Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Senior Coder
    Join Date
    Nov 2010
    Posts
    1,341
    Thanks
    260
    Thanked 32 Times in 31 Posts

    automatic ip banning for trollers

    Hi, i was wondering if there was a way (even a paid service) to automatically ban an ip once they hit a set number of "file does not exist" error. Im tired of these idiots trolling my site for file names, i ban them but its after the fact. I wonder if there is a way to ban then automatically once they hit lets say 5 "file does not exist". This would keep out alot of them but allow for honest visitors that just have the wrong address. To do this i would also need to exclude my own ip from the mix as i do testing and i dont want to get banned lmao.

    Any ideas?

    Thanks so much.

    I did find this (see link below) on my old hosting co forum, but its almost 5 years old, mitch is no longer with the company, and the only other people that have said anything about it in the forum are all new registrations. Maybe if some of the more experience people like mitch as given their kudos i would go for it, but that is not the case. So i am looking for something else. Or maybe someone here can give their opinion on this or maybe even improve on it.

    http://www.lunarforums.com/lunarpage...-t43858.0.html
    Last edited by durangod; 04-21-2012 at 01:04 PM.

  • #2
    New Coder
    Join Date
    Jul 2011
    Location
    USA
    Posts
    39
    Thanks
    0
    Thanked 1 Time in 1 Post
    I can get you started. This is a script i use on my site to ban bad bots but can be modified to suit your needs. First create a cgi file named trap.pl and add this script to it and chmod 755:

    Code:
    #!/usr/bin/perl -w
    # This is the only variable that needs to be modified. 
    # Replace it with the absolute path to your root directory. 
    $rootdir = "/home/byron/public_html/";
    
    # Grab the IP of the bad bot 
    $visitor_ip = $ENV{'REMOTE_ADDR'};
    $visitor_ip =~ s/\./\\\./gi;
    
    # Open .htaccess file 
    open(HTACCESS,"".$rootdir."/\.htaccess") || die $!;
    @htaccess = <HTACCESS>;
    close(HTACCESS);
    
    # Write banned IP to .htaccess file 
    open(HTACCESS,">".$rootdir."/\.htaccess") || die $!;
    print HTACCESS "SetEnvIf Remote_Addr \^".$visitor_ip."\$ ban\n";
    foreach $deny_ip (@htaccess) {
    print HTACCESS $deny_ip;
    } 
    close(HTACCESS);
    # Close 
    print "Content-type: text/html\n\n";
    print "<html>\n";
    print "<head>\n";
    print "<title>Access Denied!</title>\n";
    print "<meta name=\"robots\" content=\"noindex,nofollow\">\n";
    print "</head>\n";
    print "<body>\n";
    print "<p><b>Access Denied!</b></p>\n";
    print "</body>\n";
    print "</html>\n";
    exit;
    Then add this to the top of your root htaccess file:

    Code:
    SetEnvIf Remote_Addr ^65\.29\.81\.103$ ban
    order allow,deny
    allow from all
    deny from env=ban
    Here are a couple of simple ways to auto ban an IP.

    1. As a simple hyperlink:
    http://www.yourdomain.com/cgi-bin/trap.pl

    2. In your case you could write a php or perl/cgi script as your 404 page to check if a certain ip has hit the page more than 5 times. Once it is hit 5 times then show trap.pl and the bad ip is written to your htaccess file.

    How it works.

    Every time a user hits trap.pl their IP is written to the top of the .htaccess file. Your .htaccess file will begin to look something like this:

    Code:
    SetEnvIf Remote_Addr ^65\.29\.81\.103$ ban
    SetEnvIf Remote_Addr ^201\.44\.73\.40$ ban
    SetEnvIf Remote_Addr ^306\.90\.74\.60$ ban
    order allow,deny
    allow from all
    deny from env=ban
    If your not familiar enough with php or perl/cgi, you could ask in the those forums for help.
    Last edited by byrondallas; 04-21-2012 at 01:42 PM.

  • #3
    New Coder
    Join Date
    Jul 2011
    Location
    USA
    Posts
    39
    Thanks
    0
    Thanked 1 Time in 1 Post
    I had some time today so I went ahead and created a php script that will work with the code above. What this will do is record the ip address of the person who gets your 404 page and keep a count. Once the person's ip has been counted 5 times it will redirect them to the trap.pl file which bans the ip. It takes 5 hits by the SAME ip address before it redirects to trap.pl

    Copy and paste the php script below as your 404 page and give it a .php extension:

    PHP Code:
    <?php
    $file 
    "banned.txt";
    $ip $_SERVER[REMOTE_ADDR];

    # delete banned.txt if more than 100 entries
    # to keep file from filling up with ips
    if (file_exists($file))
    {
    $array file($file);
    $count count($array);
    if (
    $count 100)
    {
    unlink($file);
    }
    }

    # create banned.txt if not created and log ip
    file_put_contents($file"$ip\n"FILE_APPEND);

    # open banned.txt and check matching ips
    $myArray file($fileFILE_IGNORE_NEW_LINES FILE_SKIP_EMPTY_LINES);
    $newArray array_count_values($myArray);

    # find the largest number of matching ips
    $lrgst max($newArray);

    # if over 5 hits by same ip, redirect to trap.pl 
    # and delete banned.txt
    if ($lrgst >= 5)
    {
    unlink($file);
    header("location:http://yourdomain.com/cgi-bin/trap.pl");
    exit;

    } else {

    # if same ip hasn't hit the 404 page over 5 times
    # return 404 page
    $nopage = <<<HEREDOC
    <html>
    <head><title>404 Not Found</title></head>
    <body>
    The Page You Requested Could Not Be Found
    </body>
    </html>
    HEREDOC;
    echo 
    $nopage;
    }
    ?>
    Last edited by byrondallas; 04-21-2012 at 09:19 PM.

  • #4
    New Coder
    Join Date
    Jul 2011
    Location
    USA
    Posts
    39
    Thanks
    0
    Thanked 1 Time in 1 Post
    After thinking about it I realized I could just as easily do everything with just one single php script. Make this your 404 error page:

    PHP Code:
    <?php
    $file 
    "banned_ips.txt";
    $ip $_SERVER[REMOTE_ADDR];

    # delete file if more than 100 entries
    # to keep file from filling up with ips
    if (file_exists($file))
    {
    $array file($file);
    $count count($array);
    if (
    $count 100)
    {
    unlink($file);
    }
    }

    # create banned.txt if not created and log ip
    file_put_contents($file"$ip\n"FILE_APPEND);

    # open banned.txt and check matching ips
    $myArray file($fileFILE_IGNORE_NEW_LINES FILE_SKIP_EMPTY_LINES);
    $newArray array_count_values($myArray);

    # find the largest number of matching ips
    $lrgst max($newArray);

    # if over 5 hits by same ip, add ip to deny list
    if ($lrgst >= 5)
    {
    unlink($file);

    # open .htaccess file and add banned ip
    $htaccess ".htaccess";
    $banip "Deny from $ip\n";
    file_put_contents($htaccess$banipFILE_APPEND);

    } else {

    # if same ip hasn't hit the 404 page over 5 times
    # return 404 page
    $nopage = <<<HEREDOC
    <html>
    <head><title>404 Not Found</title></head>
    <body>
    The Page You Requested Could Not Be Found
    </body>
    </html>
    HEREDOC;
    echo 
    $nopage;
    }
    ?>
    Make sure this is ALWAYS the last thing in your root .htaccess file

    Code:
    Order Allow,Deny
    Allow from all
    Also unless you modify the htaccess path, your 404 error page should be in your root folder.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •