{"id":81118,"date":"2018-02-03T12:49:52","date_gmt":"2018-02-03T12:49:52","guid":{"rendered":"https:\/\/tr.wordpress.org\/plugins\/http-flood\/"},"modified":"2018-02-06T10:35:51","modified_gmt":"2018-02-06T10:35:51","slug":"http-flood","status":"publish","type":"plugin","link":"https:\/\/ko.wordpress.org\/plugins\/http-flood\/","author":15936933,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0-1","stable_tag":"trunk","tested":"4.9.29","requires":"4.9","requires_php":"5.6","requires_plugins":"","header_name":"HTTP Flood","header_author":"Ayd\u0131n Antmen","header_description":"HTTP Flood prevents your system against attacks like HTTP Flood, Land Flood, Form Spoofing, Brute Force, Remote Site Scanners and many more on similar types. It was tested under limitless thread and distributed sources.","assets_banners_color":"","last_updated":"2018-02-06 10:35:51","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/www.ofis46.com\/","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/http-flood\/","header_author_uri":"https:\/\/www.ofis46.com","rating":0,"author_block_rating":0,"active_installs":10,"downloads":1454,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":[],"upgrade_notice":{"1.0":"

This is first version. No need to upgrade.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":0},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":[],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"This screen shot description corresponds to screenshot-1.(png|jpg|jpeg|gif). Note that the screenshot is taken from\nthe \/assets directory or the directory that contains the stable readme.txt (tags or trunk). Screenshots in the \/assets\ndirectory take precedence. For example, \/assets\/screenshot-1.png<\/code> would win over \/tags\/4.3\/screenshot-1.png<\/code>\n(or jpg, jpeg, gif).","2":"This is the second screen shot"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[2439,152679,37270,152678,152677],"plugin_category":[],"plugin_contributors":[152680],"plugin_business_model":[],"class_list":["post-81118","plugin","type-plugin","status-publish","hentry","plugin_tags-brute-force","plugin_tags-form-spoofing","plugin_tags-http-flood","plugin_tags-land-flood","plugin_tags-syn-flood","plugin_contributors-aydinantmen","plugin_committers-aydinantmen"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/http-flood.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"\n

HTTP Flood prevents your system against attacks like HTTP Flood, Land Flood, Form Spoofing, Brute Force, Remote Site Scanners and many more on similar types. It was tested under limitless thread and distributed sources.<\/p>\n\n

Please Attention!\n1. This plugin blocks every flood like actions.\n2. So don't forget to deactivate the plugin before you do any fast moves e.g. sample data uploading...\n3. If you banned your own site, you can re-enter only via change your ip address.<\/p>\n\n

Arbitrary section<\/h3>\n\n

1- HTTP Connection Principle<\/p>\n\n

Before connecting to a system running in the HTTP protocol, a data stream is generated between the server and the client called three way handshake.\nLet's first examine how a normal connection is established.<\/p>\n\n

SYN\nThe client sends a SYN (Synchronize) packet that indicates that we want to connect to the server. The client and server must be compatible in order to establish a connection. The SYN package carries information about the client structure.<\/p>\n\n

SYN + ACK\nWhen the server receives the SYN packet, it analyzes the structure of the client and starts to wait for the client's response by sending a SYN packet carrying information about the acknowledgment packet and the server structure, indicating an ACK (link acknowledgment).<\/p>\n\n

ACK\nWhen the client receives the SYN + ACK packet, it analyzes the structure of the server and sends a final ACK packet indicating that it satisfies the conditions required to establish the connection, and the data transfer starts by establishing a connection between the server and the client.<\/p>\n\n

DATA TRANSFER<\/p>\n\n

2- HTTP Flood Attack<\/p>\n\n

So far we have examined the establishment of a normal HTTP connection.\nNow let's examine how the HTTP Flood attack works.<\/p>\n\n

SYN\nThe client requests a connection by sending a SYN packet as if it were a normal connection request.<\/p>\n\n

SYN + ACK\nThe server sends the SYN + ACK packet as if it were a regular connection request and waits for the client's response.<\/p>\n\n

SYN + 1\nThe client does not send the last ACK packet and the process repeats with a new SYN while the server is waiting for a response.<\/p>\n\n

3- Protection Principle\nWe have seen the principle of normal connection and how these principles are manipulated to attack.\nFinally, see how we provide security.<\/p>\n\n

PERCEPTION\nHTTP floods and derivative attacks occur at the application layer, not at the server layer like DDOS. We have developed a special algorithm that detects the attack parameters by examining the connection parameters.<\/p>\n\n

DISCRIMINATION\nNormal connection requests may continue to come in while the attack is ongoing, and a normal server should not remain unresponsive here. Our software distinguishes between attack requests and normal connection requests at this point.<\/p>\n\n

BLOCK\nThe attack is detected in seconds and the attack source is notified to the server layer when the server is still able to respond to new connection requests. In this case, the attack source is blocked at the server layer and the server is not attacked.<\/p>\n\n\n

    \n
  1. Upload the plugin files to the \/wp-content\/plugins\/http-flood<\/code> directory, or install the plugin through the WordPress plugins screen directly.<\/li>\n
  2. Activate the plugin through the 'Plugins' screen in WordPress<\/li>\n
  3. It's done.<\/li>\n<\/ol>\n\n\n
    \n
    Installation Instructions<\/dt>\n
      \n
    1. Upload the plugin files to the \/wp-content\/plugins\/http-flood<\/code> directory, or install the plugin through the WordPress plugins screen directly.<\/li>\n
    2. Activate the plugin through the 'Plugins' screen in WordPress<\/li>\n
    3. It's done.<\/li>\n<\/ol><\/dd>\n
      Is HTTP Flood plugin protected me againts DDoS?<\/dt>\n

      No. DDoS attacks are made on the server layer used server's ip address. HTTP Flood plugin running in software layer. So we could not detected and protection.<\/p><\/dd>\n

      So, protect me against what kind of attack?<\/dt>\n

      The attack sources arranged on the domain name, not on the server IP address, can be detected by the softwares. So we can detected and protected against them. These are: HTTP Flood, Land Flood, Form Spoofing, Brute Force and Remote Site Vulnerability Scanners.<\/p><\/dd>\n

      How it's work<\/dt>\n

      This plugin based on a detection algorithm, it's writes the attack resources to the .htaccess file. This file is a system file and tells resource must be blocked in a firewall layer to the server. HTTP Flood plugin detects the attack resources and writes them in .htaccess file at the time of attack.<\/p><\/dd>\n\n<\/dl>\n\n\n

      1.0<\/h4>\n\n
        \n
      • First stable version<\/li>\n<\/ul>","raw_excerpt":"HTTP Flood prevents your system against attacks like HTTP Flood, Land Flood, Form Spoofing, Brute Force, Remote Site Scanners and many more on similar …","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/81118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=81118"}],"author":[{"embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/aydinantmen"}],"wp:attachment":[{"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=81118"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=81118"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=81118"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=81118"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=81118"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/ko.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=81118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}