[PHP] Ban and IP from you're webpage.

[Jonthefisherman]

 Ban an IP from you're webpage.[/b]

[B]Create a file called banned.php containing this: [/B]

 	[QUOTE]
 	 	 		 			 				   <?php
    $ip = getenv('REMOTE_ADDR');
    $email = "email@server.com"

    $ban1 = "000.000.000"
    $ban2 = "000.000.000"
    $ban3 = "000.000.000"
    $ban4 = "000.000.000"
    $ban5 = "000.000.000"
    $ban6 = "000.000.000"

    if($ip == $ban1 || $ip == $ban2 || $ip == $ban3 || $ip == $ban4 || $ip == $ban5 || $ip == $ban6)
    { 
        echo "You have been banned from this website. To appeal this ban, contact the webmaster at $email."
        exit;
    }
?> 	[/QUOTE]		 		 	 	 
Replace the 0's with the IP address you want to ban.

[B]Add the this code to all the pages on you're site you want this to apply to.[/B]
( Make sure the file extension of the page is .PHP | Example = index.php )

 	 	 		 			 				
[QUOTE]	<?PHP
 include("banned.php");
?> 	 [/QUOTE]			 		 	 	 
[B]The code should now work, now to explain the code:[/B]


 	[QUOTE]	
 	 	 		 			 				 [I] $ip = getenv('REMOTE_ADDR');[/I] - I am assigning the person's IP to the variable $ip. $ip is used when checking the IP against the banned list.

[I] $email = "email@server.com" [/I] - Change [EMAIL="email@server.com"]email@server.com[/EMAIL] to your e mail so people can contact you regarding the ban.

[I] $ban1 = "000.000.000" [/I] - Change the 0's to the person's IP you wamt to ban. That assigns the banned IP to the variable. It is the same with ban1 to 6

[I]   if($ip == $ban1 || $ip == $ban2 || $ip == $ban3 || $ip == $ban4 || $ip == $ban5 || $ip == $ban6) [/I] - Checks the $ip variable against a list of banned ip's. If it matches, it echos and the user cannot view the site. However, if it does not match any IP on the list of banned IP addresses the user can view the webpage normally.  	 	 
If you want to ban anymore IP's, add another line to the banned list. (Remember to change the number)
Then, edit the if statement.
[/QUOTE]

 

[zen-r]

Pretty good, thanks.

But I just hope that the spelling for the coding is better than the spelling you used for this thread title

"

 Ban and IP from you're webpage."

[CENTER][FONT="Comic Sans MS"][COLOR="Indigo"]
Please click my Reputation button [IMG]http://forums.x10hosting.com/images/colortheory/buttons/reputation.gif[/IMG] (at the corner of this post) & make me :) -it costs you nothing!

If I've traded services/credits with you, please remember to leave [URL="http://forums.x10hosting.com/itrader.php?u=148917"]iTrader Feedback[/URL]. Thanks.[/COLOR][/FONT][/CENTER]

 

[Parsa44]

Thanks mate it will surley come in usefull, i have lots of IP's who i would love to ban =)

 

[Livewire]

Dun wanna seem like I'm hijacking the topic, but if you aren't big on PHP and you're running a mostly HTML site, there's also this little addon for .HTAccess files:

order allow,deny
deny from xxx.xx.x.x
deny from xxx.xx.x.x
deny from xxx.xx.x.x
allow from all

Replace xxx.xx.x.x with the ip you're blocking; can have as many or as few in there as you want.



Only problem is it just returns 403 forbidden; I'm not sure if you can get it to return something like a nice "You've been banned" page

Just a tidbit for Hardcore HTML sites out there

 

[remie]

Dont wanna be annoying but your php code is a bit inefficient and you cant ban more the 6 ips easily.
My idea:

<?php
$ips = array('0.0.0.0',
                    'add ips here');
if(in_array($_SERVER['REMOTE_ADDR'],$ips))
{
echo "You have been banned from this website. To appeal this ban, contact the webmaster at $email."
exit;
}
?>

 

[fguy64]

just an observation of the effectiveness of banning ip's in general...

given that ip addresses are usually assigned dynamically by the ISP using some kind of DHCP, going to any effort to ban IP addresses seems like a waste of time to me, and may even be counterproductive in that you will probably end up locking out the wrong person, cause soon someone else will get the ip address?

just a thought.

