前言介紹
- 這款 WordPress 外掛「HTTP Flood」是 2018-02-02 上架。
- 目前有 10 個安裝啟用數。
- 上一次更新是 2018-02-06,距離現在已有 2644 天。超過一年沒更新,安裝要確認版本是否可用。以及後續維護問題!
- 外掛最低要求 WordPress 4.9 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 5.6 以上。
- 尚未有人給過這款外掛評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
外掛標籤
syn flood | http flood | land flood | Brute Force | form spoofing |
內容簡介
HTTP Flood 外掛可防止 HTTP Flood、Land Flood、Form Spoofing、Brute Force、Remote Site Scanners 等攻擊,經過無限執行緒和分散來源的測試。
請注意!
1. 此外掛會阻擋所有類似 Flood 的行動。
2. 因此,在進行快速動作(例如上傳範例資料)之前,請務必先停用外掛。
3. 如果您禁止了自己的網站,只能透過更改 IP 位址重新進入。
任意部分
1- HTTP 連線原理
在連接執行 HTTP 協議的系統之前,伺服器和客戶端之間會產生一個資料流,稱為三向交握。首先我們來看看如何建立正常連線。
SYN
客戶端發送一個 SYN(同步)封包,表示我們想要連接到伺服器。為了建立連線,客戶端和伺服器必須相容。SYN 封包攜帶有關客戶端結構的資訊。
SYN + ACK
當伺服器接收 SYN 封包時,它會分析客戶端結構並開始等待客戶端的回應,同時發送一個攜帶有關鏈結確認的確認封包和伺服器結構的 SYN 封包。
ACK
當客戶端接收 SYN + ACK 封包時,它會分析伺服器結構並發送最後的 ACK 封包,表明它滿足建立連線所需的條件,並通過建立伺服器和客戶端之間的連線開始數據傳輸。
數據傳輸
2- HTTP Flood 攻擊
到目前為止,我們已經檢查了建立正常 HTTP 連線的步驟。
現在,讓我們看看 HTTP Flood 攻擊的運作方式。
SYN
客戶端通過發送 SYN 封包請求連接,就像正常的連接請求一樣。
SYN + ACK
伺服器發送 SYN + ACK 封包,就像正常的連接請求一樣,並等待客戶端的回應。
SYN + 1
當伺服器等待回應時,客戶端不會發送最後的 ACK 封包,而是通過新的 SYN 封包重複進程。
3- 保護原理
我們已經了解了正常連線的原理以及如何利用這些原理進行攻擊。
最後,讓我們看看如何提供安全保護。
感知
HTTP Flood 和衍生攻擊發生在應用層,而不是像 DDOS 一樣在伺服器層。我們開發了一種特殊的演算法,通過檢查連接參數來檢測攻擊參數。
區別
攻擊正在進行時,正常的連接請求可能會繼續出現,正常的伺服器在這裡不應保持無響應狀態。我們的軟體在這時區分攻擊請求和正常連接請求。
阻擋
在幾秒鐘內檢測到攻擊,當伺服器仍然能夠回應新的連接請求時,我們會向伺服器層通報攻擊源地址,阻擋攻擊源地址,從而避免伺服器受到攻擊。
原文外掛簡介
HTTP Flood prevents your system against attacks like HTTP Flood, Land Flood, Form Spoofing, Brute Force, Remote Site Scanners and many more on similar types. It was tested under limitless thread and distributed sources.
Please Attention!
1. This plugin blocks every flood like actions.
2. So don’t forget to deactivate the plugin before you do any fast moves e.g. sample data uploading…
3. If you banned your own site, you can re-enter only via change your ip address.
Arbitrary section
1- HTTP Connection Principle
Before connecting to a system running in the HTTP protocol, a data stream is generated between the server and the client called three way handshake.
Let’s first examine how a normal connection is established.
SYN
The client sends a SYN (Synchronize) packet that indicates that we want to connect to the server. The client and server must be compatible in order to establish a connection. The SYN package carries information about the client structure.
SYN + ACK
When the server receives the SYN packet, it analyzes the structure of the client and starts to wait for the client’s response by sending a SYN packet carrying information about the acknowledgment packet and the server structure, indicating an ACK (link acknowledgment).
ACK
When the client receives the SYN + ACK packet, it analyzes the structure of the server and sends a final ACK packet indicating that it satisfies the conditions required to establish the connection, and the data transfer starts by establishing a connection between the server and the client.
DATA TRANSFER
2- HTTP Flood Attack
So far we have examined the establishment of a normal HTTP connection.
Now let’s examine how the HTTP Flood attack works.
SYN
The client requests a connection by sending a SYN packet as if it were a normal connection request.
SYN + ACK
The server sends the SYN + ACK packet as if it were a regular connection request and waits for the client’s response.
SYN + 1
The client does not send the last ACK packet and the process repeats with a new SYN while the server is waiting for a response.
3- Protection Principle
We have seen the principle of normal connection and how these principles are manipulated to attack.
Finally, see how we provide security.
PERCEPTION
HTTP floods and derivative attacks occur at the application layer, not at the server layer like DDOS. We have developed a special algorithm that detects the attack parameters by examining the connection parameters.
DISCRIMINATION
Normal connection requests may continue to come in while the attack is ongoing, and a normal server should not remain unresponsive here. Our software distinguishes between attack requests and normal connection requests at this point.
BLOCK
The attack is detected in seconds and the attack source is notified to the server layer when the server is still able to respond to new connection requests. In this case, the attack source is blocked at the server layer and the server is not attacked.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「HTTP Flood」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
暫無相關外掛推薦。