switching to SHA256 HMAC of IPs in traffic limiter, resolves #57
This commit is contained in:
parent
deda8e4783
commit
09dd79dbc7
@ -79,7 +79,7 @@ class trafficlimiter extends persistence
|
|||||||
*/
|
*/
|
||||||
public static function getIp()
|
public static function getIp()
|
||||||
{
|
{
|
||||||
return md5($_SERVER[self::$_ipKey]);
|
return $_SERVER[self::$_ipKey];
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -94,11 +94,11 @@ class trafficlimiter extends persistence
|
|||||||
*/
|
*/
|
||||||
public static function canPass()
|
public static function canPass()
|
||||||
{
|
{
|
||||||
$ip = self::getIp();
|
|
||||||
|
|
||||||
// disable limits if set to less then 1
|
// disable limits if set to less then 1
|
||||||
if (self::$_limit < 1) return true;
|
if (self::$_limit < 1) return true;
|
||||||
|
|
||||||
|
$ip = hash_hmac('sha256', self::getIp(), serversalt::get());
|
||||||
|
|
||||||
$file = 'traffic_limiter.php';
|
$file = 'traffic_limiter.php';
|
||||||
if (!self::_exists($file))
|
if (!self::_exists($file))
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user