Protect your custom PHP pages from DDoS attacks with IP-based rate limiting and automatic IP banning.
=== DDoS Protection for Custom PHP Pages ===
Author: SourceCode347
Plugin URI: https://github.com/sourcecode347/ddos-protection-php
Donate link: https://buy.stripe.com/bIY5o70SSfam8Qo7ss
Tags: security, ddos-protection, rate-limiting, ip-blocking
Requires PHP: 7.0
Stable tag: 1.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Protect your custom PHP pages from DDoS attacks with IP-based rate limiting and automatic IP banning.
== Description ==
The DDoS Protection for Custom PHP Pages script provides a lightweight solution to protect custom PHP pages from denial-of-service (DoS) attacks. It implements IP-based rate limiting, tracking the number of requests per IP within a configurable time window. If an IP exceeds the request limit, it is temporarily blocked with a 429 status code. After a set number of failed attempts, the IP is banned for a configurable duration (default: 24 hours). The script stores request counts and banned IPs in temporary files for simplicity and efficiency.
Key Features:
- IP-based rate limiting with configurable request limit and time window (default: 10 requests per 60 seconds).
- Automatic IP banning after a set number of failed attempts (default: 30 attempts).
- Configurable ban duration (default: 24 hours).
- Stores request counts and banned IPs in temporary files in the system's temp directory.
- Cleans up expired bans automatically to prevent file bloat.
- Lightweight and easy to integrate into any PHP page.
Ideal for developers seeking to add DDoS protection to custom PHP applications without requiring a full CMS like WordPress.
== Installation ==
- Download the
ddos_protection.phpscript from the GitHub repository. - Place the
ddos_protection.phpfile in a directory accessible by your PHP application (e.g.,/path/to/your/project/). - Include the script at the top of the PHP page(s) you want to protect:
<?php require_once('ddos_protection.php'); ?>