Source of csf.php
Note: BlogSpot don't let me use ">>" in code, so I had to remove the PHP tags from the source code, please add them by yourself, thanks !
while(1) {
$today = getdate();
$denied = 'Denied-'.$today["mday"].'-'.$today["mon"].'-'.$today["year"];
if(file_exists('/var/www/csf/bad.csf')){
$list = file('/var/www/csf/bad.csf', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
for($i = 0; $i < count($list); $i++ ) {
system('csf -d '.$list[$i]);
system('echo '.$list[$i].' >> /var/www/csf/'.$denied);
unlink($path.'locked-'.$list[$i]);
}
unlink('/var/www/csf/bad.csf');
}
sleep(10);
}
Source of erc.php
$clps) {
if($list[$last - $clps] != $list[$last]) $ban = 0;
} else $ban = 0;
if($ban) {
$in = $_SERVER['REMOTE_ADDR']."\n";
$lock = fopen($path.'bad.csf','a');
fwrite($lock, $in);
fclose($lock);
$lock = fopen($path.'locked-'.$_SERVER['REMOTE_ADDR'],'a');
fclose($lock);
unlink($path.'erc-'.$_SERVER['REMOTE_ADDR'].'.log');
}
if($last > 5) unlink($path.'erc-'.$_SERVER['REMOTE_ADDR'].'.log');
$ban = 1;
}
* Deploy instruction:
- make /var/www/csf directory
- put erc.php and csf.php in to /var/www/csf/
- edit the php.ini:
auto_prepend_file = /var/www/erc.phpThen restart the webserver
# service httpd restart
And now run the csf.php in the command line with root:
# php -n /var/www/csf/csf.php &
Now just view the Denied-xxx log to know who has been blocked by CSF in day :D
