XOOPS /
XoopsCore25
| @@ 1201-1245 (lines=45) @@ | ||
| 1198 | 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1199 | . " WHERE ip={$ip4sql} AND request_uri={$uri4sql}"); |
|
| 1200 | list($f5_count) = $xoopsDB->fetchRow($result); |
|
| 1201 | if ($f5_count > $this->_conf['dos_f5count']) { |
|
| 1202 | ||
| 1203 | // delayed insert |
|
| 1204 | $xoopsDB->queryF($sql4insertlog); |
|
| 1205 | ||
| 1206 | // extends the expires of the IP with 5 minutes at least (pending) |
|
| 1207 | // $result = $xoopsDB->queryF( "UPDATE ".$xoopsDB->prefix($this->mydirname.'_access')." SET expire=UNIX_TIMESTAMP()+300 WHERE ip='$ip4sql' AND expire<UNIX_TIMESTAMP()+300" ) ; |
|
| 1208 | ||
| 1209 | // call the filter first |
|
| 1210 | $ret = $this->call_filter('f5attack_overrun'); |
|
| 1211 | ||
| 1212 | // actions for F5 Attack |
|
| 1213 | $this->_done_dos = true; |
|
| 1214 | $this->last_error_type = 'DoS'; |
|
| 1215 | switch ($this->_conf['dos_f5action']) { |
|
| 1216 | default : |
|
| 1217 | case 'exit' : |
|
| 1218 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1219 | exit; |
|
| 1220 | case 'none' : |
|
| 1221 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1222 | ||
| 1223 | return true; |
|
| 1224 | case 'biptime0' : |
|
| 1225 | if ($can_ban) { |
|
| 1226 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
|
| 1227 | } |
|
| 1228 | break; |
|
| 1229 | case 'bip' : |
|
| 1230 | if ($can_ban) { |
|
| 1231 | $this->register_bad_ips(); |
|
| 1232 | } |
|
| 1233 | break; |
|
| 1234 | case 'hta' : |
|
| 1235 | if ($can_ban) { |
|
| 1236 | $this->deny_by_htaccess(); |
|
| 1237 | } |
|
| 1238 | break; |
|
| 1239 | case 'sleep' : |
|
| 1240 | sleep(5); |
|
| 1241 | break; |
|
| 1242 | } |
|
| 1243 | ||
| 1244 | return false; |
|
| 1245 | } |
|
| 1246 | ||
| 1247 | // Check its Agent |
|
| 1248 | if (trim($this->_conf['dos_crsafe']) != '' && preg_match($this->_conf['dos_crsafe'], @$_SERVER['HTTP_USER_AGENT'])) { |
|
| @@ 1264-1302 (lines=39) @@ | ||
| 1261 | // delayed insert |
|
| 1262 | $xoopsDB->queryF($sql4insertlog); |
|
| 1263 | ||
| 1264 | if ($crawler_count > $this->_conf['dos_crcount']) { |
|
| 1265 | ||
| 1266 | // call the filter first |
|
| 1267 | $ret = $this->call_filter('crawler_overrun'); |
|
| 1268 | ||
| 1269 | // actions for bad Crawler |
|
| 1270 | $this->_done_dos = true; |
|
| 1271 | $this->last_error_type = 'CRAWLER'; |
|
| 1272 | switch ($this->_conf['dos_craction']) { |
|
| 1273 | default : |
|
| 1274 | case 'exit' : |
|
| 1275 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1276 | exit; |
|
| 1277 | case 'none' : |
|
| 1278 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1279 | ||
| 1280 | return true; |
|
| 1281 | case 'biptime0' : |
|
| 1282 | if ($can_ban) { |
|
| 1283 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
|
| 1284 | } |
|
| 1285 | break; |
|
| 1286 | case 'bip' : |
|
| 1287 | if ($can_ban) { |
|
| 1288 | $this->register_bad_ips(); |
|
| 1289 | } |
|
| 1290 | break; |
|
| 1291 | case 'hta' : |
|
| 1292 | if ($can_ban) { |
|
| 1293 | $this->deny_by_htaccess(); |
|
| 1294 | } |
|
| 1295 | break; |
|
| 1296 | case 'sleep' : |
|
| 1297 | sleep(5); |
|
| 1298 | break; |
|
| 1299 | } |
|
| 1300 | ||
| 1301 | return false; |
|
| 1302 | } |
|
| 1303 | ||
| 1304 | return true; |
|
| 1305 | } |
|
