You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 360 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
How to ban IP addresses

23.5. How to ban IP addresses

So you have been hacked and your IP Tracking module (Section 8.3.6) shows you it was an attack from a few IP addresses? Perhaps your site is continuing to be the aim of notorious cracking attempts from those IP addresses and you now want to ban them? That's something you can accomplish easily in two ways, a hard-coded approach and a more elaborate one.

The hard-coded approach (suitable only for just a few IP addresses, unless you want to clutter the code with unwanted IPs) requires you to place this 4-liner:

$ip = getenv("REMOTE_ADDR");
if ($ip != "66.666.66.6" AND $ip != "55.555.55.5") {
return 0;
}

in two places:

  1. after after the global line of the is_amdin() function in mainfile.php and

  2. at the begining of the admin.php file.

Change the "66.666.66.6" and "55.555.55.5" to the IP addresses you want to block and you are done! See How to block an IP address in PHP-Nuke.

The more elaborate approach is to create a text file, call it banned.txt, containing all the IP addresses you want to ban, one address per line. Upload banned.txt in the PHP-Nuke root directory on your web server (this is the same directory where also config.php is located). Then include the following code in the includes/my_header.php file (the custom HTML header file of PHP-Nuke, see Chapter 15):

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
elseif (isset($_SERVER['HTTP_VIA'])) {
    $ip = $_SERVER['HTTP_VIA'];
}
elseif (isset($_SERVER['REMOTE_ADDR'])) {
    $ip = $_SERVER['REMOTE_ADDR'];
}
else {
    $ip = "Banned";
}
$banned = file("banned.txt", "r+");
$nbanned = count($banned);
function ban($ip, $banned, $nbanned){
    for ($i = 0 ; $i < $nbanned ; $i++) {
        
        // Use this if you want to use IP patterns with regular expressions:
        // if (eregi($ip, $banned[$i])) {
        // We have to strip the end-of-line characters, to test for equality: 
        if ($ip ==  rtrim($banned[$i])) {
            echo "You have been banned from this portal, if you feel this is in error ";
            echo "please send email to you@yoursite.com ";
            die();
        }
    }
}
ban($ip, $banned, $nbanned);

If you are having problems with PHP not recognizing the line endings when reading files with the PHP file() function (see the code above), either on or created by a Macintosh computer, you might want to enable the auto_detect_line_endings run-time configuration option (which, however, is available only starting PHP v. 4.3.0).

If you would like to ban whole ranges of IP addresses, you can play with the PHP eregi() function and use

if (eregi($ip, $banned[$i])) {

instead of

if ($ip ==  rtrim($banned[$i])) {

You then use patterns of IP addresses, i.e. regular expressions (see Section 25.3, Regular Expression Functions (POSIX Extended)), instead of constant IPs in banned.txt. See also How to ban IPs real fast.

Tip How to ban IPs using the web server
 

Of course, you can achieve the same results by putting deny directives in the server configuration file, or .htaccess file (Section 25.4):

deny from xxx.xxx.xxx.xxx

See the Protector Module (Section 8.3.7) for a PHP-Nuke module for IP banning.


PHP-Nuke HOWTO brought to you by Chris Karakas

Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.809 Seconds - 325 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::