dongxixia6399 2016-09-27 08:51
浏览 65
已采纳

php - Antiflood - 如何限制每秒2个请求

I have an anti flood function,

if (!isset($_SESSION)) {
    session_start();
}

if($_SESSION['last_session_request'] > time() - 1){
die();
}

$_SESSION['last_session_request'] = time();

If user requests more than 1 request in 1 second, script stops itself. What I want to do is, I need to allow 2 requests per second maximum (instead of 1). How can I do that ?

  • 写回答

1条回答 默认 最新

  • douyan1321 2016-09-27 08:59
    关注

    I would do it this way:

    <?
$time_interval = 1;#In seconds
$max_requests = 2;
$fast_request_check = ($_SESSION['last_session_request'] > time() - $time_interval);

if (!isset($_SESSION)) 
{
    # This is fresh session, initialize session and its variables
    session_start();
    $_SESSION['last_session_request'] = time();
    $_SESSION['request_cnt'] = 1;
}
elseif($fast_request_check && ($_SESSION['request_cnt'] < $max_requests))
{
   # This is fast, consecutive request, but meets max requests limit
   $_SESSION['request_cnt']++;
}
elseif($fast_request_check)
{
    # This is fast, consecutive request, and exceeds max requests limit - kill it
    die();
}
else
{
    # This request is not fast, so reset session variables
    $_SESSION['last_session_request'] = time();
    $_SESSION['request_cnt'] = 1;
}

    One thing, though - it will not protect You from DDoS attacks, if You are trying to do this king of thing. Session in PHP can be easily dropped, and even if not, multiple sessions can be created from one client. Read this discussion if You want to know more about protection.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