 

[lair360]

Ahem....you guys do need to simplify the script and make it clean!
Seriously...here is a better script...That I Made!!

<?php $banned = array (
//Add your own IP address under this line.
'122.2.13.1',
'144.2.76.6',
'166.2.76.6',
// IP Address Ends Here.
);
$ip = GetHostByName($REMOTE_ADDR);
if (in_array($ip,$banned)
{
echo 'You are banned from this site!';
exit();
} ?>

Copyrighted By Lair360

 

[zen-r]

just an observation of the effectiveness of banning ip's in general...

given that ip addresses are usually assigned dynamically by the ISP using some kind of DHCP, going to any effort to ban IP addresses seems like a waste of time to me, and may even be counterproductive in that you will probably end up locking out the wrong person, cause soon someone else will get the ip address?

just a thought.

You make a good point, though it is still a reasonably effective, industry-wide method used to attempt to eliminate troublesome visitors to websites. There is little else most sites can do.

I say reasonably effective, because many people have static or semi-permanent IP addresses. For example, as a cable customer my address hardly ever changes. Your point does highlight at least 2 things though;

1) the banned IP addresses should be purged from the list after a reasonable period of time (1 month?)

2) there should be a contact point or facility provided by the website to allow people to request that their IP be un-blocked if they can justify it.

There is of course another good reason to question the effectiveness of banning IPs : more & more people now understand how to use a proxy, & thus bypass the ban by appearing to come from a different IP address!

Please click my Reputation button

(at the corner of this post) & make me -it costs you nothing!

If I've traded services/credits with you, please remember to leave iTrader Feedback. Thanks.​

 

[damsch12]

i also think its not effective to ban an ip address, in my country our ip changes automatically every 12 hours, and you can also close the connection and open it again with a new ip.

 

[Linkz0rs]

There is of course another good reason to question the effectiveness of banning IPs : more & more people now understand how to use a proxy, & thus bypass the ban by appearing to come from a different IP address!

There are some proxy blocking scripts out there.. Such as TOR Blacklist from proxy.org
Although, not all of them are as effective as you'd hope them to be... But they do block SOME proxies.
I see it a waste of time blocking every IP they switch to... Lol.
If I really didnt want someone to see the site, I'd make it members only or something... And have Admin Approved signup... Of course, this could take some extensive coding, unless your using something that lets you do that.

 

[Livewire]

Yeah, the best 3 things I've found so far for preventing spam are either Administrative Approval, going as far as utilizing a Moderation Queue - the spamer has to have X approved posts before their posts even start showing up without being pre-approved -, or Captcha of some form (even a question). Obviously the latter two should have a limit - Captcha's annoy legit users and it's nice to know if you get to 5 posts they disappear.

Bit annoying but it's a good way to handle it, cause I also find it handy to ban both the username AND the ip - if the user tries to log back in later, they get stuck behind a banned username and would have to re-register.


The point about changing IP's is correct though; I do like the idea of a Blacklist+Whitelist combination though. Blacklist to ban the bad ip's (including ranges, if needbe), and a Whitelist utilizing already created accounts that are allowed to be logged into from any IP.

Basically would allow me to ban all of 192.168.*.* to prevent spammers from continuing to spam from that IP range, but user GenericUser, who is already created and has established a reputation as a "good" user to have around, can still log in, even if he's under the 192.168.*.* mask because he's in the Except list from the Blacklist.

Would also let admins force-create new accounts for users who asked via email/IM, and if they decided to go spam-happy, it'd be as easy as banning the user and never creating a new account for them - they'd already be in the IP Blacklist and be unable to create a new account, and their existing username's banned too

 

[lair360]

Hello everyone! Take a look at this collection!!
Have fun!

http://lair360.co.uk/blog/613/php-script-ip-banned/

 

[ichwar]

Nice script, but I must say that these kinds of things are becoming more and more ineffective. For example, I'm on a wifi network, with ours as well as several neighbor's wifis with in distance of my pc. Since ever time one of the modems is shut down and restarted, a new ip is assigned (at least for those of us on dsl) I never have a problem with ip blocking sites.

 

[lair360]

Uh...actually...my script will only block external ip address. Which means...your real IPs and not the ones your computer are using.

So...yeh....that is all I can say, really. :/