• Index
  •  » Articles
  •  » Site protecSite protection. IP address blocking

Site protecSite protection. IP address blocking

Site protection. IP address blocking

A lot of internet resources are actively spammed nowadays. There are a lot of protection methods but in spite of that fact it is very complicated to stop spammers. The most effective method for preventing spamming is using the spammer’s IP blocking. But you should know that that method should be used only at the worst, if you were spammed several times from the same ip address. IP blocking should be used very carefully because it can close the access to you site for the search engines

In that article I’ll show the simplest php script that has two security levels: notice spammer that he will have problems and block his ip address. The main disadvantage of that method is that if spammer uses free or public proxy server and you ban its ip, you’ll close the access for other users. That’s why before banning use whois service.

And here is the code:

<?php
/* http://wm-help.net/ */
/* Message during the ip banning */
define("bann_message""Your IP: %ip%  doesn’t have access rights.");

/* Warning message */
define("wrong_message""If you don’t follow the rules your IP: %ip% will be blocked");

/* array with ip and blocking type. */
$bann_array = array(
                    "195.66.203.247"=>"bann"// bad IP
                    "220.94.220.60"=>"bann",  // bad IP
                    //"127.0.0.1"=>"wrong"      // Test
                    );

function _ip()
{
  if(isset($HTTP_SERVER_VARS)) {
    if(isset($HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"])) {
    $realip $HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"];
    }elseif(isset($HTTP_SERVER_VARS["HTTP_CLIENT_IP"])) {
      $realip $HTTP_SERVER_VARS["HTTP_CLIENT_IP"];
    }else{
      $realip $HTTP_SERVER_VARS["REMOTE_ADDR"];
    }
  }else{
  if(getenv"HTTP_X_FORWARDED_FOR" ) ) {
    $realip getenv"HTTP_X_FORWARDED_FOR" );
  }elseif ( getenv"HTTP_CLIENT_IP" ) ) {
    $realip getenv"HTTP_CLIENT_IP" );
  }else {
    $realip getenv"REMOTE_ADDR" );
  }
}
return $realip;
}

function bann_on_not_to_bann()
{
    global $bann_array// get the array with ip addresses 
    $user_ip _ip();   // ???????? ip

/* get from the array key and value */
foreach($bann_array as $ip=>$type)
{
    if ($ip == $user_ip// check
    {
        switch($type// if ip matched look what to do
        {
            case "wrong"// warning
            {
                echo str_replace("%ip%"$user_ipwrong_message); // print the warning
                break; // quit switch
            }
            case "bann"// blocking
            {
                die(str_replace("%ip%"$user_ipbann_message)); // Message that access has been closed + finishing working 
                // break isn’t required because nothing happens after that
            }
        }
    }
}
}

/* Check the ip owner and block or warn if he is a spammer */
bann_on_not_to_bann();
?>

For using that script you have to you have to create the ip_bann.php file and insert the listed above script. After that write include 'ip_bann.php' string in the beginning of the index.php file.


 

  • Top