Ban script
Moderator: General Moderators
Ban script
Ok, i got two things,
1. How can i convert the bellow script so that i can use wild Cards to ban IP Address. Also possibly be able to ban ISP domains, like rr.net Where it resolves the DNS and if it has rr.net in it, it also denies them.
<?
$fp = fopen("BannedIPs.txt", "r");
$banned = fread($fp, 1024*1024);
fclose($fp);
$ips = explode("\n", $banned);
if(in_array($REMOTE_ADDR, $ips)) {
die("Your IP Address $REMOTE_ADDR is banned from this website.");
}
?>
2. Anther thing is, how can i implant this script to load on a PHPbb forum? I tried loading it in the forums, but all it does is Deny everyone, like it does not even look up the bans in the list.
1. How can i convert the bellow script so that i can use wild Cards to ban IP Address. Also possibly be able to ban ISP domains, like rr.net Where it resolves the DNS and if it has rr.net in it, it also denies them.
<?
$fp = fopen("BannedIPs.txt", "r");
$banned = fread($fp, 1024*1024);
fclose($fp);
$ips = explode("\n", $banned);
if(in_array($REMOTE_ADDR, $ips)) {
die("Your IP Address $REMOTE_ADDR is banned from this website.");
}
?>
2. Anther thing is, how can i implant this script to load on a PHPbb forum? I tried loading it in the forums, but all it does is Deny everyone, like it does not even look up the bans in the list.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
try
User's may easily mask and fake their Ips however...
Code: Select all
$ips = file('banned.txt');
if(in_array($_SERVER['REMOTE_ADDR'], $ips)) {
die("Your IP Address ".$_SERVER['REMOTE_ADDR']." is banned from this website.");
}What about:
Code: Select all
<?php
if (strpos($_SERVER['REMOTE_ADDR'], file_get_contents('banfile.txt'))) {
die("You're banned, naff off!");
}
?>- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
false positives are very possible with this solution. Example: 192.168.1.1 gets banned. Someone comes in with 192.168.1.12, they'd get the banned message.Jenk wrote:What about:
Code: Select all
<?php if (strpos($_SERVER['REMOTE_ADDR'], file_get_contents('banfile.txt'))) { die("You're banned, naff off!"); } ?>
Code: Select all
function ip2bin($ip) {
return implode('',array_map('chr',array_map('intval',explode('.',trim($ip)))));
}
function maskIpCompare($mask,$ip) {
$ip = ip2bin($ip);
$mask = str_replace('\\0','.',preg_quote(ip2bin(str_replace('*','0',trim('192.*.*.*'))),'#'));
return (bool)preg_match("#^{$mask}$#s",$ip);
}usage is
Code: Select all
if(maskIpCompare('192.168.*.*','192.168.1.12')) {
// matched
} else {
// didn't match
}Don't bother sending that! Why tell them they are banned. Just send a 404.Jenk wrote:Code: Select all
die("You're banned, naff off!");
Code: Select all
if(in_array($_SERVER['REMOTE_ADDR'], file('banned.txt'))) send_404();
function send_404()
{
header('HTTP/1.x 404 Not Found');
print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."\n".
'<html><head>'."\n".
'<title>404 Not Found</title>'."\n".
'</head><body>'."\n".
'<h1>Not Found</h1>'."\n".
'<p>The requested URL '.
str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']).
' was not found on this server.</p>'."\n".
'</body></html>'."\n";
exit;
}Because typing "die("You are banned, naff off!"); is quicker than thatbokehman wrote:Don't bother sending that! Why tell them they are banned. Just send a 404.Jenk wrote:Code: Select all
die("You're banned, naff off!");
Code: Select all
if(in_array($_SERVER['REMOTE_ADDR'], file('banned.txt'))) send_404(); function send_404() { header('HTTP/1.x 404 Not Found'); print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."\n". '<html><head>'."\n". '<title>404 Not Found</title>'."\n". '</head><body>'."\n". '<h1>Not Found</h1>'."\n". '<p>The requested URL '. str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']). ' was not found on this server.</p>'."\n". '</body></html>'."\n"; exit; }