nanoweb 2.2.9-0ubuntu1 / usr / lib / nanoweb / modules / mod_dosevasive.php

This file is indexed.

/usr/lib/nanoweb/modules/mod_dosevasive.php is in nanoweb 2.2.9-0ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php

/*

Nanoweb DoS Evasive Maneuvers Module
====================================

Copyright (C) 2002-2003 Vincent Negrier aka. sIX <six@aegis-corp.org>

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

*/

class mod_dosevasive {

	function mod_dosevasive() {

		$this->modtype="core_after_decode";
		$this->modname="DoS evasive maneuvers";
	
	}

	function main() {

		global $real_uri, $vhost, $add_errmsg, $pri_err, $query_string;
		static $detable, $detimer;

		$t=time();
		$tmax=access_query("dosevasivetimer", 0) or $tmax=10;
		$dmax=access_query("dosevasivemaxreqs", 0) or $dmax=5;
		
		if ($t>($detimer+$tmax)) {
			
			// Clean table on timer
			
			$detable=array();
			$detimer=$t;

		}

		if ($detable[$vhost.$real_uri.$query_string]>=$dmax) {

			// Discard request with DosEvasiveError if requested more than DosEvasiveMaxReqs in DocEvasiveTimer seconds

			$e=access_query("dosevasiveerror", 0) or $e=403;
			$pri_err=$e;
			$add_errmsg="You are not allowed to request a resource more than <b>".(int)$dmax."</b> times in <b>".(int)$tmax."</b> seconds.<br><br>";

			if ($bt=access_query("dosevasiveblocktime", 0)) {
				
				if (strtolower($bt)=="perm") {
				
					nw_block_ip_address($GLOBALS["remote_ip"], "PERM", "mod_dosevasive");

				} else {

					nw_block_ip_address($GLOBALS["remote_ip"], "TEMP", "mod_dosevasive", time()+$bt);

				}

			}

		}
		
		// Update url table

		$detable[$vhost.$real_uri.$query_string]++;

	}

}

?>

APT Browse - Built by Thomas Orozco.