Re: [PHP] How to prevent DoS on PHP script?

Date: Mon, 16 Jun 2008 17:42:56 +0200
From: Per Jessen <per@xxxxxxxxxxxx>
Subject: Re: [PHP] How to prevent DoS on PHP script?

Jim Lucas wrote:

> Per Jessen wrote:
>> Michelle Konzack wrote:
>> 
>>> My biggest problem is, that the "/fileupload.php" was always
>>> references
>>> from outside my webspace.  OK, I was thinking  this  can  be  solved
>>> by
>>> using HTTP_REFERER which has then worked for some  days  but  NOW
>>> those pigs are back and sending spoofed HTTP_REFERER.
>>>
>>> Since I have only a VHost @ISP I can not  go  deeper  into  the
>>> Apache2 config what I have done when I was running my own server.
>>>
>>> Can anyone suggest me something, how to block requests from outside?
>> 
>> Check client IP-addresses?
>> 
>> 
>> /Per Jessen, Zürich
>> 
>> 
> 
> The problem that the OP is going to run into is the "Chicken before
> the Egg" problem.  PHP will not start processing until the file upload
> has already been completely uploaded.

I was about to say "Then let apache check it", but I hadn't read the
last paragraph of the OPs question.


/Per Jessen, Zürich


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Follow-Ups:
- Re: [PHP] How to prevent DoS on PHP script?
  - From: Nitsan Bin-Nun

References:
- [PHP] How to prevent DoS on PHP script?
  - From: Michelle Konzack
- Re: [PHP] How to prevent DoS on PHP script?
  - From: Per Jessen
- Re: [PHP] How to prevent DoS on PHP script?
  - From: Jim Lucas

Prev by Date: Re: [PHP] How to prevent DoS on PHP script?
Next by Date: Re: [PHP] How to prevent DoS on PHP script?
Previous by thread: Re: [PHP] How to prevent DoS on PHP script?
Next by thread: Re: [PHP] How to prevent DoS on PHP script?
Index(es):
- Date
- Thread

lists-archives.org

Re: [PHP] How to prevent DoS on PHP script?