Support Forums
Auto Ban IP's & Host's - Printable Version

+- Support Forums (https://www.supportforums.net)
+-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87)
+--- Forum: Coding Support Forums (https://www.supportforums.net/forumdisplay.php?fid=18)
+---- Forum: PHP The Hypertext Preprocessor (https://www.supportforums.net/forumdisplay.php?fid=21)
+---- Thread: Auto Ban IP's & Host's (/showthread.php?tid=2595)

Auto Ban IP's & Host's - zone - 11-06-2009

Credits and Source: http://www.dreamincode.net/
Name: Auto Ban IP's & Host's
Description: Been having a problem with people posting crap and links on my site. I dont want people to angry, just dont want that stuff on my site or in email. I even stated as sutch on the email form, (That i added image ver to stop auto posting) they still keep trying. list is growing. So made an auto ban. file in the last week has many entry's. It displays 404. Web Site disapears.
Snippet:
PHP Code:
/** 
parts writen by me, and others. 
can add ip's to the file manually one per line.
*/

    $user_ip $HTTP_SERVER_VARS['REMOTE_ADDR'];
    if (empty($user_ip)) {
        $user_ip getenv('REMOTE_ADDR');
    }
    if (!empty($HTTP_SERVER_VARS['HTTP_CLIENT_IP'])) {
        $user_ip $HTTP_SERVER_VARS['HTTP_CLIENT_IP'];
    }
    $tmpipaddr getenv('HTTP_CLIENT_IP');
    if (!empty($tmpipaddr)) {
        $user_ip $tmpipaddr;
    }
    if  (!empty($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])) {
        $user_ip preg_replace('/,.*/'''$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']);
    }
    $tmpipaddr getenv('HTTP_X_FORWARDED_FOR');
    if  (!empty($tmpipaddr)) {
        $user_ip preg_replace('/,.*/'''$tmpipaddr);
    }
    $host_name gethostbyaddr($user_ip);


function ban_ip(){
        global $ipdat_file,$user_ip,$host_name;
        $handle fopen($ipdat_file,"a+");
        @flock($ipdat_fileLOCK_EX);
        if(gethostbyaddr($_SERVER['REMOTE_ADDR']) != $host_name)
            $host_name "$host_name\r\n".gethostbyaddr($_SERVER['REMOTE_ADDR']);
        fputs($handle"$user_ip\r\n$host_name\r\n".ip2dec($user_ip)."\r\n");
        @flock($ipdat_fileLOCK_UN);
        @fclose($ipdat_file);
        
    get_404();
}
if(eregi('Best sites for',$_POST['Comments'])){
    //get_404();
    ban_ip();
    //header("location: http://www.waltdisney.com");
    //exit;
}
function check_ip(){
        global $ipdat_file,$user_ip,$host_name;
        if(is_file($ipdat_file)){
               //if($_GET['dbg'] == 1) 
                //    echo $ipdat_file;
                $handle = @fopen($ipdat_file"r");
                @flock($ipdat_fileLOCK_EX);
                if ($handle) {
                   while (!feof($handle)) {
                       $buffer[] = trim(fgets($handle4096));
                       //if($_GET['dbg'] == 1) 
                       //    print_r($buffer);
                   }
                $no_access false;
                if($buffer){
                    if(in_array($user_ip,$buffer,false
                    || in_array($host_name,$buffer,false
                    || in_array(ip2dec($user_ip),$buffer,false)){
                        //echo "$user_ip";
                        $no_access true;
                    }
                    unset($buffer);
                    if($no_access)
                        get_404();
                }
        
                   @flock($ipdat_fileLOCK_UN);
                   @fclose($ipdat_file);
                }
        }
      
}
function get_404(){
        print "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><html><head><title>404 Not Found</title>
        </head><body><h1>404 Not Found</h1><p>The requested URL {$_SERVER['REQUEST_URI']} was not found on this server.</p><hr /><address>{$_SERVER['SERVER_SIGNATURE']}</address></body></html>";
        exit;
}
function ip2dec($ipaddr) {
 $base=explode(".",$ipaddr);
 $decimal=(double) $base[0]*16777216;
 $decimal+=$base[1]*65536;
 $decimal+=$base[2]*256;
 $decimal+=$base[3];
 if($decimal>2147483647) {
   $decimal-=4294967296;
 }
 return (int) $decimal;
}
function dec2ip($dec) {
 if($dec<0) {
   $dec=(double) 4294967296+$dec;
 }
 if($dec>16777215) {
   $ip=$dec-(intval($dec/256)*256);
   $dec=(double) intval($dec/256);
 } else $ip="0";
 if($dec>65535) {
   $ip=($dec-(intval($dec/256)*256)).".".$ip;
   $dec=(double) intval($dec/256);
 } else $ip="0.".$ip;
 if($dec>255) {
   $ip=($dec-(intval($dec/256)*256)).".".$ip;
   $dec=(double) intval($dec/256);
 } else $ip="0.".$ip;
 $ip=$dec.".".$ip;
 return (string) $ip;
}

//full server root dir
$ipdat_file "/home/server/domains/domain.com/ipdat.inc";

if($ipdat_file)
    check_ip(); 
Instructions: Add the functions to page that is a global load, loads on all pages.
static.ip file below server http root recomended.
cmod to 0644.
Added a few other things to check for. one person came back from hidebehind website.
That's it, How you found it Tongue

RE: Auto Ban IP's & Host's - Spl3en - 11-06-2009

Very interesting ! Smile
Thank you for sharing this.

RE: Auto Ban IP's & Host's - zone - 11-06-2009

(11-06-2009, 07:59 PM)Spl3en Wrote: Very interesting ! Smile
Thank you for sharing this.

I am excited that this is useful for you. Thanks for your kind comments bro, be happy always.