snipershady/ratelimiter

免费且易于使用的速率限制器

维护者

详细信息

github.com/snipershady/ratelimiter

主页

源代码

问题

安装: 698

依赖项: 0

建议者: 0

安全: 0

星标: 1

关注者: 1

分支: 0

开放问题: 0

v1.0.3 2022-11-06 17:48 UTC

Requires

Requires (Dev)

GPL-3.0-or-later 29e65a064ac715d9b39825bd987a84435347dd1c

banratelimitratelimiter

This package is auto-updated.

Last update: 2024-09-12 16:42:31 UTC

README

免费且易于使用的速率限制器

上下文

您需要在特定时间段内限制对特定功能的网络流量访问。速率限制可以帮助阻止某些类型的恶意活动。

composer require snipershady/ratelimiter

命令行界面 (CLI)

对于 CLI 使用,请记住编辑您的 php.ini 文件以启用 APC 扩展

apc.enable_cli="1"

先决条件

要安装此软件包,您至少需要安装 php-apcu 和 php-redis 扩展。要使用最安全的策略,使用 Redis,您需要一个已安装且可访问的 Redis 服务器。

Debian - Ubuntu

apt-get install php8.1-redis php8.1-apcu

旧版 PHP 5.6 版本

如果您是一名被迫继续使用已弃用的 PHP 版本的悲伤的开发者,请私下向我询问,我将为您发布软件包的旧版版本。

APCu 示例

加载依赖

use Predis\Client;
use RateLimiter\Enum\CacheEnum;
use RateLimiter\Service\AbstractRateLimiterService;

APCu 示例

class Foo(){
    public function controllerYouWantToRateLimit(): Response {
        $limiter = AbstractRateLimiterService::factory(CacheEnum::APCU);
        $key = __METHOD__;  //Name of the function you want to rate limit. You can set a custom key. It's a String!
        $limit = 2;         //Maximum attempts before the limit
        $ttl = 3;           //The timeframe you want to limit access for

        if($limiter->isLimited($key, $limit, $ttl)){
            throw new Exception("LIMIT REACHED: YOOUUU SHALL NOOOOT PAAAAAAASSS");
        }

        // ... other code
    }
}

Redis 示例

class Foo(){
    public function controllerYouWantToRateLimit(): Response {
        $serverIp = "192.168.0.100";        //The server where you've installed the Redis instance.
        $redis = new Client("tcp://$serverIp:6379?persistent=redis01"); // Example with persistent connection.

        $limiter = AbstractRateLimiterService::factory(CacheEnum::REDIS, $redis);
        $key = __METHOD__;  //Name of the function you want to rate limit. You can set a custom key. It's a String!
        $limit = 2;         //Maximum attempts before the limit
        $ttl = 3;           //The timeframe you want to limit access for

        if($limiter->isLimited($key, $limit, $ttl)){
            throw new Exception("LIMIT REACHED: YOOUUU SHALL NOOOOT PAAAAAAASSS");
        }
        // ... other code
    }
}

带封禁选项的速率限制(示例使用 Redis,但您仍然可以使用 APCu

class Foo(){
    public function controllerYouWantToRateLimit(): Response {
    $serverIp = "192.168.0.100";    //The server where you've installed the Redis instance.
    $redis = new Client("tcp://$serverIp:6379?persistent=redis01"); // Example with persistent connection.
    $limiter = AbstractRateLimiterService::factory(CacheEnum::REDIS, $this->redis);
    $key = __METHOD__;  // Name of the function you want to rate limit. You can set a custom key. It's a String!
    $limit = 1;         // Maximum attempts before the limit
    $maxAttempts = 3;   // Max number of attempts you want to allow in a timeframe
    $banTimeFrame = 4;  // Timeframe where maxAttempts should not be reached to avoid the ban
    $ttl = 2;           // The base timeframe you want to limit access for
    $banTtl = 4;        // If a limit is reached greater equals time of max attempts, the new timeframe limit will be 4 seconds
    $clientIp = filter_input(INPUT_SERVER, 'REMOTE_ADDR');  // It is recommended to send the client IP to limit access to a function to a specific address, not to everyone 
    
    if($limiter->isLimitedWithBan($key, $limit, $ttl, $maxAttempts, $banTimeFrame, $banTtl, $clientIp))){
        throw new Exception("LIMIT REACHED: YOOUUU SHALL NOOOOT PAAAAAAASSS");
    }
    // ... other code
    }
}