I'm running a website with Apache2 is there a wasy to ban people from coming to my site?
Printable View
I'm running a website with Apache2 is there a wasy to ban people from coming to my site?
im not sure, but i know some how there is a way to IP ban someone. I have been IP banned from a forum before. www.tshforums.com my friends used to go here for flame wars before
Pretty simple. Just block the offending IP on your firewall. You do run your webserver behind a firewall don't you?
Check the HTTP header HOST_IP or some thing of that sort ( e.g HTTP_IP_ADDRESS or IP_ADDRESS) on your page display the page only if it is your address else simply terminate the page
Set firewall to block connections from whichever IP you want.
-Cheers-
PS: impetus, you take latin?
True, firewall blockwill work, but keep in mind that Banning someone by an IP address would only work if:
firstly the person uses a static ip address;
secondly the user would not use an IP morph program to hide or change his ip.
How would the user be able to receive data then if the server thinks he's another host?Quote:
secondly the user would not use an IP morph program to hide or change his ip.
Person ---SYN--->Server
Server ----SYN/ACK---> ????
Isn't the only way a user can "change" his IP here by connecting through a proxy?
If the user is on dial up his IP gets reset each time, therefore you'll be nblocking an IP address not anyone particular come on.. thats just a little harsh
I have DSL (dial-up in the past) and my IP changes too, maybe every day, don't know.
The IP might even change when I power off my router and put it back on.
I think this is with most DSL/cable? users here, not sure again of course.
Do a whois & find out the rage of IPs for the ISP & block the lot.Quote:
Originally posted here by ghostofanonion
If the user is on dial up his IP gets reset each time, therefore you'll be nblocking an IP address not anyone particular come on.. thats just a little harsh
Why do you want to do this?
Are you trying to rid yourself of a nuisance?
If so email the ISP with the complaint & tell them you will block their wholw range of addresses if they do not take action.
Steve
Ok. ya. i might just do it by Firewall. he uses cable so i dont need to worry about the ip changing. Static ip is the one that doesn't change right? then a dynamic Ip would change. I think its everytime you log on to the Internet. I don't know.Anyway thanks for the help.
Yeah after Tedob1 gave me that cool whois program. Anytime I get a port scan from a asian *cough*Korea*cough* country ect... I just block the whole Range now.
Well, I know you have PHP installed (Probably becasue I was the one who helped set up your server. ;-)) but it might not be as secure blocking it on your firewall, or on your router. And, do you just want to drop him from 80 (HTTP) or from everything? I'll look into writing a PHP Script for you, it really shouldn't be that hard at all, but I just got up, and I'm hungry, so I'll make some food, and post it later.
Peace
MB
Some say blocking ranges is a little harsh, I say it's ok. Your site, your rules. Chances that you block some ligitimate user are very small and if so, they can go complain to their ISP or you can narrow the block or exclude his or her IP.
Blocking IP ranges could be harsh if you had a big site, but if it is small, it shouldn't do much, and I don't think complaing to your ISP that you have been banned from a site will do much good, there really isn't much they could do. It is you're site.
Well, here is the PHP code, much thanks to xmad, soule, and chsh who helped me get it on IRC get the array straightened out.
Say you wanted to ban the IP's 85.2.15.148, 218.21.4.65, 84.21.81.6 and 78.21.26.222. The array would look like this...Code:<?php
/*
* PHP Banner
* Created by MicroBurn (http://www.unerror.com)
* This could also be used to allow only your IP to this sctipt, just put an echo() there
* the die() is, and add an }else{ die() You can also use $blockip
* as a wild card, meaning if $blockip = 192.168 it would block the any IP that started
* with, or contianed 192.168 You can block all IP's with if you set * 1=>'.'); Ofcourse
* to ban the IPs you want to ban change 0=> and 1=> to the IP's you want to
* ban, you can also add more like 3=> 4=> all the way up.
