XOOPS /
XoopsCore25
| @@ 1147-1191 (lines=45) @@ | ||
| 1144 | 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1145 | . " WHERE ip={$ip4sql} AND request_uri={$uri4sql}"); |
|
| 1146 | list($f5_count) = $xoopsDB->fetchRow($result); |
|
| 1147 | if ($f5_count > $this->_conf['dos_f5count']) { |
|
| 1148 | ||
| 1149 | // delayed insert |
|
| 1150 | $xoopsDB->queryF($sql4insertlog); |
|
| 1151 | ||
| 1152 | // extends the expires of the IP with 5 minutes at least (pending) |
|
| 1153 | // $result = $xoopsDB->queryF( "UPDATE ".$xoopsDB->prefix($this->mydirname.'_access')." SET expire=UNIX_TIMESTAMP()+300 WHERE ip='$ip4sql' AND expire<UNIX_TIMESTAMP()+300" ) ; |
|
| 1154 | ||
| 1155 | // call the filter first |
|
| 1156 | $ret = $this->call_filter('f5attack_overrun'); |
|
| 1157 | ||
| 1158 | // actions for F5 Attack |
|
| 1159 | $this->_done_dos = true; |
|
| 1160 | $this->last_error_type = 'DoS'; |
|
| 1161 | switch ($this->_conf['dos_f5action']) { |
|
| 1162 | default : |
|
| 1163 | case 'exit' : |
|
| 1164 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1165 | exit; |
|
| 1166 | case 'none' : |
|
| 1167 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1168 | ||
| 1169 | return true; |
|
| 1170 | case 'biptime0' : |
|
| 1171 | if ($can_ban) { |
|
| 1172 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
|
| 1173 | } |
|
| 1174 | break; |
|
| 1175 | case 'bip' : |
|
| 1176 | if ($can_ban) { |
|
| 1177 | $this->register_bad_ips(); |
|
| 1178 | } |
|
| 1179 | break; |
|
| 1180 | case 'hta' : |
|
| 1181 | if ($can_ban) { |
|
| 1182 | $this->deny_by_htaccess(); |
|
| 1183 | } |
|
| 1184 | break; |
|
| 1185 | case 'sleep' : |
|
| 1186 | sleep(5); |
|
| 1187 | break; |
|
| 1188 | } |
|
| 1189 | ||
| 1190 | return false; |
|
| 1191 | } |
|
| 1192 | ||
| 1193 | // Check its Agent |
|
| 1194 | if (trim($this->_conf['dos_crsafe']) != '' && preg_match($this->_conf['dos_crsafe'], @$_SERVER['HTTP_USER_AGENT'])) { |
|
| @@ 1210-1248 (lines=39) @@ | ||
| 1207 | // delayed insert |
|
| 1208 | $xoopsDB->queryF($sql4insertlog); |
|
| 1209 | ||
| 1210 | if ($crawler_count > $this->_conf['dos_crcount']) { |
|
| 1211 | ||
| 1212 | // call the filter first |
|
| 1213 | $ret = $this->call_filter('crawler_overrun'); |
|
| 1214 | ||
| 1215 | // actions for bad Crawler |
|
| 1216 | $this->_done_dos = true; |
|
| 1217 | $this->last_error_type = 'CRAWLER'; |
|
| 1218 | switch ($this->_conf['dos_craction']) { |
|
| 1219 | default : |
|
| 1220 | case 'exit' : |
|
| 1221 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1222 | exit; |
|
| 1223 | case 'none' : |
|
| 1224 | $this->output_log($this->last_error_type, $uid, true, 16); |
|
| 1225 | ||
| 1226 | return true; |
|
| 1227 | case 'biptime0' : |
|
| 1228 | if ($can_ban) { |
|
| 1229 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
|
| 1230 | } |
|
| 1231 | break; |
|
| 1232 | case 'bip' : |
|
| 1233 | if ($can_ban) { |
|
| 1234 | $this->register_bad_ips(); |
|
| 1235 | } |
|
| 1236 | break; |
|
| 1237 | case 'hta' : |
|
| 1238 | if ($can_ban) { |
|
| 1239 | $this->deny_by_htaccess(); |
|
| 1240 | } |
|
| 1241 | break; |
|
| 1242 | case 'sleep' : |
|
| 1243 | sleep(5); |
|
| 1244 | break; |
|
| 1245 | } |
|
| 1246 | ||
| 1247 | return false; |
|
| 1248 | } |
|
| 1249 | ||
| 1250 | return true; |
|
| 1251 | } |
|
