Advertisement
DSTAT

ddosfilter.net | php http firewall

Dec 22nd, 2022 (edited)
2,274
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.47 KB | Cybersecurity | 0 0
  1. <?php
  2. /*
  3.  * @package     PHP HTTP Firewall
  4.  * @author      DSTAT | @DDoS_Filter
  5.  * @copyright   Copyright © [2023] [@DDoS_Filter] https://www.copyright.gov/dmca/
  6.  * @file        /firewall.php
  7.  * @version     2.0
  8.  * @site        http://ddosfilter.net
  9.  * @comment     Public release of firewall.php from http://ddosfilter.net/
  10.  
  11. *********************************************************************************
  12. SETUP: (Based on stock apache2 install on ubuntu)
  13. 1.
  14. In the terminal command line of your server type:
  15. crontab -e
  16. (If prompted to choose a text editor choose nano.)
  17.  
  18. 2.
  19. Paste these 2 lines (lines 22 and 23) into the crontab and save: (Change directory to match your setup.)
  20. */// Don't Include the first 2 // when you copy and paste!
  21.  
  22. // */1 * * * * > /var/www/html/firewall/connections.txt
  23. // 0 */1 * * * > /var/www/html/firewall/blacklist.txt
  24.  
  25. /*
  26. 3.
  27. Press Ctrl + o
  28. Press Enter
  29. Press Ctrl + x
  30.  
  31. 4.
  32. Run this command in terminal:
  33. mkdir /var/www/html/firewall/ && > /var/www/html/firewall/connections.txt && > /var/www/html/firewall/blacklist.txt && chmod 646 /var/www/html/firewall/connections.txt && chmod 646 /var/www/html/firewall/blacklist.txt
  34.  
  35. 5.
  36. Run this command in terminal:
  37. nano /var/www/html/firewall/firewall.php
  38.  
  39. 6.
  40. *Paste this entire document into the terminal window.*
  41.  
  42. 7.
  43. Press Ctrl + o
  44. Press Enter
  45. Press Ctrl + x
  46.  
  47. OR:
  48. Manually add firewall.php to the /var/www/html/firewall/ directory.
  49.  
  50. Done!
  51.  
  52. 8.
  53. To protect a .php page with firewall.php add this code to the top of your php pages:
  54. require '/var/www/html/firewall/firewall.php';
  55.  
  56. **********************************************************************************/
  57.  
  58.  
  59. $l7path = '/var/www/html/firewall/';        // Full path to firewall files.
  60. $title = 'IP Blocked By @DDoS_Filter';      // Page title when displaying firewall.php.
  61. $iplimit = 30;                              // SETS MAX REQUESTS PER MINUTE LIMIT.
  62. $ualimit = 40;                              // SETS MAX TIMES A USERAGENT CAN BE USED IN A MINUTE.
  63. $enable_protection = true;                  // Disables all protection.
  64.  
  65. if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
  66.     $CFrequest = true;
  67.     $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
  68. } else {
  69.     $CFrequest = false;
  70.     $ip = $_SERVER['REMOTE_ADDR'];
  71. }
  72.  
  73. if ($enable_protection === true) {
  74.    
  75.     // Spam filters
  76.     $spam = false;
  77.     if (isset($_SERVER['HTTP_USER_AGENT']) && strlen($_SERVER['HTTP_USER_AGENT']) > 32) {
  78.         $ua = substr($_SERVER['HTTP_USER_AGENT'],0,150);
  79.         if (
  80.             (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER))    // Block Most HTTP Proxies
  81.             // || strpos($ua, 'WordPress') !== false                // Block WordPress
  82.             // || strlen($_SERVER['QUERY_STRING']) > 40             // Block Large QUERY_STRING. Example: file.php?id=lsdlfjsdfjdsklfklsd&user=lskjflsdjfjskfsjlflskjdj...
  83.             // || strlen($_SERVER['REQUEST_URI']) > 50              // Block Large REQUEST_URI. Example: /a/b/c/d/e/f/g/h/islkfsljfd/example.php?id=lsdlfjsdfjdsklfklsd...
  84.         )
  85.         {
  86.             die('Request Detected As Spam And Was Blocked');
  87.         }
  88.     } else {
  89.         die('Request Detected As Spam And Was Blocked');
  90.     }
  91.     // Spam filters
  92.  
  93.     if (($blacklist = fopen($l7path.'blacklist.txt', 'r')) !== false) { // Blacklist
  94.         while (!feof($blacklist)) {
  95.             $bip = fgets($blacklist); // Read IP
  96.             if (strlen($ip."\n") == strlen($bip)) { // Check IPs lengths
  97.                 if (strpos($bip, $ip) !== false) { // Check if IP is blacklisted
  98.                     fclose($blacklist);
  99.                     die('<html><head><title>'.$title.'</title></head><body><center><h1>Your IP is temporarily blacklisted.</h1></center></body></html>');
  100.                 }
  101.             }
  102.         }
  103.         fclose($blacklist);
  104.         $blacklist = ''; // Free up resources
  105.     } else {
  106.         die('Error: Unable to process request. (blacklist file error');
  107.     }
  108.  
  109.     file_put_contents($l7path.'connections.txt',$ip.' '.$ua."\n", FILE_APPEND | LOCK_EX); // Add IP to temp connections list
  110.     $tempconns = file_get_contents($l7path.'connections.txt') or die('Error: Unable to process request. (conns file error)'); // Read temp IP file
  111.  
  112.     $ipcount = substr_count($tempconns,$ip); // Count IPs requests
  113.     if ($ipcount == $iplimit) {
  114.         $spam = true;
  115.     } else {
  116.         $uacount = substr_count($tempconns,$ua); // Count Useragents requests
  117.         if ($uacount >= $ualimit) {
  118.             $spam = true;
  119.         }
  120.     }
  121.     $tempconns = ''; // Free up resources
  122.  
  123.     if ($spam === true) { // Conditions for blacklisting connections
  124.         file_put_contents($l7path.'blacklist.txt',$ip."\n", FILE_APPEND); // Add IP to blacklist
  125.         die('<html><head><title>'.$title.'</title></head><body><center><h1>Your IP ('.$ip.') has been temporarily blacklisted. Please try again later.</h1></center></body></html>');
  126.     }
  127. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement