PHP: Opening URLs concurrently to simulate a DOS a

2019-03-16 22:19发布

问题:

I have configured my server with various anti-DOS modules (mod_qos, mod_evasive etc). What I want to do now is run a simple PHP scrip that calls URLs on my site multiple times, in order to reach the various limits on the site. Ideally a script that can somehow open various URLs concurrently would be ideal.

Is this possible? And if not, what is the easiest way to simulate multiple requests from one IP?

I would prefer a tool that works in Windows 7?

Update: Remember, i want to be able to see if my server is actually blocking some of the requests. I've only played with AB for a little bit, but so far it hasn't shown me that requests were blocked?

回答1:

i thinks you should try this tools,

Apache ab

Siege by Joe Dog Software

Apache JMeter

Apache Bench is easy and straightforward

you should also try tsung

here is something on github in ruby

but if you still want to simulate ddos in php, then i think in php you need to make use of socket and in loop send request to your server, and disconnect without waiting for response from your server, this way you can simulate it. like "Connect - Dispatch Request- Disconnect" and repeat this as many times possible.



回答2:

This was very useful under Windows: OpenLoad

I executed it using:

openload.exe http://www.mysite.com 250

And then I could easily see the result in my Apache Error Log:

tail -f /usr/local/apache/logs/error_log

I could see:

[Mon Apr 08 12:09:05 2013] [error] mod_qos(031): access denied, QS_SrvMaxConnPerIP rule: max=50, concurrent connections=59, c=XX.XXX.XX.XXX
[Mon Apr 08 12:09:05 2013] [error] mod_qos(031): access denied, QS_SrvMaxConnPerIP rule: max=50, concurrent connections=60, c=XX.XXX.XX.XXX
etc


回答3:

The simplest simulation would be by using an async xmlhttp request iterator function over an array various pages of the given domain at which the onload event initiates another page url call and cycle indefinitely, or for a certain large amount of times. And to make it a little bit more overwhelming, you'd open multiple instances of that same plain JS + HTML App, (say 9, or even 12) in parallel and see if anything happens or what will happen with the server after they've been running for a considerable amount of time and probably reached more than 1 million requests in about an hour of time.