| |
|
Voir le sujet précédent :: Voir le sujet suivant
|
| Auteur |
Message |
| |
|
rog
WRInaute accro
Inscrit le: 21 Sep 2006
Messages: 1662
Localisation: sapucaia do sul (RS)
|
 Posté le : Sam Déc 02, 2006 20:32 Sujet du message: ma protection contre les spider [rules] |
|
|
bon je suis en train de terminer mon script de protection contre les spiders
j'ai mis le palier à 5 hits sur 10 secondes
est ce que c'est raisonnable ?
rog |
|
| |
|
 |
rog
WRInaute accro
Inscrit le: 21 Sep 2006
Messages: 1662
Localisation: sapucaia do sul (RS)
|
| Posté le : Lun Déc 04, 2006 18:05 Sujet du message: ma protection contre les spider [rules] |
|
|
nouvelle formule tout en 1 (protection + logger)
| Code: |
#################################################################################################
# rog secure query & log V0.2
#
# 03/12/2006
#
# this script attempt to sanitize the query string (GET sended var)
#
# it will check if the user is trusted (search engine spider) and log the visit
# the untrusted query by untrusted users will be redirected to ban.php
#
#
#
# #################################################################
# # the log #
# #################################################################
#
# then it will log the visit on 3 ways :
#
# 1)normal user ip and user agent
# - it will log the ip + user_agent
# - SCRIPT_DIR + LOG_DIR + USER_LOG_FILE
#
# 2)search engine spider
# - it will log the spider visited pages spider + url + date
# - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_LOG_FILE
#
# 3)temporary user for flooding protection
# - ip = directory
# - filename = timestamp
# - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_TMP_DIR
# - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_BAN_DIR
#
#
# #################################################################
# # the protection #
# #################################################################
#
# A) the script actions
# 1) data extractions
# - ips address and user agent
# - checking it the user agent is trusted ?
# - user ==> engine name ==> spider log and exit
# - untrusted user ==> script forward
#
# 2) forbidden string checking
# - it will only check untrusted user by ips
# - returns true/false ?
# - true ==> BAN_FILE redirection
# - false ==> script forward
#
# 3) flood checking
# - it will only check untrusted user by ips
# - it has to be something very light to check
# - first of all we log the ips + timestamp
# - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_TMP_DIR
# - checking if dirname exists ? the dir for finding the ips, if matches finded
# - open the dir and grep the filenames < time max, make a sum if sum >= max entry ==> BAN_FILE redirection
# - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_BAN_DIR
#
#
# #################################################################
# # var declaration #
# #################################################################
#
# some path have to be declared as const :
#
# - SCRIPT_DIR ==> main script dir | this allows you to make a general site protection or folder protection
# - LOG_DIR ==> directory logging dirname
# - USER_DIR ==> path to the user log
# - SPIDER_DIR ==> the spider log dirname
#
# - BAN_FILE ==> path to the ban.php file
# - USER_LOG_FILE ==> user log filename
# - SPIDER_LOG_FILE ==> spider log filename
# - SPIDER_TMP_DIR ==> spider log filename
#
|
|
|
+-------+-------+
| SCRIPT_DIR |
+-------+-------+
|
|
|
+-------+-------+
| LOG_DIR |
+-----------------------+---------------+-------------------+
| |
| |
| |
| |
+-------+-------+ +-------+-------+
| USER_DIR | | SPIDER_DIR |
+-----------+-------+-------+---------+ +-----------+-------+-------+---------+
| | | | | |
| | | | | |
| | | | | |
| | | | | |
/-----+-------/ +------+------+ +------+------+ /------+--------/ +------+------+ +------+------+
/USER_LOG_FILE/ | TMP_DIR | | BAN_DIR | /SPIDER_LOG_FILE/ | TMP_DIR | | BAN_DIR |
/-------------/ +------+------+ +------+------+ /---------------/ +------+------+ +------+------+ |
|
|
| |
|
|
| |
|
|
|
|
Autres sujets de discussion :
|
|
