Merge pull request #1453 from annando/ddos-with-gprobe
Prevention for DDoS attach through gprobe
This commit is contained in:
commit
1a62a6ca92
14
boot.php
14
boot.php
|
@ -2181,6 +2181,20 @@ function get_my_url() {
|
|||
function zrl_init(&$a) {
|
||||
$tmp_str = get_my_url();
|
||||
if(validate_url($tmp_str)) {
|
||||
|
||||
// Is it a DDoS attempt?
|
||||
// The check fetches the cached value from gprobe to reduce the load for this system
|
||||
$urlparts = parse_url($tmp_str);
|
||||
|
||||
$result = Cache::get("gprobe:".$urlparts["host"]);
|
||||
if (!is_null($result)) {
|
||||
$result = unserialize($result);
|
||||
if ($result["network"] == NETWORK_FEED) {
|
||||
logger("DDoS attempt detected for ".$urlparts["host"]." by ".$_SERVER["REMOTE_ADDR"].". server data: ".print_r($_SERVER, true), LOGGER_DEBUG);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
proc_run('php','include/gprobe.php',bin2hex($tmp_str));
|
||||
$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
|
||||
call_hooks('zrl_init',$arr);
|
||||
|
|
|
@ -41,7 +41,23 @@ function gprobe_run(&$argv, &$argc){
|
|||
|
||||
if(! count($r)) {
|
||||
|
||||
// Is it a DDoS attempt?
|
||||
$urlparts = parse_url($url);
|
||||
|
||||
$result = Cache::get("gprobe:".$urlparts["host"]);
|
||||
if (!is_null($result)) {
|
||||
$result = unserialize($result);
|
||||
if ($result["network"] == NETWORK_FEED) {
|
||||
logger("DDoS attempt detected for ".$urlparts["host"]." by ".$_SERVER["REMOTE_ADDR"].". server data: ".print_r($_SERVER, true), LOGGER_DEBUG);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
$arr = probe_url($url);
|
||||
|
||||
if (is_null($result))
|
||||
Cache::set("gprobe:".$urlparts["host"],serialize($arr));
|
||||
|
||||
if(count($arr) && x($arr,'network') && $arr['network'] === NETWORK_DFRN) {
|
||||
q("insert into `gcontact` (`name`,`url`,`nurl`,`photo`)
|
||||
values ( '%s', '%s', '%s', '%s') ",
|
||||
|
|
Loading…
Reference in a new issue