|
|
|
This tiny article was born after one incident for my web site, which was hacked by a turkey group, so I can't access/read my web site, so I did some coding to redirect the page when the particular IP was detected by PHP code, ok let’s start with general hacking information...
Dealing with hack attempts, evil web bots, and worms has been an ongoing headache.
Most of these problems come from dynamic IP addresses, so simply blocking the offender is only a temporary solution, and we may use to Examining logs and putting blocks in place is time consuming. Remembering to remove blocks on dynamic IP addresses is also a problem.
So we can block particular IP/ranges, even the proxy IP through the following simple code
| <?php
$ip_proxy=$_SERVER ["HTTP_X_FORWARDED_FOR"];
?> | |
The above line refers the predefined variable in PHP $_SERVER is an array containing information such as headers, paths, and script locations. The entries in this array are created by the web server.
The $_SERVER ['HTTP_X_FORWARDED_FOR'] header giving the IP address of the connection that it proxies, so we use to separate the IP and it's proxy address by using explode function., also we can get the IP address by using $_SERVER['REMOTE_ADDR'] but which is not worth full in web site hosted by sub domain.
I hope you all know about the explode function that is Split a string by string
| <?php
$tnt=explode (',',$ip_proxy);
$ip=explode ('.',$tnt[0]);
$proxy=explode ('.',$tnt[1]);
?> | |
next thing is we should block all of the IP addresses which are in the text file, so we should enter the IP addresses which are to be blocked. here I have specified some turkey IP address in the text file which doesn’t have the full structure of the IP address format, I took onlythree digits. You can change the code for checking full format of IP address!.
| <?php
$filename="input.txt";//text file
$lines = array (); //set as array
$file = fopen ($filename, "r"); //Open the file for reading only
while (! feof ($file)) { //read file line by line into a new array element
$lines [] = fgets ($file, 4096); //Gets line from file pointer
}
$x = count ($lines);
for ($y = 0; $y < $x; $y++) {
if((trim($lines[$y])==$ip[0])||(trim($lines[$y])==$proxy[1]))//check the IP/proxy address
{ echo 'Banned';//if IP match the listed IP means ,you can redirect/do some function here .
}
else { echo 'welcome'; }
}
I hope above simple code is useful and learn something about IP blocking, Happy Blocking!!
"
?> | |
|
|
| A damaged image generator (class) for validating text.
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Categories : PHP, PHP Classes, Security, GD image library, Security | | | Simple Password example
Categories : PHP, Authentication, Security, HTTP | | | A PHP function to encrypt and decrypt a number or string or a combination of the two.
Categories : PHP, Encryption, Security | | | Dollar Serial Number Validator
Categories : PHP, Security, Algorithms | | | MD5 secured login
Categories : PHP, Java Script, Authentication, Security | | | Secure URL $_GET
Categories : PHP, Data Validation, Security | | | Gets the browser and OS from the $_SERVER['http_user_agent'] variable in PHP
Categories : PHP, HTTP, Regexps | | | Encoding data using PGP via PHP's proc_* functions
Categories : Cryptography, Security, Email, PHP, PGP | | | A very simple PHP single password cookie based login without usernames.
Categories : PHP, Cookies, Security, Beginner Guides | | | A function to check if a URL exists
Categories : PHP, CURL, HTTP | | | WebServerSpy checks which kind of Webserver is running, Apache, Netscape, Fasttrack, IIS, HTTP-Header, HTTP 1.0, GET, spy, WWW
Categories : HTTP, Network, Apache, PHP, Web Servers | | | Simple pipe delimited file export program that downloads to a local machine
Categories : PHP, Filesystem, Databases, MySQL, HTTP | | | Easily Grant Temporary SSH Access to yourself when in remote location
Categories : PHP, Linux, Cron, Security | | | PHP4 HTTP Compression Speeds up the Web
Categories : PHP, Zlib, HTML and PHP, HTTP, Network | | | Authentication HTTP protocol POST
Categories : Authentication, HTTP, PHP | |
|
|
|
