Hello everyone!

Today I had a little problem with a spammer.

He was requesting a page like 3 o 4 times per second.

And I found about it after one of my tables(stats) got overloaded by data so I contacted my host (The host I’m using is really good and fast and has a really good support, thanks ipage) and they restored my database.

First I emptied stats table and then blocked the spammer’s ip with .htaccess.

Then I thought about preventing spammers accessing my site too fast.

So I wrote this piece of code.

I know It’s really simple but I guess it gives the idea to some newbies like me.

For the table:
CREATE TABLE `Ips` (
`ip` varchar(15) NOT NULL,
`accessTime` int(11) NOT NULL,
`accessPage` varchar(10) NOT NULL
)

And at the header of you site:

$ip=$_SERVER[‘REMOTE_ADDR’];

$con = mysql_connect(“localhost”,”user”,”pass”);
if (!$con)
{
die(‘Could not connect: ‘ . mysql_error());
}

mysql_select_db(“your_db”, $con);

$max=2;
$interval=3; //these two parameters mean that the a user can access your site maximum 2 times in 3 seconds
$timeLow = time()-$interval;
$timeNow = time();

$accessNum=mysql_query(“SELECT * FROM Ips WHERE accessTime > ‘$timeLow’ AND ip=’$ip'”);
if(mysql_num_rows($accessNum) > 2){
mysql_query(“INSERT INTO Ips (ip,accessTime,accessPage) VALUES (‘$ip’,0,’$accessPage’)”);//I used this to check know who accessed my site too fast(just with searching the table for accessTime=0
mysql_close($con);
die(‘You are accessing this site too fast’);
}
$accessPage=substr($_SERVER[“SCRIPT_NAME”],strrpos($_SERVER[“SCRIPT_NAME”],”/”)+1);
mysql_query(“INSERT INTO Ips (ip,accessTime,accessPage) VALUES (‘$ip’,’$timeNow’,’$accessPage’)”);
mysql_close($con);

Well you can add more columns to database for more details(like date).

I hope this article be a little help for you:D