Preventing a DDoS with the zrl parameter.
This commit is contained in:
parent
dbb164ca4a
commit
0206f447e1
2 changed files with 30 additions and 0 deletions
14
boot.php
14
boot.php
|
@ -2181,6 +2181,20 @@ function get_my_url() {
|
|||
function zrl_init(&$a) {
|
||||
$tmp_str = get_my_url();
|
||||
if(validate_url($tmp_str)) {
|
||||
|
||||
// Is it a DDoS attempt?
|
||||
// The check fetches the cached value from gprobe to reduce the load for this system
|
||||
$urlparts = parse_url($url);
|
||||
|
||||
$result = Cache::get("gprobe:".$urlparts["host"]);
|
||||
if (!is_null($result)) {
|
||||
$result = unserialize($result);
|
||||
if ($result["network"] == NETWORK_FEED) {
|
||||
logger("DDoS attempt detected for ".$urlparts["host"], LOGGER_DEBUG);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
proc_run('php','include/gprobe.php',bin2hex($tmp_str));
|
||||
$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
|
||||
call_hooks('zrl_init',$arr);
|
||||
|
|
|
@ -41,7 +41,23 @@ function gprobe_run(&$argv, &$argc){
|
|||
|
||||
if(! count($r)) {
|
||||
|
||||
// Is it a DDoS attempt?
|
||||
$urlparts = parse_url($url);
|
||||
|
||||
$result = Cache::get("gprobe:".$urlparts["host"]);
|
||||
if (!is_null($result)) {
|
||||
$result = unserialize($result);
|
||||
if ($result["network"] == NETWORK_FEED) {
|
||||
logger("DDoS attempt detected for ".$urlparts["host"], LOGGER_DEBUG);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
$arr = probe_url($url);
|
||||
|
||||
if (is_null($result))
|
||||
Cache::set("gprobe:".$urlparts["host"],serialize($arr));
|
||||
|
||||
if(count($arr) && x($arr,'network') && $arr['network'] === NETWORK_DFRN) {
|
||||
q("insert into `gcontact` (`name`,`url`,`nurl`,`photo`)
|
||||
values ( '%s', '%s', '%s', '%s') ",
|
||||
|
|
Loading…
Reference in a new issue