*/
$blockedips = array(
0=>'127.0.0.1',
1=>'192.168.2.1');
for ($i=0; $i<sizeof($blockedips); $i++) {
if (strstr($_SERVER["REMOTE_ADDR"], $blockedips[$i])) {
die("Sorry. You have been banned.");
}
}
// Put everything else here.
echo "Everything."
?>
Code:0=>'85.2.15.148',
1=>'218.21.4.65',
2=>'84.21.81.6',
3=>'78.21.26.222');
Have you thought of .htaccess?
More information can be found at http://httpd.apache.org/docs-2.0/howto/htaccess.htmlCode:order allow,deny
deny from xxx.x.x.x
deny from xxx.x.x.x
deny from xxx.x.x.x
allow from all
Good luck.
D'oh, haha, should have thought of that, though I rarley use .htaccess, and it's been awhile since I've used Apache. But, atleast with my script you can put cool, "You have been banned, sucker" messages, and websites and stuff. ;-) Haha, good thinking Jack.
Peace
MB
Just wanted to point out that steve.milner made an excellant movie title
yeah, I like itQuote:
Rage of IPS...
I would have to agree with steve.milner on this.
If someone has Dial up, or ADSL connection, there External IP will change often. Blocking en entire range is the only way to do this effectively, but in turn you will be banning others as well.
I dont know the seriousness of this issue,so i am not sure how effective an ISP would be with this.
I meant this as an extreme measure when the site provider chooses to not take new people to the site because of the block ban. It's mean but the alternative is allowing destructive persons back into your site. Of course if you run an e-business then thats a tough decision. I have only had one person who fell into a block ban e-mail me and say he wanted into the site. I told him "sorry, comlain to your ISP because the block stays" I agree the ISP won't do crap, that's why the block is there - but this dude ran an exploit against the server that would have given him access remote access had I not patched it hours before (game server). He and his block are gone forever because he kept coming back after his ID was banned again and again. Of course like I mentioned, if you run a large site with an e-bussiness you may have the resources to avoid a block ban. :)Quote:
I don't think complaing to your ISP that you have been banned from a site will do much good, there really isn't much they could do. It is you're site.
On (many/most) cable connections it is a trivial matter to change you ip. All i have to do is change my mac and renew my dhcp lease and taday a shiny new ip. (easy on *nix or with a router, i have not a clue with win )Quote:
Originally posted here by inf0streaker
Ok. ya. i might just do it by Firewall. he uses cable so i dont need to worry about the ip changing. Static ip is the one that doesn't change right? then a dynamic Ip would change. I think its everytime you log on to the Internet. I don't know.Anyway thanks for the help.
As I said earlier User this HTTP variable REMOTE_ADDR check weather it is your IP if not dont display the page
Sometimes I get my wucking mords fuddled up!Quote:
Originally posted here by Lansing_Banda
Just wanted to point out that steve.milner made an excellant movie title
'Rage of IPS'
yeah, I like it
(I have a poor ability to type, coupled with a touch of dyslexia means that when I make typos I can't always see then)
Steve
Nah,Quote:
Originally posted here by RoadClosed
Of course like I mentioned, if you run a large site with an e-bussiness you may have the resources to avoid a block ban. :)
ISPs are fairly useless.
We run an e-business channel with moderate turnover £8M per year and we were having a problem with a mailserver that belonged to Blueyonder constantaly sending us one email over & over again. I blocked the IP, contacted Blueyoner and explained the problem. The helpdes/support guy had a real difficulty when he asked, can you give me your customer details, and I said I'm not a customer.
The long and short of it is that I was eventually put through to a manager & I explained that until the matter was resolved no email from that server would be delivered to us and that might have an impact on people who were customers of both of us. 3 months later I've had no contact to say the problem is resolved - Their mail server is still banned.
This may have an impact on our business, but it's a smaller impact than the DoS attack that was occuring.
Steve