From: Michael Vogel Date: Sat, 28 Mar 2015 07:29:01 +0000 (+0100) Subject: Preventing a DDoS with the zrl parameter. X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=0206f447e1946af2302c108285b05de16f1b5d1a;p=friendica.git Preventing a DDoS with the zrl parameter. --- diff --git a/boot.php b/boot.php index 9f6598e927..3d4744d9b1 100644 --- a/boot.php +++ b/boot.php @@ -2181,6 +2181,20 @@ function get_my_url() { function zrl_init(&$a) { $tmp_str = get_my_url(); if(validate_url($tmp_str)) { + + // Is it a DDoS attempt? + // The check fetches the cached value from gprobe to reduce the load for this system + $urlparts = parse_url($url); + + $result = Cache::get("gprobe:".$urlparts["host"]); + if (!is_null($result)) { + $result = unserialize($result); + if ($result["network"] == NETWORK_FEED) { + logger("DDoS attempt detected for ".$urlparts["host"], LOGGER_DEBUG); + return; + } + } + proc_run('php','include/gprobe.php',bin2hex($tmp_str)); $arr = array('zrl' => $tmp_str, 'url' => $a->cmd); call_hooks('zrl_init',$arr); diff --git a/include/gprobe.php b/include/gprobe.php index 52c5483c87..3f3164f763 100644 --- a/include/gprobe.php +++ b/include/gprobe.php @@ -41,7 +41,23 @@ function gprobe_run(&$argv, &$argc){ if(! count($r)) { + // Is it a DDoS attempt? + $urlparts = parse_url($url); + + $result = Cache::get("gprobe:".$urlparts["host"]); + if (!is_null($result)) { + $result = unserialize($result); + if ($result["network"] == NETWORK_FEED) { + logger("DDoS attempt detected for ".$urlparts["host"], LOGGER_DEBUG); + return; + } + } + $arr = probe_url($url); + + if (is_null($result)) + Cache::set("gprobe:".$urlparts["host"],serialize($arr)); + if(count($arr) && x($arr,'network') && $arr['network'] === NETWORK_DFRN) { q("insert into `gcontact` (`name`,`url`,`nurl`,`photo`) values ( '%s', '%s', '%s', '%s') ",