your/landing/page');

//////////////////////////////
// YOUR SITE SOURCE CODE HERE
//....






4. Editable Properties & Constants



  • $ignoreIpAddress: IP Address in this array will be ignored by this detector. Usually your Company IP…

  • PHPIDS_QUOTA_IDS_TRIGGER: if in a second, an IP Address request more than this value will be trigger method idsWorker() in this class. You can implement you code for this function (line 161 in class.dosdetector.php) to get the notification.

  • PHPIDS_DURATION_IPS_TRIGGER: The number of second to check for IPS (auto-banning) trigger.

  • PHPIDS_QUOTA_IPS_TRIGGER: if in PHPIDS_DURATION_IPS_TRIGGER seconds, same IP have more request than this value will be auto-banned by system.




5. Monitoring


- This package came with a standalone script to monitor the traffic (logged by DosDtector class). You can put this script anywhere on your web server (with PHP read permission), and run this script from browser to access monitor tool. Example: http://yoursite.com/monitor.php.


- This page will show all the request (with IP Address, Time, User-Agent, Cookie status, Request URI, Referer URL) logged by DosDetector. Logged Accesses will be cached for 2 hours for performance.


- This page will show you banned IP address (from auto-ban or manual-ban IP Address). You can manual-ban an IP Address if you see that IP request too much and have weird access. Banned IP addresses will not be clear automatically. This banned list only clear by you or by clear from APC cache.


- You can detect whether a request have cookie or not, because a request without cookie is usually a search engine robot (Googlebot,..) or an automatic script crawling/flooding your website.






Thank you!

Mini Bots PHP Class (Miscellaneous)

ADDED NEW BOTS AND METHODS THAT:
- get images and user informations from Instagram
- get twitter user informations
- functions for parsing html pages as a spider




This PHP class is a growing collection of small spiders and web bot that go out on the web and make some small useful jobs.




Actually the mini bots can do those things:





  1. Copy a remote url to your local server: copyFile

  2. Get IP address of the user: getIP

  3. Get geographic informations from IP address: ipToGeo

  4. Get spelling for a word using Google: doSpelling

  5. Make a Tiny URL using tiny url service: doShortURL

  6. Decode a short URL of any service: doShortURLDecode

  7. Check if an URL to an mp3 is really an mp3 file: checkMp3

  8. Check if an URL exists: url_exists

  9. Do SMTP email validation: doSMTPValidation

  10. Get infos of an URL (keywords, title, images, description, favicon…): getUrlInfo

  11. Get infos of a VIDEO URL (title, description, thumb for youtube and vimeo services): getVideoUrlInfo

  12. Read facebook counters for likes, shares, comments, clicks…: readFacebookCounters

  13. Read the numbers of time a URL has been twitted: readTwitterCounter

  14. Read Google +1s counter for an URL: readGooglePlusCounter

  15. Get Google suggested keywords for a keyword: googleSuggestKeywords

  16. Get Latitude and Longitude (georeference) from an address with Google: getLatLong

  17. Get Wikipedia definition: wikiDefinition

  18. Get Vimeo Info on a video: getVimeoInfo

  19. Get exchange rates, currency converter: getExchangeRateFromTo

  20. Get push notification on android devices: notifyNma

  21. Ping pingomatic services: pingomatic

  22. Get images from a keyword: getImage

  23. Get images and user data from Instagram: getInstagramPics NEW!

  24. Get twitter user data (followers/followings): twitterInfo NEW!

  25. Get a page, find links, find emails… and more methods for spidering. NEW!



Future updates will bring new mini bots for you!
To fully work need cURL module installed on your server.




You can play with some methods in this interactive demo or check the complete test demo (same as live preview button).