  • php - Antiflood - 如何限制每秒2个请求 php
    2016-09-27 08:51
    回答 1 已采纳 I would do it this way: <? $time_interval = 1;#In seconds $max_requests = 2; $fast_request_che
  • steam-chat-antiflood:防洪
    2021-07-04 01:26
    Steam 聊天室防洪 此工具的目的是自动从 Steam 聊天室中踢出有问题的用户。 如果用户执行以下操作,则会被视为有问题: 一遍又一遍地发送相同的消息 短时间内发送大量消息(洪水) 要自定义用户检测的方式,您...
  • Laravel开发-antiflood
    2019-08-28 16:52
    Laravel开发-antiflood 请求Laravel防洪
  • antiflood:保护Apache免受HTTP泛滥
    2021-05-16 03:54
    该库需要PHP >= 5.x和Apache 2.x但是如果您仍在使用PHP4,它可能也可以在PHP4上运行。 您必须已启用mod_status并且在Apache中可以通过127.0.0.1/localhost对其进行查看,扫描器才能正常工作。 安装 要安装,请将...
  • Sentinel:反垃圾邮件安全保护 Antiflood
    2021-06-12 01:50
    Sentinel 应用程序。句法: [站点网址]/sentinel/validate?ip=[ip_address]&email=[email]&username=[用户名] 您至少需要提供以下参数之一:ip、email、username 可选参数: &format=[json|text]&apikey=[apikey]&...
  • Yii-SwiftMailer:Yii 框架版本 1.x 的 Swiftmailer 包装器
    2021-06-05 13:34
    Swiftmailer 的插件(AntiFlood、Throtter、Logger) 您可以在查看官方文档安装使用作曲家: 如果您使用 Composer 管理项目的依赖项,只需将“ikirux/yii-swift-mailer”的依赖项添加到您项目的 composer.json 文件...
  • AntiFlood-dcbot:一个不和谐的机器人,它使淹没消息的人静音,写在Node.js中
    2021-04-30 01:04
    通过在您Linux终端上执行git clone https://github.com/Yonle/AntiFlood-dcbot来克隆此github存储库。 安装所需的npm软件包: 创建一个名为.env的文件,并填写: TOKEN= 通过执行node .启动不和谐的反泛滥机器人...
  • uLme | Anti-Flood-crx插件
    2021-04-02 17:23
    谷歌Chrome扩展为阻止聊天室UOL的洪水 ulme希望聊天是一个空间,所有用户都可以拥有光明和有趣的交互,所以我们为尚未成为我们社区的人创造了一个小的谷歌Chrome的扩展名。 针对优质娱乐,Ulme希望很快您将测试我们...
  • php 邮件模板,GitHub - yuan1994/tp-mailer: 一个优美的php邮件类tp-mailer,支持邮件模板、纯文本、附件邮件发送以及更多邮件功能, 邮件发送简单到只需一行代码,...
    2021-03-31 08:08
    biiiiiiiiq的博客 Tp Mailer一款支持所有PHP框架的优美的邮件发送类,ThinkPHP系列框架开箱即用,其他框架初始化配置即可使用基于 SwiftMailer 二次开发, 为 ThinkPHP系列框架量身定制, 使 ThinkPHP 支持邮件模板、纯文本、附件邮件...
  • HTTP Anti Flood/DoS Security Module:检测Flooder IP,减少针对HTTP Flood攻击的攻击面-开源
    2021-05-09 00:59
    您可以通过将“ iosec.php”包含在任何要删除PHP文件中来使用此模块受保护的。 您可以在此处测试模块:http://www.iosec.org/test.php(demo)观看概念证明视频:http://goo.gl/dSiAL Hakin9 IT安全杂志关于IOSEC的...
  • 40+ Must-Bookmark PHP Classes & Libraries For Developing Faster
    2011-10-10 08:34
    hanson-leung的博客 PHP, being the most popular scripting language, has lots of documentation, tutorials and resources about itself. And, as a feature-rich l
  • requests请求几个参数
    2022-04-09 00:29
    那些年错过的东西的博客 url="https://www.baidu.com" #请求的地址 header={ "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Edg/91.0.864.
  • 40+ Must-Bookmark PHP Classes & Libraries For D...
    2013-03-28 11:40
    weixin_34315485的博客 2019独角兽企业重金招聘...PHP Payment Library for Paypal, Authorize.net and 2Checkout (2CO) If you want to use these providers at the same time in a project, the library offers an API which ...
  • mailer deamon_使用Swift Mailer发送电子邮件
    2020-08-12 06:37
    culi3118的博客 mailer deamonSending emails programmatically is a common task that programmers must deal with ... Although you can use PHP’s native functions, they can be too low-level, especially when you want to...
  • 使用Python爬取天猫商品详情与评论(包含sign加密分析)
    2023-11-28 09:00
