ma protection contre les spider [rules]

**le Sam Déc 02, 2006 20:32**

bon je suis en train de terminer mon script de protection contre les spiders

j'ai mis le palier à 5 hits sur 10 secondes

est ce que c'est raisonnable ?

rog

**le Lun Déc 04, 2006 18:05**

nouvelle formule tout en 1 (protection + logger)

Code: Tout sélectionner: ################################################################################################# # rog secure query & log V0.2 # # 03/12/2006 # # this script attempt to sanitize the query string (GET sended var) # # it will check if the user is trusted (search engine spider) and log the visit # the untrusted query by untrusted users will be redirected to ban.php # # # # ################################################################# # # the log # # ################################################################# # # then it will log the visit on 3 ways : # # 1)normal user ip and user agent # - it will log the ip + user_agent # - SCRIPT_DIR + LOG_DIR + USER_LOG_FILE # # 2)search engine spider # - it will log the spider visited pages spider + url + date # - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_LOG_FILE # # 3)temporary user for flooding protection # - ip = directory # - filename = timestamp # - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_TMP_DIR # - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_BAN_DIR # # # ################################################################# # # the protection # # ################################################################# # # A) the script actions # 1) data extractions # - ips address and user agent # - checking it the user agent is trusted ? # - user ==> engine name ==> spider log and exit # - untrusted user ==> script forward # # 2) forbidden string checking # - it will only check untrusted user by ips # - returns true/false ? # - true ==> BAN_FILE redirection # - false ==> script forward # # 3) flood checking # - it will only check untrusted user by ips # - it has to be something very light to check # - first of all we log the ips + timestamp # - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_TMP_DIR # - checking if dirname exists ? the dir for finding the ips, if matches finded # - open the dir and grep the filenames < time max, make a sum if sum >= max entry ==> BAN_FILE redirection # - SCRIPT_DIR + LOG_DIR + SPIDER_DIR + SPIDER_BAN_DIR # # # ################################################################# # # var declaration # # ################################################################# # # some path have to be declared as const : # # - SCRIPT_DIR ==> main script dir | this allows you to make a general site protection or folder protection # - LOG_DIR ==> directory logging dirname # - USER_DIR ==> path to the user log # - SPIDER_DIR ==> the spider log dirname # # - BAN_FILE ==> path to the ban.php file # - USER_LOG_FILE ==> user log filename # - SPIDER_LOG_FILE ==> spider log filename # - SPIDER_TMP_DIR ==> spider log filename # | | | +-------+-------+ | SCRIPT_DIR | +-------+-------+ | | | +-------+-------+ | LOG_DIR | +-----------------------+---------------+-------------------+ | | | | | | | | +-------+-------+ +-------+-------+ | USER_DIR | | SPIDER_DIR | +-----------+-------+-------+---------+ +-----------+-------+-------+---------+ | | | | | | | | | | | | | | | | | | | | | | | | /-----+-------/ +------+------+ +------+------+ /------+--------/ +------+------+ +------+------+ /USER_LOG_FILE/ | TMP_DIR | | BAN_DIR | /SPIDER_LOG_FILE/ | TMP_DIR | | BAN_DIR | /-------------/ +------+------+ +------+------+ /---------------/ +------+------+ +------+------+

ma protection contre les spider [rules]

ma protection contre les spider [rules]

Lectures recommandées sur ce thème :

Qui est en ligne