I found this script online, but I am not sure if its protection is based on a user's IP address, or is it? Will it stop a user based on how many requests are made from the same IP? <?PHP IF (!ISSET($_SESSION)) { SESSION_START();} // anti flood protection IF($_SESSION['last_session_request'] > TIME() - 2){ // users will be redirected to this page if it makes requests faster than 2 seconds HEADER("location: /flood.html"); EXIT;}$_SESSION['last_session_request'] = TIME(); ?> Code (markup):
Looks like terribly formated piece of code. Although php functions aren't case sensitive, it's a good practice to write them as in manual. As for the code itself, if it will work at all, then it will work only if cookies are supported on browser accessing the site.
@ronaldsg; i totaly agree but the answer to the TS is YES it will work, but all uppercase functions should be writen as lowercase functions <?php if (!isset($_SESSION}} { session_start(); } if (isset($_SESSION['last_session_request']) && $_SESSION['last_session_request'] > time() - 2) { header("Location: /flood.html"); exit; } $_SESSION['last_session_request'] = time(); PHP: better way is to save the browser useragent string + ip address to a database and check it every request.
quikad, it doesn't use the IP address, it uses the browser. If the user has 2 browsers open, makes a request in one, then makes a request in the other within 2 seconds, this script sees that as 2 "users". Sessions are per browser, not per IP or computer.