websoftwares/throttle

Ban identifier after certain amount of requests in a given timeframe.

Throttle (v0.3.3)

Ban identifier after certain amount of requests in a given timeframe., _(*1)

, _(*2)

Installing via Composer (recommended)

Install composer in your project:, _(*3)

curl -s http://getcomposer.org/installer | php

Create a composer.json file in your project root:, _(*4)

{
    "require": {
        "websoftwares/throttle": "dev-master"
    }
}

Install via composer, _(*5)

php composer.phar install

Usage

Basic usage of the Throttle class to ban an identifier., _(*6)

use Websoftwares\Throttle, Websoftwares\Storage\Memcached, Monolog\Logger;

// Ip
$identifier = '$_SERVER["REMOTE_ADDR"]';
// Instantiate class
$throttle = new Throttle(new Logger('throttle'), new Memcached());

if($throttle->validate($identifier)) {
    // Success proceed
} else {
    // Banned
}

Logger

Any logger library that implements the PSR-3 LoggerInterface should work, just create your Logger object and inject it into the Throttle constructor. For example the excellent logging library Monolog., _(*7)

Storage

Included is a Memcached example however it is very easy to use some other storage system just implement the StorageInterface and inject that object into the Throttle constructor., _(*8)

Caution

Whatever storage system u decide to use, don not store the failed request data into your database, this could lead to a DDOS attack and take your database down., _(*9)

Options

U can override the default options by instantiating a Throttle class and pass in an array as the third argument., _(*10)

$options = array(
    'banned' => 10, // Ban identifier after 10 attempts. (default 5)
    'logged' => 20, // Log identifier after 20 attempts. (default 10)
    'timespan' => 60 // The timespan for the duration of the ban. (default 86400)
    );

// Instantiate class
$throttle = new Throttle(new Logger('throttle'), new Memcached(), $options);

reset();

This will remove the identifier from the storage., _(*11)

$throttle->reset($identifier);

remaining();

This will return an integer that is the remaining attempt(s) available before identifier gets banned., _(*12)

$throttle->remaining($identifier);

Memcached

This requires u have the PHP memcached extension installed., _(*13)

on Debian/Ubuntu systems for example install like this (requires administrative password)., _(*14)

sudo apt-get install php5-memcached

Testing

In the tests folder u can find several tests., _(*15)

License

DBAD Public License., _(*16)

Acknowledgement

Converted from python example and comments from Forrst.com post., _(*17)