    吴秋霖的博客 出来的不就是sign嘛,稍后看h加密函数,现在要看的主要是明文的组成部分,token应该是固定值: i的话是一个13位的时间戳,g是请求内的appKey参数值(固定的)之后就是data也是请求参数可以拿到的 在调试过程中,根据...
  • Python爬虫--爬取淘宝热卖demo,最后保存数据到excel,根据输入开始页码结束页码爬取
    2023-08-23 18:04
    执着的风声的博客 3、爬取数据需要提取url、User-Agent、Cookie。需要复制到代码中,时间太久Cookie会失效,出现令牌过期,只需要获取新的url和Cookie就行。2、按F12 打开网络(network),...注1:只是用来简单练习,不会频繁且恶意请求
  • 15个经典面试问题薪资,Python获取优酷真实m3u8播放链接,成品来了,Python基础面试题
    2024-04-22 20:09
    2401_84121789的博客 三、全套PDF电子书 书籍的好处就在于权威和体系健全,刚开始学习的时候你可以只看视频或者听某个人讲课,但等你学完之后,你觉得你掌握了,这时候建议还是得去看一下书籍,看权威技术书籍也是每个程序员必经之路。...
  • x宝评论抓取
    2023-06-10 12:57
    星云牛马的博客 //这个就是时间戳而已 var s = '12574478' //这个参数在js的上面能看到是固定的,多次请求也能发现 var p1 = token + "&" + l + "&" + s + "&" + data //进行拼接 我们把上面的拼接后的值去MD5加密看看,待会和网页...
  • python3爬虫(4)各种网站视频下载方法
    2019-01-09 11:06
    H-KING的博客 理论上来讲只要是网上(浏览器)能看到图片,...http://acs.youku.com/h5/mtop.youku.play.ups.appinfo.get/1.1/?jsv=2.5.0&appKey=24679788&t=1547091011531&sign=be34df75c65e2e871e720039252ee056&api=mtop.youku.play.ups.appinfo.get&v=1.1&timeout=20000&YKPid=20160317PLF000211&YKLoginRequest=true&AntiFlood=true&AntiCreep=true&type=jsonp&dataType=jsonp&callback=mtopjsonp1&data=%7B%22steal_params%22%3A%22%7B%5C%22ccode%5C%22%3A%5C%220502%5C%22%2C%5C%22client_ip%5C%22%3A%5C%22192.168.1.1%5C%22%2C%5C%22utid%5C%22%3A%5C%22cKsgFHBPZVECAXUjhXp%2Bu8Ip%5C%22%2C%5C%22client_ts%5C%22%3A1547091011%2C%5C%22version%5C%22%3A%5C%220.6.8%5C%22%2C%5C%22ckey%5C%22%3A%5C%22DIl58SLFxFNndSV1GFNnMQVYkx1PP5tKe1siZu%2F86PR1u%2FWh1Ptd%2BWOZsHHWxysSfAOhNJpdVWsdVJNsfJ8Sxd8WKVvNfAS8aS8fAOzYARzPyPc3JvtnPHjTdKfESTdnuTW6ZPvk2pNDh4uFzotgdMEFkzQ5wZVXl2Pf1%2FY6hLK0OnCNxBj3%2Bnb0v72gZ6b0td%2BWOZsHHWxysSo%2F0y9D2K42SaB8Y%2F%2BaD2K42SaB8Y%2F%2BahU%2BWOZsHcrxysooUeND%5C%22%7D%22%2C%22biz_params%22%3A%22%7B%5C%22vid%5C%22%3A%5C%22XMTQ2NzQyMjY1Ng%3D%3D%5C%22%7D%22%2C%22ad_params%22%3A%22%7B%5C%22vs%5C%22%3A%5C%221.0%5C%22%2C%5C%22pver%5C%22%3A%5C%220.6.8%5C%22%2C%5C%22sver%5C%22%3A%5C%221.0%5C%22%2C%5C%22site%5C%22%3A1%2C%5C%22aw%5C%22%3A%5C%22w%5C%22%2C%5C%22fu%5C%22%3A0%2C%5C%22d%5C%22%3A%5C%220%5C%22%2C%5C%22bt%5C%22%3A%5C%22pc%5C%22%2C%5C%22os%5C%22%3A%5C%22win%5C%22%2C%5C%22osv%5C%22%3A%5C%227%5C%22%2C%5C%22dq%5C%22%3A%5C%22auto%5C%22%2C%5C%22atm%5C%22%3A%5C%22%5C%22%2C%5C%22partnerid%5C%22%3A%5C%22null%5C%22%2C%5C%22wintype%5C%22%3A%5C%22interior%5C%22%2C%5C%22isvert%5C%22%3A0%2C%5C%22vip%5C%22%3A0%2C%5C%22emb%5C%22%3A%5C%22AjM2Njg1NTY2NAJ2LnlvdWt1LmNvbQIvdl9zaG93L2lkX1hNVFEyTnpReU1qWTFOZy5odG1s%5C%22%2C%5C%22p%5C%22%3A1%2C%5C%22...
  • 手机淘宝列表页面 的js调用展示
    2016-04-08 01:47
    zhangfeng1133的博客 // 请求页面数据, 开始解析 function getPageView() { // 从 location 获取页面参数 var params = [], PAGE_QUERY = {}, VIEW_DATA = {}; var page = window.G_msp_path?window.G_msp_path:'';//兼容店铺首页 ...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 c语言怎么用printf(“\b \b”)与getch()实现黑框里写入与删除?
  • ¥20 怎么用dlib库的算法识别小麦病虫害
  • ¥15 华为ensp模拟器中S5700交换机在配置过程中老是反复重启
  • ¥15 java写代码遇到问题,求帮助
  • ¥15 uniapp uview http 如何实现统一的请求异常信息提示?
  • ¥15 有了解d3和topogram.js库的吗?有偿请教
  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
  • ¥15 关于#Java#的问题,如何解决?