lonelywolf

lonelywolf supports this item

Supported

11 comments found.

Hi, useful item you got here. Question: Will you install and setup this for me if I can’t do it myself? Obviously after I purchased it.

Yes, sure. You can send me the project or just the ftp account so that i can remote edit your index.php or something similar in your project.

Thanks, bookmarked.

Hi

Does monitor.php automatically display the access log of own site? Is there time delay until presentation? Can an access history of non-DOS user like me be displayed?

I installed and tested but no log has been displayed. I could set the banned IP. I try to set little more. I will inquire you if I will be lost.

I’m sorry if I made the besides the point inquiry since I am not a native and not good at reading the manual correctly. thanks

Thanks for your reply. I understood it. I set the minAccessDisplay as 1 and it was displayed. That’s a great program. I liked it. I really want a program which can track changes of entire pages.

Also,I feel that Ban button of monitor.php does not function, does this occur only to me? s1.gazo.cc/up/55423.gif

Nice to hear good news from you. I will check the ban button on monitor.php, thank you.

Hi monbran4989, i fixed your reported bug, thank so much!

can ignore Google bot or not?

You can setting ignoreIpAddress in DosDetector class to ignore Bot Ip Address. If you detect Bot by User Agent, you must change the run() method to adapt your need.

@lonelywolf is there a clear way to avoid blocking search engine bots?

We cannot know the IP from all SE Bots nor their user agents in details as many may change their version very often (weekly), and the use of wildcards is excluded right from the start or the server will not handle the script itself.

To tell the truth i think i don’t understand an exact way of how your script is working :( can you please help !?

Hi, beside ip of search robot, we can only detect them base on User Agent of request. I will update the code soon to detect some popular search engine. Regards.

Ok DEV, got your item but is giving lots o conflicts and errors :(

Did tried to DDOS one of my vps servers to see if the script stops the attacker IP but it didn’t :( not even a basic mass PING -t

Though i didn’t managed to kill the server …it seems that the class. file generates lots of conflicts and it filled the logs with a bunch of errors and sent you a PM example.

can you please help?

Dear, my script just a DoS detect and preventing, not a DDoS. Because my script log base on IP Address to detect flood from an IP to prevent & block this ip address from accessing to your server.

Our script is not output error message, it just the Notice message from PHP because in your production website, you do not config to disable Notice and all error/warning message from your PHP website. Just chagne error_reporting mode, all the Notice will disappeare.

Regards.

damn just saw to late this is not a wordpress site plugin… unfortunaly i purchased already… is there a chance to make it run on wp?

Dear sir, it can run standalone with wordpress. You can check if your web server is support/installed APC cache. If it enable, just copy our project to your web directory, edit your wordpress /index.php file to intergrate, it’s easy. If you do not know how to edit, i can help you :). Regards.

Dear lonelywolf, How many requests per sec. are set to trigger the auto ban system and is that option available to change via the admin panel? Also is there an option to set for how long the IP will be kept banned ( the duration of the auto ban )?

Hi, default, if from an ipaddress makes 100 request/sec will be banned. This will be ban for 1 hour. You can tweak the IPS behaviour of class to intergrate with your system to ban this IP permanent. Thanks.

Thanks for this great tool! This can save a server from a application layer attack if you’re using a heavy framework or heavy-operations sections on your site.

Just would like to point a little correction I found regarding the IDS Trigger:

The comparison was like this:

if($accessList[$ipaddress][$curTime] > self::PHPIDS_QUOTA_IDS_TRIGGER)
{
$this->idsWorker();
}

Should be like these else you’re not really grabbing requests per second:

if($accessList[$ipaddress][$curTime][0] > self::PHPIDS_QUOTA_IDS_TRIGGER)
{
$this->idsWorker();
}

(Note the last array key corresponding to the number of requests in that second)

Will this block any kind of DDOS attack? Doesn’t matter how much powerful the attack is?

Hi, as point out, this script will tracking to detect base on IP Address. So, it can not prevent DDOS attack (and all sort of php scripts can not prevent ddos attack). To prevent ddos attack, you need to implement more security layer in low layer in OSI model. Thanks.

PHP DosDetector Class >> is this good for check and delete malicious IPs of any website ? thanks

Hi,

How to know if I have APC installed ? because it is required !

thanks :)

and if I don’t have it, is there any alternative ? (Memcache doesnt seem to be installed neither..)

by
by
by
by
by
by