www.webdeveloper.com
Results 1 to 3 of 3

Thread: how to automate putting into ip into ips.txt file for use with script that filters ip

  1. #1
    Join Date
    Mar 2012
    Posts
    3

    resolved how to automate putting into ip into ips.txt file for use with script that filters ip

    hi i have a script that prevents banned ips from viewing the index file or anyfile that includes script i will paste below


    help adding a banned ip into ips.txt file

    to use include check_ip.php listed below


    PHP Code:
    <?php
    $banned 
    explode("\n"file_get_contents('ips.txt'));
    if (
    in_array($_SERVER['REMOTE_ADDR'], $banned)){
        die(
    '<center><p>
    <body style="background:#000000">
    <body bgcolor="#000000" text="#FFFFFF" link="#0000FF"> 
    <font color="orange" font size="+4">
    <p><br>
    <img src="/images/logojnet.png" width="65" height="48" alt="logo" title="J~Net"  style="padding:15px;"></a> 
    <br> You Are Banned!<p> To Check Again <p> Click <a href="/">Here!</a><p><br> <p> Or To Leave<p><br> Click <a href="http://www.google.com">Here!</a>'
    );
    }
    ?>


    I am asking, how to 1. detect if someone should be banned based on a attempted ddos attack (maybe using (excess amount of ping data within a set amount of short time),

    and second, how to then add that ip (from user that is attempting to do a ddos attack), into ips.txt file, both files are on the root of the web server on linux apache 2. if you can help with 1 or more parts of this please reply.

  2. #2
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,204
    IP addresses are not permanent which means if you add an IP address to your banned list, at some point that IP address could be recycled to a valid user and you could be blocking a user that may not be the original person you banned.

    My IP address is different every time I log on to and use the internet.

    So... if you are wanting to do this, I suggest that you use a database for speed and if you are not using mysql, then check to see if sqlite is present and use that as it increases speed of access and you would reduce your script down to a simple query.

    Something like this...
    PHP Code:
    <?php
    $db 
    sqlite_open("bannedIPaddresses") or false;
    if(!
    $dbheader("Location: errorpage.php");
    // run a query to find if the database has an IP address in it
    $banned sqlite_query($dbsqlite_escape_stringsprintf("SELECT * FROM banned WHERE bannedIP='%s' LIMIT 1;--",$_SERVER['REMOTE_ADDR']) ) );
    // if we have a row returned then the database has a banned IP
    if( sqlite_num_rows($banned)>header("Location: bannedpage.php");
    So what is happening now is any bad IP addresses that are in the database are sent to another page leaving your regular page to be displayed.

    You could add a date added so that your query can ignore any IP's added after a set time period.

    I have a website which harvests IP addresses and records what URL was requested along with the time and date and it uses sqlite to do the job. I occasionally load up a viewer to look at the contents but I am too lazy to add a feature to calculate what URL is popular (page) and how often they are visited.

    Anyway, I hope that this helps you on your way.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

  3. #3
    Join Date
    Jul 2010
    Location
    /ramdisk/
    Posts
    865
    This is a job for a firewall. Not a web developer... The overhead of opening a sqlite (single user database) per HTTP request is insane. You could easily be the recipient of a no-cache DOS deluge ;\ the most appropriate place to handle this is in the firewall. Do not give them a nice error page, just drop the packets and kick their banned ass to the curb.
    I use (, ; : -) as I please- instead of learning the English language specification: I decided to learn Scheme and Java;

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles