较为全面的asp防CC攻击代码分享

时间:2022-04-24 00:47:39
代码如下:

<% 
Dim CC_Info(4),strInfo,strTemp 
If Session("CC_Info") = "" Then 
CC_Info(0) = "cclog.txt" '日志文件名 
CC_Info(1) = Request.ServerVariables("HTTP_X_FORWARDED_FOR") 
CC_Info(2) = Request.ServerVariables("REMOTE_ADDR") 
CC_Info(3) = 10 'N秒内禁止刷新当前页面 
CC_Info(4) = "badip.txt" 'IP黑名单文件名 
Session("CC_Info") = CC_Info(0) &"|"& CC_Info(1) &"|"& CC_Info(2) &"|"& CC_Info(3) &"|"& CC_Info(4) 
Else 
strInfo = Split(Session("CC_Info"),"|") 
CC_Info(0) = strInfo(0) 
CC_Info(1) = strInfo(1) 
CC_Info(2) = strInfo(2) 
CC_Info(3) = strInfo(3) 
CC_Info(4) = strInfo(4) 
End If 

Const chkRefresh = 1 '0关闭防刷新 
Const chkProxy = 1 '0关闭代理验证 
Const chkBadIP = 1 '0关闭IP黑名单 

If Session("BadIP") = "" Then 
strInfo = ReadFile(CC_Info(4)) 
If strInfo = "" Then strInfo = "chinavb.net" 
Session("BadIP") = strInfo 
Else 
strInfo = Session("BadIP") 
End If 

'/*第一层判断,N秒内禁止刷新*/ 
If chkRefresh = 1 Then 
If Session("RefreshTime")="" Then 
Session("RefreshTime")=Now() 
Else 
If DateDiff("s", Session("RefreshTime"), Now()) < CInt(CC_Info(3)) Then 
Response.Write("系统繁忙,请稍候再试!错误代码001") 
Response.End() 
Else 
Session("RefreshTime")=Now() 
End If 
End If 
End If 

'/*第二层判断,代理禁止查看*/ 
If chkProxy = 1 Then 
If CC_Info(1) <> "" Then 
If InStr(strInfo,CC_Info(1)) = 0 Then 
strTemp = CC_Info(1) & vbCrLf 
If InStr(strInfo,CC_Info(2)) = 0 Then 
strTemp = strTemp & "[" & CC_Info(2) & "]" & vbCrLf 
End If 
SaveLog CC_Info(4),strTemp 
strInfo = strInfo & strTemp 
Session("BadIP") = strInfo 
End If 
'记录CC攻击日志 
SaveLog CC_Info(0),CC_Info(1) & "["& CC_Info(2) & "]" & Now() &vbCrLf 
Response.Write("系统繁忙,请稍候再试!错误代码002") 
Response.End() 
End If 
End If 

'/*第三层判断,IP黑名单禁止查看*/ 
If chkBadIP = 1 Then 
If InStr(strInfo,CC_Info(2))>0 Then 
Response.Write("系统繁忙,请稍候再试!错误代码003") 
Response.End() 
End If 
End If 

'ForReading=1,ForWriting=2,ForAppending=8 
Function SaveLog(filename, filecontent) 
On Error Resume Next 
Dim fso, thisfile 
filename = Server.MapPath(filename) 
Set fso = CreateObject("Scripting.FileSystemObject") 
If Err <> 0 Then 
Response.Write("写入文件"&filename&"失败,可能您的系统不支持FSO!") 
Response.End() 
End If 
Set thisfile = fso.OpenTextFile(filename, 8, True) 
thisfile.write (filecontent) 
thisfile.Close 
Set fso = Nothing 
End Function 

Function ReadFile(filename) 
On Error Resume Next 
Dim fso, thisfile 
Set fso = CreateObject("Scripting.FileSystemObject") 
If Err <> 0 Then 
Response.Write("读取文件"&filename&"失败,可能您的系统不支持FSO!") 
Response.End() 
End If 
Set thisfile = fso.OpenTextFile(Server.MapPath(filename), 1, True) 
ReadFile = thisfile.ReadAll 
thisfile.Close 
Set thisfile = Nothing 
Set fso = Nothing 
End Function 
%>