I am looking for ideas for how I can stop external scripts connecting with my site. I'm looking for the same kind of idea behind Google. As in if a certain amount of requests are made per a certain amount of time then block the IP address or something. I thought there maybe a htaccess solution if not, I will write a PHP one.
Any ideas or links to existing methods or scripts is much appreciated.
PHPIDS might be what you want. "Currently the PHPIDS detects all sorts of XSS, SQL Injection, header injection, directory traversal, RFE/LFI, DoS and LDAP attacks."
From the FAQ:
require_once 'IDS/Init.php';
$request = array(
'REQUEST' => $_REQUEST,
'GET' => $_GET,
'POST' => $_POST,
'COOKIE' => $_COOKIE
);
$init = IDS_Init::init('IDS/Config/Config.ini');
$ids = new IDS_Monitor($request, $init);
$result = $ids->run();
if (!$result->isEmpty()) {
// Take a look at the result object
echo $result;
}
You can try with mod_evasive for Apache
Your question is somewhat ambiguous - are you wanting to prevent connections outright through Apache or are you wanting to block people from posting data (like Google does to prevent cross-site injections into their search)?
If you are wanting to prevent connections I would search for an Apache module that can regulate requests. If you are simply wanting form protection like Google does then you should look into generating form tokens.
When I build a form I typically generate a hidden input value that contains a token that is also saved in the user's session, and the form will refuse to process unless both tokens are present and match, making it difficult for people to submit data from a remote site.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With