0

Is there a function in PHP that will just stop the connection without sending anything to the client? I want to make something that checks if the client can access the website, but if not it will just end the connection without sending it anything (or as less information as it can). What I'm trying to accomplish is that I want to make something that blocks DDOS attacks or just people that are bugging the server. I don't think it's the best way to block them, but it's OK for me.

<?php
$client_blocked = true // Let's say that this person is blocked from the website
if ($client_blocked) {
    // close the connection
}
?>
theodoros_1234
  • 11
  • 1
  • 3
    What? Like `exit`? That isn't going to do anything about a DDOS. – Jonnix Sep 27 '16 at 21:32
  • 5
    If you're trying to block DDOS attacks you should be doing it higher then PHP. – chris85 Sep 27 '16 at 21:32
  • 1
    you want something at the OS level like psad –  Sep 27 '16 at 21:33
  • At the moment the executing hits your if statement you're already in a thread so resources were spent, so you call exit to stop the usage of moure resources and no way back, just kill it. DDOS is prevented from firewall using iptables for example (which you can write to with PHP and configure rules) or at web server like apache2/nginx with supported scripting languages like lua avoiding the execution of the request. PHP is already in execution, it's the "caller" who shouldn't invoke him. Please clarify the question if you're wrong, otherwise your question makes no sense. – Gui Sep 28 '16 at 02:36
  • See [How to enable DDoS protection?](http://stackoverflow.com/q/14477942/402022) – Theraot Sep 28 '16 at 02:45
  • I know that I can't fight a DDOS attack with this. It's just a layer of protection. Also, I want to close the connection like if I pulled the Ethernet cable, but just for that connection, not for everyone. Thanks. – theodoros_1234 Oct 08 '16 at 11:40

1 Answers1

-1

You can use either the exit or die() command.

if (...) die();
if (...) exit;
Aliaxander
  • 2,547
  • 4
  • 20
  • 45
J. Corcoran
  • 11
  • 1
  • For what the OP is asking, yes this is *technically* correct, but practically, OP would want to fight a DDoS attempt higher than `PHP` – Derek Pollard Sep 27 '16 at 21:36
  • I did not DV, just simply explaining my thoughts on the situation – Derek Pollard Sep 27 '16 at 21:37
  • Well I have to be partially agree with you, many users of SO, prefer the better answer rather than the answer OP wants, some how confusing – Neobugu Sep 27 '16 at 21:39
  • OP did say "I don't think it's the best way to block them, but it's OK for me." So I was answering his question. For DDoS, I use fail2ban: http://www.fail2ban.org/wiki/index.php/Main_Page – J. Corcoran Sep 27 '16 at 21:42