带有 PHP 验证码的清漆缓存,用于反站点抓取算法
[英]Varnish Cache with PHP Captcha for Anti-Site-Scraping Algorithm
问题描述
我有清漆缓存与 PHP 验证码一起使用,但我没有
了解我如何设置触发限制。
在每小时(或每分钟)限制这么多请求之后
验证码输入被发送。
我有它的工作,但想了解我如何改变 req/s 限制。
以下是来自的代码:
http://drcarter.info/2010/04/how-fighting-against-scraping-using-varnish-vcl-inline-c-memcached/
这段代码对我说了什么?
if (rc == MEMCACHED_SUCCESS) {
uint64_t intval;
rc= memcached_increment(memc, key, strlen(key), (uint64_t)1, &intval);
if (rc != MEMCACHED_SUCCESS)
rc= memcached_set(memc, key, strlen(key), "1", 1, (time_t)60, (uint32_t)0);
else
if (intval>30) {
VRT_SetHdr(sp, HDR_REQ, "\013X-Scraping:", "1", vrt_magic_string_end);
syslog(LOG_INFO, "Scraping detected from %s",VRT_IP_string(sp, VRT_r_client_ip(sp)));
if (intval<300)
rc= memcached_set(memc, key, strlen(key), "500", 3, (time_t)3600, (uint32_t)0);
}
您的建议将不胜感激。
谢谢!
2 个解决方案
解决方案1
1 2011-06-17 13:14:30
请原谅我没有评论我的代码:)
所以有了评论,我想你会明白的。
if (rc == MEMCACHED_SUCCESS) {
//if connected to memcache
uint64_t intval;
//trying to increment the "ip address" key (+1)
rc= memcached_increment(memc, key, strlen(key), (uint64_t)1, &intval);
if (rc != MEMCACHED_SUCCESS)
//if increment fail, then it is the first time that we see this address
//init the value at 1 for 60 seconds
rc= memcached_set(memc, key, strlen(key), "1", 1, (time_t)60, (uint32_t)0);
else
//if increment success, then verifying the value, if more than 30 (30 reqs/minute)
//blacklist the ipaddress (setting the value arbitrary at 500 for 1 hour)
if (intval>30) {
VRT_SetHdr(sp, HDR_REQ, "\013X-Scraping:", "1", vrt_magic_string_end);
syslog(LOG_INFO, "Scraping detected from %s",VRT_IP_string(sp, VRT_r_client_ip(sp)));
if (intval<300)
rc= memcached_set(memc, key, strlen(key), "500", 3, (time_t)3600, (uint32_t)0);
}
解决方案2
0 2011-05-03 11:11:46
该代码适用于此流程:
try to increment the key identifying the client and return the value in intval
if it fails set the key with an expiration of 60 seconds
else
if the number of call (intval) is less than 30
it set an header X-Scraping (which will be use later to deny access: this part is not in the part of the code you have pasted)
因此,如果您想更改 res/s,您可以在 > 30 测试中进行游戏,或者将密钥到期时间更改为 60 以外的其他值。
清漆缓存+ PHP
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.