Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 14 of 14

Thread: IP Ban

  1. #1
    New Coder
    Join Date
    Jun 2007
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts

    IP Ban

    Hey,

    Is there some way I can make an ip banning script off a flat text file? So I can use fwrite to add an I.P and remove one. Is this possible.

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    It sure is.
    Nothing is really 100% reliable though, and I don't believe php is capable of attaching to a MAC...
    Edit:
    Correction, I guess you can theoretically get a MAC using php if you can use the exec command...
    Last edited by Fou-Lu; 06-07-2007 at 04:14 AM.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #3
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    I'm not sure if there have been some posts deleted from this thread, but the first reply seems like it's missing something... ;S

    In any event; yes this can easily be done. However l highly suggest that IP bans are done at the .htaccess level (much less strain on the server) ... but here is a code that will allow you to ban users based on the first three octets of the IP address (much more effective than targeting the entire IP address; as the last set of octets change frequently.

    fist off you want to make a file named "banned_ips.txt" and palce the IP addresses that you want banned in it... I also believe this file will need read permissions (CHMOD 755 - can a php guru please verify this?).

    then try this script out (in the same directory ; or add the full path of the script below:

    PHP Code:
    <?php
    define
    ('FILE_IPS''banned_ips.txt'true); // edit 'banned_ips.txt' with the name/path of your banned ip text file...

    $ip $_SERVER["REMOTE_ADDR"]; //snag users ip addres


    //here we'll grab the list of banned ip addresses...
    $file implode(" "file(FILE_IPS));

    // here we'll snag the first three octets of the users IP address
    $exp explode("."$ip);
    $class $exp[0].'.'.$exp[1].'.'.$exp[2].'.';

    if(
    stristr($file$class)) { //user is banned do something...

    //you could just "kill" the execution of the page...
    die('you are banned'); //kill the execution of the page, user is banned!

    //or maybe redirect them to a special "banned page"...
    //header("location: http://www.disney.com");


    //or matybe output a fake "page not found" error... ;)
    /*
    define('THIS_DOMAIN', $_SERVER[SERVER_NAME], true); 
    header("HTTP/1.0 404 Not Found");
        die('<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
        <html><head><title>404 Not Found</title></head><body>
        <h1>Not Found</h1>
        <p>The requested URL '.$page.' was not found on this server.</p>
        <hr>
        <address>Apache/2.2.3 (Unix) Server at '.THIS_DOMAIN.' Port 80</address>
        </body></html>');
    */
    }

    ?>
    I hope this helps
    Last edited by Coastal Web; 06-07-2007 at 05:35 AM.

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Lol, nothing missing I simply answered the question
    I just threw in that IP banning isn't the most reliable way to ban though.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #5
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by Fou-Lu View Post
    Lol, nothing missing I simply answered the question
    I just threw in that IP banning isn't the most reliable way to ban though.
    Ahhh got ya. I must say the idea of grabbing a MAC address sounds like something that might be fun toying around with. (l guess l should consult with my good friend google first) but what kind'a information can you share?

    edit: Seems like most of the results l find in google are speculation....

  • #6
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    I'm not 100% certain of this either as I've never tried it out, however...
    Based on my networking experience, you should be able to grab a physical address through a proxy by shell_exec() with an nbtstat. After that, some line splitting and exploding, you should be able to obtain a mac address. Granted that this can also be spoofed, but most people won't know how to alter it. Another down side is its use of shell_exec(), unless you run a dedicated I doubt your server supports it. I don't have a dedicated to play with, but if you do I would love to hear your results!
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #7
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    much more effective than targeting the entire IP address; as the last set of octets change frequently
    and effectively banning 254 users (good or bad users) at once .. 100 banned ip address's = nearly 25,000 potential users banned from the site.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #8
    New Coder
    Join Date
    Jun 2007
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts
    samantha, then could I use fwrite() to add ips to the text file?

  • #9
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by firepages View Post
    and effectively banning 254 users (good or bad users) at once .. 100 banned ip address's = nearly 25,000 potential users banned from the site.
    Hahah, guess you're right l didn't think about it that way when l tossed the example together // l was working off of a "cloaking" script; and the sript targets SE bots; not regular users.

    But alas the whole idea is "off" and should be done via .htaccess in the first place, am l right?

    Best regards,

  • #10
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by newline View Post
    samantha, then could I use fwrite() to add ips to the text file?
    Sure could... something like this would do the trick:

    PHP Code:
    <?php

    define
    ('FILE_IPS''banned_ips.txt'true); // edit 'banned_ips.txt' with the name/path of your banned ip text file... 

    $ip $_POST[user_ip];

    //make sure IP is posted, and that i's numeric.... 
    if(!empty($ip) && is_numeric(str_replace("."""$ip))){

    //open up your text file and write to the end of it...
    $fh fopen(FILE_IPS'a') or die("<b>Error:</b> There was a problem banning " $ip ". Please trya gain.");
    $stringData "$ip\n";
    fwrite($fh$stringData);
    fclose($fh);

    //output success...
    echo $ip " Was successfully banned.<br /><a href='" $PHP_SELF "'>go back</a>";

    }else{
    //form not submitted.. show ip banning form...

    echo <<<EoC
    <form method="post" action="banMod.php">
    IP: <input type="text" name="user_ip" value="" />
    <br />
    <input type="submit" value="Ban IP" />

    </form>
    EoC;
    }
    ?>

  • #11
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    PS, if you don't want to bann an entire range of 255 IP addresses everytime you add an ip to your "ban file", you might want to do this change to the original code:
    [per firepages' observations...]


    find:
    PHP Code:
    $exp explode("."$ip); 
    $class $exp[0].'.'.$exp[1].'.'.$exp[2].'.'

    if(
    stristr($file$class)) { //user is banned do something... 
    replace with:
    PHP Code:
    if(stristr($file$ip)) { //user is banned do something... 


    @Fou-Lu

    I am running a dedicated server, but l wouldn't know the first thing about any of this; the only time l've ever used shell_exec() was to created a php function to inject a gzipped sql file into a database... do you have a concept script you could come up with and we'll test it out.


    Best regards,
    Last edited by Coastal Web; 06-08-2007 at 12:00 AM.

  • #12
    New Coder
    Join Date
    Jun 2007
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I will soon

  • #13
    New Coder
    Join Date
    Apr 2007
    Posts
    85
    Thanks
    1
    Thanked 0 Times in 0 Posts
    try this, nice and simply IMO,

    Code:
    <?
    
    $blockip = array("192.169.1.1");
    
    $x = count($blockip);
    
    for ($y = 0; $y < $x; $y++) {
    
    if ($REMOTE_ADDR == $blockip[$y]) {
    
    echo ("Site Down");
    
    Exit;}
    
    }
    
    ?>
    I am on my way. :)

  • #14
    New Coder
    Join Date
    Jun 2007
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts
    well i want to be able to add ip's by form.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •