Hey guys,
I am running an free hosting environment and do have some trouble with
allow_url_fopen. Right now we prohibit this, but it's requested by many
of our users.
The problem is something like to following script, which calls itself
over and over again, being run on our server:
<?php
while(true)
file_get_contents("http://domain.com/crash.php";);
?>
From the outside our anti-dos measures would take effect, but not when
the requests are comming from our own server.
We have max_execution_time set to 5, but this does not take effect on
this script. It just calls itself until the server queue is full. We run
mod_security on our servers, which seems to ease the situation somewhat.
But some time sooner or later apache crashes and is restarted by monit.
We would like to enable allow_url_fopen, but under those circumstances
this is not possible.
Could anybody please give me a hint on how to resolve this situation?
Regards,
Samy
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
