XOOPS /
XoopsCore25
| @@ 1214-1258 (lines=45) @@ | ||
| 1211 | 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1212 | . " WHERE ip={$ip4sql} AND request_uri={$uri4sql}"); |
|
| 1213 | list($f5_count) = $xoopsDB->fetchRow($result); |
|
| 1214 | if ($f5_count > $this->_conf['dos_f5count']) { |
|
| 1215 | ||
| 1216 | // delayed insert |
|
| 1217 | $xoopsDB->queryF($sql4insertlog); |
|
| 1218 | ||
| 1219 | // extends the expires of the IP with 5 minutes at least (pending) |
|
| 1220 | // $result = $xoopsDB->queryF( "UPDATE ".$xoopsDB->prefix($this->mydirname.'_access')." SET expire=UNIX_TIMESTAMP()+300 WHERE ip='$ip4sql' AND expire<UNIX_TIMESTAMP()+300" ) ; |
|
| 1221 | ||
| 1222 | // call the filter first |
|
| 1223 | $ret = $this->call_filter('f5attack_overrun'); |
|
| 1224 | ||
| 1225 | // actions for F5 Attack |
|
| 1226 | $this->_done_dos = true; |
|
| 1227 | $this->last_error_type = 'DoS'; |
|
| 1228 | switch ($this->_conf['dos_f5action']) { |
|
| 1229 | default : |
|
| 1230 | case 'exit' : |
|
| 1231 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1232 | exit; |
|
| 1233 | case 'none' : |
|
| 1234 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1235 | ||
| 1236 | return true; |
|
| 1237 | case 'biptime0' : |
|
| 1238 | if ($can_ban) { |
|
| 1239 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
|
| 1240 | } |
|
| 1241 | break; |
|
| 1242 | case 'bip' : |
|
| 1243 | if ($can_ban) { |
|
| 1244 | $this->register_bad_ips(); |
|
| 1245 | } |
|
| 1246 | break; |
|
| 1247 | case 'hta' : |
|
| 1248 | if ($can_ban) { |
|
| 1249 | $this->deny_by_htaccess(); |
|
| 1250 | } |
|
| 1251 | break; |
|
| 1252 | case 'sleep' : |
|
| 1253 | sleep(5); |
|
| 1254 | break; |
|
| 1255 | } |
|
| 1256 | ||
| 1257 | return false; |
|
| 1258 | } |
|
| 1259 | ||
| 1260 | // Check its Agent |
|
| 1261 | if (trim($this->_conf['dos_crsafe']) != '' && preg_match($this->_conf['dos_crsafe'], @$_SERVER['HTTP_USER_AGENT'])) { |
|
| @@ 1277-1315 (lines=39) @@ | ||
| 1274 | // delayed insert |
|
| 1275 | $xoopsDB->queryF($sql4insertlog); |
|
| 1276 | ||
| 1277 | if ($crawler_count > $this->_conf['dos_crcount']) { |
|
| 1278 | ||
| 1279 | // call the filter first |
|
| 1280 | $ret = $this->call_filter('crawler_overrun'); |
|
| 1281 | ||
| 1282 | // actions for bad Crawler |
|
| 1283 | $this->_done_dos = true; |
|
| 1284 | $this->last_error_type = 'CRAWLER'; |
|
| 1285 | switch ($this->_conf['dos_craction']) { |
|
| 1286 | default : |
|
| 1287 | case 'exit' : |
|
| 1288 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1289 | exit; |
|
| 1290 | case 'none' : |
|
| 1291 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1292 | ||
| 1293 | return true; |
|
| 1294 | case 'biptime0' : |
|
| 1295 | if ($can_ban) { |
|
| 1296 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
|
| 1297 | } |
|
| 1298 | break; |
|
| 1299 | case 'bip' : |
|
| 1300 | if ($can_ban) { |
|
| 1301 | $this->register_bad_ips(); |
|
| 1302 | } |
|
| 1303 | break; |
|
| 1304 | case 'hta' : |
|
| 1305 | if ($can_ban) { |
|
| 1306 | $this->deny_by_htaccess(); |
|
| 1307 | } |
|
| 1308 | break; |
|
| 1309 | case 'sleep' : |
|
| 1310 | sleep(5); |
|
| 1311 | break; |
|
| 1312 | } |
|
| 1313 | ||
| 1314 | return false; |
|
| 1315 | } |
|
| 1316 | ||
| 1317 | return true; |
|
| 1318 | } |
|
