Skip to content

Commit 9ae5891

Browse files
Fabian123333Fabian123333
committed
implement postrequest hook, unify log messages
1 parent 7102095 commit 9ae5891

File tree

3 files changed

+51
-4
lines changed

3 files changed

+51
-4
lines changed

anti_ddos_worker.cpp

+42-2
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,46 @@ class AntiDDoSWorker{
4949
ConnectRedisServer();
5050
}
5151

52+
static int PostRequestHook(request_rec *r){
53+
// ignore whitelist
54+
if(Config::Whitelist().ContainsIP(r->connection->client_ip)){
55+
return DECLINED;
56+
}
57+
58+
AntiDDoSWorker worker = AntiDDoSWorker();
59+
60+
int score = 0;
61+
62+
for(int i = 0; i < Config::Filters().Count(); i++){
63+
score += Config::Filters().Get(i).GetScore(r, true);
64+
}
65+
66+
if(score > 0){
67+
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, r->server,
68+
"add score for %s from postrequest (%i)", r->connection->client_ip, score);
69+
70+
worker.IncreaseScore(r->connection->client_ip, score);
71+
72+
if(worker.GetScore(r->connection->client_ip) > Config::MaxHits())
73+
{
74+
worker.TickDownScore(r->connection->client_ip);
75+
if(worker.GetScore(r->connection->client_ip) > Config::MaxHits()){
76+
worker.Block(r->connection->client_ip);
77+
78+
r->status = 429;
79+
80+
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
81+
"block access, client exceeded score limit: %s (postrequest)", r->connection->client_ip);
82+
83+
return OK;
84+
}
85+
86+
}
87+
}
88+
89+
return DECLINED;
90+
}
91+
5292
static int PreRequestHook(request_rec *r){
5393
if(Config::Whitelist().ContainsIP(r->connection->client_ip)){
5494
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
@@ -74,7 +114,7 @@ class AntiDDoSWorker{
74114
}
75115

76116
if(score > 0){
77-
ap_log_error(APLOG_MARK, APLOG_CRIT, 0, r->server,
117+
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, r->server,
78118
"add score for %s (%i)", r->connection->client_ip, score);
79119

80120
worker.IncreaseScore(r->connection->client_ip, score);
@@ -87,7 +127,7 @@ class AntiDDoSWorker{
87127

88128
r->status = 429;
89129

90-
ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
130+
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
91131
"block access, client exceeded score limit: %s", r->connection->client_ip);
92132

93133
return OK;

filter.cpp

+8-2
Original file line numberDiff line numberDiff line change
@@ -106,9 +106,15 @@ class Filter{
106106
return std::regex_search(ua, botPattern);
107107
}
108108

109-
int GetScore(request_rec *r){
109+
int GetScore(request_rec *r, bool postRequest = false){
110110
// status code only available after request
111-
if(GetStatusCode() != 0)
111+
if(GetStatusCode() == 0 && postRequest)
112+
return 0;
113+
114+
if(GetStatusCode() != 0 && !postRequest)
115+
return 0;
116+
117+
if(r->status != GetStatusCode() && GetStatusCode() != 0)
112118
return 0;
113119

114120
if(!ApplyForAssets()){

mod_antiddos.c

+1
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
static void module_register_hooks(apr_pool_t *p)
99
{
1010
ap_hook_handler(AntiDDoSWorker::PreRequestHook, NULL, NULL, APR_HOOK_FIRST);
11+
ap_hook_log_transaction(AntiDDoSWorker::PostRequestHook , NULL, NULL, APR_HOOK_MIDDLE);
1112
ap_hook_post_config(AntiDDoSWorker::PostConfigHook, NULL, NULL, APR_HOOK_MIDDLE);
1213
}
1314

0 commit comments

Comments
 (0)