Код:
<?php
////////////////////////////////////////////////////////////
Antiddos PHP Skripta, by Serbian Cyber Team === ==== SCT-Rаd nа iptаbles! Nаlepite u početku skriptа preko Include Za AntiDDOS operaciju potrebno je dа imаte pristup funkciji "system" i iptаbles komаnde. Ako to nemate, sve blokirаne IPS idu u "bаnned_ips '. Najbolje je da se AntiDDOS stavlja na VPS ili dedicated servere.
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
*/
$debug = false; // debug mode, disabled ban, Jednostavno pokazuje dali je ip bio banovan ili nije.
if ($debug) error_reporting(E_ALL);
else error_reporting(0);
/* Possible values - $ddos 1-5:
| 1. Provera pomocu cookies
| 2. Dupla provera $_GET antiddos-a i meta refresh-a
| 3. Zahtev za WWW-Authenticate
| 4. Onemogucuje sajt u potpunosti,botovi se jedino neblokiraju...
| 5. Iskljucite sajt ako je veliko opterecenje botovi se neiskljucuju...
*/
$ddos = 1;
$log = false;
$dir = dirname(__file__) . '/cyki_bots/'; //DDOS log direktorijum, kreirajte kao chmod 777
$ddos_redirect_host = 'http://google.com/'; // Preusmerenje DDOS-a
$icq = '123456'; //Admins ICQ
$off_message = 'Trenutno je sajt opterecen.'; //Poruka ako je sajt srusen.
$anticyka = md5(sha1('botik' . strrev(getenv('HTTP_USER_AGENT'))));
$ban_message = 'Banovan si ako mislis da je greska kontaktuj administratora email:postavite svoj:' .
$icq . '<hr>(c)XakNet antiddos module'; // Ban poruka
$exec_ban = "iptables -A INPUT -s " . $_SERVER["REMOTE_ADDR"] . " -j DROP"; // для iptables(Debian/ubuntu/etc)
$load = sys_getloadavg(); // Funkcija za preuzimanje opterecenja \=\
$ddosuser = 'lol_ddos';
$ddospass = substr(ip2long($_SERVER['REMOTE_ADDR']), 0, rand(2, 4));
//nije testirano //Proverite:
$google = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "googlebot.com") !== false;
$yandex = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "yandex.ru") !== false;
$rambler = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "ramtel.ru") !== false;
$rambler2 = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "rambler.ru") !== false;
$aport = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "aport.ru") !== false;
$sape = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "sape.ru") !== false;
$msn = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "msn.com") !== false;
$yahoo = strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), "yahoo.net") !== false;
//
if(!file_exists($dir . 'banned_ips')) file_put_contents($dir . 'banned_ips', '');
if (strstr(file_get_contents($dir . 'banned_ips'), $_SERVER['REMOTE_ADDR']))
die($ban_message); //GTFO )
if (! $google || ! $yandex || ! $rambler || ! $rambler2 || ! $aport || ! $sape ||
! $msn || ! $yahoo) {
$f = fopen($dir . $_SERVER["REMOTE_ADDR"], "a");
fwrite($f, "zapros cyka\n");
fclose($f);
function ban()
{
if (! system($exec_ban)) {
$f = fopen($dir . 'banned_ips', "a");
fwrite($f, $_SERVER['REMOTE_ADDR'] . '|');
fclose($f);
}
echo $ban_message;
header('Location: ' . $ddos_redirect_host . '');
die();
}
switch ($ddos) {
///////////////////////////
case 1:
if (empty($_COOKIE['ddos']) or ! $_COOKIE['ddos']) {
$counter = @file($dir . $_SERVER["REMOTE_ADDR"]);
setcookie('ddos', $anticyka, time() + 3600 * 24 * 7 * 356);
if (count($counter) > 10) {
if (! $debug) ban();
else die("Blocked");
}
if (! $_COOKIE['ddos_log'] == 'bil') {
if (! $_GET['antiddos'] == 1) {
setcookie('ddos_log', 'bil', time() + 3600 * 24 * 7 * 356);
header("Location: ./?antiddos=1");
}
}
} elseif ($_COOKIE['ddos'] !== $anticyka) {
if (! $debug) ban();
else die("Blocked.");
}
break;
/////////////////////////
case 2:
if (empty($_COOKIE['ddos'])) {
if (empty($_GET['antiddos'])) {
if (! $_COOKIE['ddos_log'] == 'bil')
//Checking cookies for request
die('<meta http-equiv="refresh" content="0;URL=?antiddos=' . $anticyka . '" />');
} elseif ($_GET['antiddos'] == $anticyka) {
setcookie('ddos', $anticyka, time() + 3600 * 24 * 7 * 356);
setcookie('ddos_log', 'bil', time() + 3600 * 24 * 7 * 356);
}
else {
if (! $debug) {
ban();
die("Da prebaci liniju adrese");
}
else {
echo "Da prebaci liniju adrese";
die("Blocked.");
}
}
}
break;
case 3:
if (! isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] !== $ddosuser ||
$_SERVER['PHP_AUTH_PW'] !== $ddospass) {
header('WWW-Authenticate: Basic realm="Vvedite parol\': ' . $ddospass .
' | Login: ' . $ddosuser . '"');
header('HTTP/1.0 401 Unauthorized');
if (! $debug) ban();
else die("Blocked");
die("<h1>401 Unauthorized</h1>");
}
break;
case 4:
die($off_message); //Sajt onemogucen
break;
case 5:
if ($load[0] > 80) {
header('HTTP/1.1 503 Too busy, try again later');
die('<center><h1>503 Server too busy.</h1></center><hr><small><i>Server too busy. Please try again later. Apache server on ' .
$_SERVER['HTTP_HOST'] .
' at port 80 with <a href="http://serbiancyberteam.com/">ddos protect</a></i></small>');
}
break;
default:
break;
//////////////////////////
}
if ($_COOKIE['ddos'] == $anticyka) @unlink($dir . $_SERVER["REMOTE_ADDR"]);
}
......................................................................................
//////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////By Serbian Cyber Team////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////
......................................................................................
?>
