Banning

**inf0streaker** · December 16th, 2003, 05:45 PM

Ok. ya. i might just do it by Firewall. he uses cable so i dont need to worry about the ip changing. Static ip is the one that doesn't change right? then a dynamic Ip would change. I think its everytime you log on to the Internet. I don't know.Anyway thanks for the help.

**!mitationRust** · December 16th, 2003, 05:51 PM

Yeah after Tedob1 gave me that cool whois program. Anytime I get a port scan from a asian *cough*Korea*cough* country ect... I just block the whole Range now.

***MicroBurn*** · December 16th, 2003, 06:16 PM

Well, I know you have PHP installed (Probably becasue I was the one who helped set up your server. ;-)) but it might not be as secure blocking it on your firewall, or on your router. And, do you just want to drop him from 80 (HTTP) or from everything? I'll look into writing a PHP Script for you, it really shouldn't be that hard at all, but I just got up, and I'm hungry, so I'll make some food, and post it later.

Peace

MB

***RoadClosed*** · December 16th, 2003, 06:21 PM

Some say blocking ranges is a little harsh, I say it's ok. Your site, your rules. Chances that you block some ligitimate user are very small and if so, they can go complain to their ISP or you can narrow the block or exclude his or her IP.

***MicroBurn*** · December 16th, 2003, 07:03 PM

Blocking IP ranges could be harsh if you had a big site, but if it is small, it shouldn't do much, and I don't think complaing to your ISP that you have been banned from a site will do much good, there really isn't much they could do. It is you're site.

Well, here is the PHP code, much thanks to xmad, soule, and chsh who helped me get it on IRC get the array straightened out.

Code:

&lt;?php
/*
* PHP Banner
* Created by MicroBurn (http://www.unerror.com)
* This could also be used to allow only your IP to this sctipt, just put an echo() there     
* the die() is, and add an }else{ die() You can also use $blockip 
* as a wild card, meaning if $blockip = 192.168 it would block the any IP that started 
* with, or contianed 192.168 You can block all IP's with if you set * 1=&gt;'.'); Ofcourse 
* to ban the IPs you want to ban change 0=&gt; and 1=&gt; to the IP's you want to 
* ban, you can also add more like 3=&gt; 4=&gt; all the way up.
*/

$blockedips = array(
0=&gt;'127.0.0.1',
1=&gt;'192.168.2.1');
for ($i=0; $i&lt;sizeof($blockedips); $i++) {
	if (strstr($_SERVER["REMOTE_ADDR"], $blockedips[$i])) {
		die("Sorry. You have been banned.");
 }
}
// Put everything else here.
echo "Everything."
?&gt;

Say you wanted to ban the IP's 85.2.15.148, 218.21.4.65, 84.21.81.6 and 78.21.26.222. The array would look like this...

Code:

0=&gt;'85.2.15.148',
1=&gt;'218.21.4.65',
2=&gt;'84.21.81.6',
3=&gt;'78.21.26.222');

**Drunk On Duvel** · December 16th, 2003, 07:08 PM

Have you thought of .htaccess?

Code:

order allow,deny
deny from xxx.x.x.x
deny from xxx.x.x.x
deny from xxx.x.x.x
allow from all

More information can be found at http://httpd.apache.org/docs-2.0/howto/htaccess.html

Good luck.

***MicroBurn*** · December 16th, 2003, 07:18 PM

D'oh, haha, should have thought of that, though I rarley use .htaccess, and it's been awhile since I've used Apache. But, atleast with my script you can put cool, "You have been banned, sucker" messages, and websites and stuff. ;-) Haha, good thinking Jack.

Peace

MB

***Lansing_Banda*** · December 16th, 2003, 07:30 PM

Just wanted to point out that steve.milner made an excellant movie title

Rage of IPS...

yeah, I like it

**Shaggy** · December 16th, 2003, 08:04 PM

I would have to agree with steve.milner on this.
If someone has Dial up, or ADSL connection, there External IP will change often. Blocking en entire range is the only way to do this effectively, but in turn you will be banning others as well.

I dont know the seriousness of this issue,so i am not sure how effective an ISP would be with this.

***RoadClosed*** · December 17th, 2003, 12:56 AM

I don't think complaing to your ISP that you have been banned from a site will do much good, there really isn't much they could do. It is you're site.

I meant this as an extreme measure when the site provider chooses to not take new people to the site because of the block ban. It's mean but the alternative is allowing destructive persons back into your site. Of course if you run an e-business then thats a tough decision. I have only had one person who fell into a block ban e-mail me and say he wanted into the site. I told him "sorry, comlain to your ISP because the block stays" I agree the ISP won't do crap, that's why the block is there - but this dude ran an exploit against the server that would have given him access remote access had I not patched it hours before (game server). He and his block are gone forever because he kept coming back after his ID was banned again and again. Of course like I mentioned, if you run a large site with an e-bussiness you may have the resources to avoid a block ban.

Thread: Banning

Thread Tools

Display

Posting Permissions