Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 18

Thread: Block IP range

  1. #1
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts

    Block IP range

    I need a method of blocking and IP range, E.G. 115.125.12.*

    So anything starting with 115.125.12 would be blocked. What would the easiest way of doing this be?

  • #2
    Regular Coder
    Join Date
    Jul 2010
    Location
    Oregon City
    Posts
    280
    Thanks
    5
    Thanked 50 Times in 49 Posts
    On just one page or what?

    PHP Code:
    <?php

    $range 
    = array();

    $range "99.99.99";

    $user $_SERVER['REMOTE_ADDR'];
    $users explode("."$user);

    $users_a $users[0] . "." $users[1] . "." $users[2];

    if ( 
    in_array $users_a$range ) )
    {
    // do something..


    }
    ?>

  • #3
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    I would use htaccess unless you want to present something more than a HTTP 403 error.
    OracleGuy

  • #4
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts
    well what i do is if a users IP is banned i redirect them to a page saying "your banned" and the details about it.

    Regarding the .htaccess the IPs are stored in a database, is it possible to fill the htaccess file from a database or isnt that doable?

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    I like to over-complicate things myself. I'd write a cidr class that lets me compare a provided address to a subnet range.
    Hmm, offhand I'm not sure if you can link the ip lookup into .htaccess. I know you can do the authentication for basic and whatnots (but you can do that from PHP as well), but for actual IP addresses, I'm not too sure.

  • #6
    Regular Coder
    Join Date
    Jul 2010
    Location
    Oregon City
    Posts
    280
    Thanks
    5
    Thanked 50 Times in 49 Posts
    Quote Originally Posted by tomharto View Post
    well what i do is if a users IP is banned i redirect them to a page saying "your banned" and the details about it.

    Regarding the .htaccess the IPs are stored in a database, is it possible to fill the htaccess file from a database or isnt that doable?
    What I gave you is viable. You could redirect them with it. You could probably make a script to write an .htaccess file for you with the IPs + necessary tags and have a cronjob or something to update it to include new IPs you add

  • #7
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts
    Im gonna look at putting your code into what i already have, ill let you know what happens when i do it later on today

  • #8
    New Coder
    Join Date
    Oct 2011
    Posts
    12
    Thanks
    0
    Thanked 1 Time in 1 Post
    I wrote a script for this exact purpose a week or two ago

    Checking an incoming IP against banned IP classes.

  • Users who have thanked Cjwinnit for this post:

    tomharto (10-19-2011)

  • #9
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts
    That looks like it would do the job , im just thinking now, how would i put it into my current script?
    PHP Code:
    $IP $_SERVER['REMOTE_ADDR'];
    $curTime time(); //ban_start     ban_end
    $banList "SELECT * FROM phpbb_banlist WHERE ban_start < $curTime AND ban_end > $curTime AND ban_ip = '$IP' OR ban_start < $curTime AND ban_end = 0 AND ban_ip = '$IP'";

    $banRes  mysql_query($banList);
    if ((
    mysql_num_rows($banRes)) > 0)
    {
        
    $deny = array();
        while (
    $row mysql_fetch_array($banRes))
        {
            
    $deny[] = $row['ban_ip'];
            
    $deny[$row['ban_ip']] = $row['ban_end'];
        }
        
        
        if (
    in_array($_SERVER['REMOTE_ADDR'], $deny))
        {
            
    $_SESSION['until'] = date("d-m-Y"$deny[$_SERVER['REMOTE_ADDR']]);
            
    header ("Location: banned.php");
            die();
        }

    The IP's it would return are in the format xxx.xxx.xxx.xxx or xxx.xxx.xxx.*

  • #10
    New Coder
    Join Date
    Oct 2011
    Posts
    12
    Thanks
    0
    Thanked 1 Time in 1 Post
    Hi. 2 questions:

    1/ By "that", do you mean mine?

    2/ You said in the form "xxx.xxx.xxx.xxx" and "xxx.xxx.xxx.*"? so you'd have a list of banned individual IP's and banned ranges together in the same banlist?

  • #11
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts
    Yeah i meant your . Yeah there all in one list, would that be a problem?

  • #12
    New Coder
    Join Date
    Oct 2011
    Posts
    12
    Thanks
    0
    Thanked 1 Time in 1 Post
    Not necessarily.

    I would say that having it in "xxx.xxx.xxx.0/bla" form is a bit better as it's a standard way of storing it - I understand if it's a bit of work to change though.

    As examples,
    "192.168.0.*" is the same as "192.168.0.0/24".
    "192.168.*.*" is the same as "192.168.0.0/16".
    "192.*.*.*" is the same as "192.168.0.0/8".

    If you wanted to ban only the IP "200.15.6.7" you would write "200.15.6.7/32"

    I'll work on your script
    ---------------
    is "$deny[]" in the loop the banlist in array form?
    Last edited by Cjwinnit; 10-19-2011 at 05:29 PM.

  • #13
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts
    Okay, well that wouldnt be much to change yet at all so i can do it that way, how would i put your functions into my script cause mines just a simple in_array

  • #14
    New Coder
    Join Date
    Oct 2011
    Posts
    12
    Thanks
    0
    Thanked 1 Time in 1 Post
    1/ Put the two functions in your script.

    2/ Have your script get the ban list out of the MySQL database and store it in an array (your script does this well as far as I can see ). For sake of argument, let's call the array "$banlist".

    3/ Change:
    PHP Code:
    if (in_array($_SERVER['REMOTE_ADDR'], $banlist)) { **DO STUFF** } 
    to:
    PHP Code:
    foreach($banlist as $val

    if(
    isipinsub ($_SERVER["REMOTE_ADDR"], $val)){ **DO STUFF** } 

    ----

    In fact you could store individual IP's in your database even if you forgot to put "/32" at the end. It wouldn't take too long to write a quick script to stick "/32" on the end of an array entry if it didn't find a slash in it.
    Last edited by Cjwinnit; 10-19-2011 at 06:06 PM.

  • #15
    Regular Coder
    Join Date
    Jul 2010
    Location
    Sheffield
    Posts
    822
    Thanks
    93
    Thanked 18 Times in 18 Posts
    Thanks a lot , a lot easier than i was thinking it was gonna be :P


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •