NYCPHP Meetup

NYPHP.org

[nycphp-talk] Urgent: Help in Defending Attack

Cliff Hirsch cliff at pinestream.com
Thu Feb 28 10:33:32 EST 2008


On 2/28/08 7:44 AM, "Randal Rust" <randalrust at gmail.com> wrote:

> we are getting hundreds of hits per minute from what appear to be fake
> IP addresses. i am currently writing a script that will send these
> requests to an error page prior to making the database connection.
> 
> i am doing an explode() on the $_SERVER['REMOTE_HOST]  to get the
> first part of the IP. Does that make sense?
> 
> this is only temporary fix. i'll need to come up with something more
> permanent.

What kind of hit? Does the url have "attack" strings? Check out phpids --
might help.





More information about the talk mailing list