Anti-flood DDoS in PHP

BURST · 22-11-2018, 10:43 PM

Code:
<?php
 if (!isset($_SESSION)) {
     session_start();
 }
 // anti flood protection
 if($_SESSION['last_session_request'] > time() - 2){
     // users will be redirected to this page if it makes requests faster than 2 seconds
     header("location: http://www.example.com/403.html");
     exit;
 }
 $_SESSION['last_session_request'] = time();
 ?>

I've already tested this script as you higher the second It Will keep redirecting to

Code:
http://www.example.com/403.html

without any reason.
Can anyone tell me why?

Quietz · 22-11-2018, 10:51 PM

I dont know why anyone would use this. If you need help by setting up a ddos protection let me know please

luksonaa · 22-11-2018, 11:04 PM

vouch on couch nice guide mate thanks for dis
50 more characters here

r1n9zer0 · 29-11-2018, 08:39 AM

If I were you I would start by understanding where in your code this is happening. It is obvious that the below if block is being taken and $_SESSION['last_session_request'] > time() - 2 is evaluating to true. If I were you, I would echo $_SESSION['last_session_request'] and time() to see if these are values you expect. Taking a look here should give you all the answers you need -> https://stackoverflow.com/questions/3972...per-second.

Anti-flood DDoS in PHP

Submitted by BURST, 22-11-2018, 10:43 PM, Thread ID: 106919

RE: Anti-flood DDoS in PHP

RE: Anti-flood DDoS in PHP

RE: Anti-flood DDoS in PHP