Webmaster Security

Anti-flood DDoS in PHP

Submitted by BURST, , Thread ID: 106919

Thread Closed
22-11-2018, 10:43 PM
#1
Code:
<?php
if (!isset($_SESSION)) {
    session_start();
}
// anti flood protection
if($_SESSION['last_session_request'] > time() - 2){
    // users will be redirected to this page if it makes requests faster than 2 seconds
    header("location: http://www.example.com/403.html");
    exit;
}
$_SESSION['last_session_request'] = time();
?>

I've already tested this script as you higher the second It Will keep redirecting to

Code:
http://www.example.com/403.html

without any reason.

Can anyone tell me why?
[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]

RE: Anti-flood DDoS in PHP

#2
I dont know why anyone would use this. If you need help by setting up a ddos protection let me know please

RE: Anti-flood DDoS in PHP

#3
vouch on couch nice guide mate thanks for dis
50 more characters here

RE: Anti-flood DDoS in PHP

#4
If I were you I would start by understanding where in your code this is happening. It is obvious that the below if block is being taken and $_SESSION['last_session_request'] > time() - 2 is evaluating to true. If I were you, I would echo $_SESSION['last_session_request'] and time() to see if these are values you expect. Taking a look here should give you all the answers you need -> https://stackoverflow.com/questions/3972...per-second.

Users browsing this thread: 2 Guest(s)