Merge pull request #1453 from annando/ddos-with-gprobe

Prevention for DDoS attach through gprobe
7 years ago · 1a62a6ca92
2 changed files with 30 additions and 0 deletions
--- a/boot.php
+++ b/boot.php
@ -2181,6 +2181,20 @@ function get_my_url() {
 function zrl_init(&$a) {
 	$tmp_str = get_my_url();
 	if(validate_url($tmp_str)) {
+
+		// Is it a DDoS attempt?
+		// The check fetches the cached value from gprobe to reduce the load for this system
+		$urlparts = parse_url($tmp_str);
+
+		$result = Cache::get("gprobe:".$urlparts["host"]);
+		if (!is_null($result)) {
+			$result = unserialize($result);
+			if ($result["network"] == NETWORK_FEED) {
+				logger("DDoS attempt detected for ".$urlparts["host"]." by ".$_SERVER["REMOTE_ADDR"].". server data: ".print_r($_SERVER, true), LOGGER_DEBUG);
+				return;
+			}
+		}
+
 		proc_run('php','include/gprobe.php',bin2hex($tmp_str));
 		$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
 		call_hooks('zrl_init',$arr);
--- a/include/gprobe.php
+++ b/include/gprobe.php
@ -41,7 +41,23 @@ function gprobe_run(&$argv, &$argc){

 	if(! count($r)) {

+		// Is it a DDoS attempt?
+		$urlparts = parse_url($url);
+
+		$result = Cache::get("gprobe:".$urlparts["host"]);
+		if (!is_null($result)) {
+			$result = unserialize($result);
+			if ($result["network"] == NETWORK_FEED) {
+				logger("DDoS attempt detected for ".$urlparts["host"]." by ".$_SERVER["REMOTE_ADDR"].". server data: ".print_r($_SERVER, true), LOGGER_DEBUG);
+				return;
+			}
+		}
+
 		$arr = probe_url($url);
+
+		if (is_null($result))
+			Cache::set("gprobe:".$urlparts["host"],serialize($arr));
+
 		if(count($arr) && x($arr,'network') && $arr['network'] === NETWORK_DFRN) {
 			q("insert into `gcontact` (`name`,`url`,`nurl`,`photo`)
 				values ( '%s', '%s', '%s', '%s') ",