PHP Web Host - Quality Web Hosting For All PHP Applications Free RavenNuke(tm) Add Ons
  Login or Register
 • Home • Downloads • Your Account • Forums • 
Site Navigation

Home:
 
Donate o Meter
Help Keep Our Servers Online AND Our Services Free!
Make donations with PayPal!
Donations
Anonymous May-24
Doulos May-15
Webservant May-11
AndyB May-5
Hotdog May-3
 
Please Link To Me!
 
Quality Web Hosting For All PHP Applications
Quality PHP Web Host!

Great Reviews!
Need help setting up your website, installing Apache, PHP, MySQL, or RavenNuke(tm)?
Need help customizing or designing scripts?
Please contact us via the Contact Us option for further details and pricing.
Link to Me

RavenPHPScripts

RavenPHPScripts

There are more Link To Me icons here.
 
Site Info v2.2.2 ©
Your IP: 38.107.179.230

Welcome, Anonymous
Nickname
Password
Security Code:
Security Code
Type Security Code:

· Register
· Lost Password
Server Date/Time
24 May 2012 21:40:43 EDT (GMT -4)
 
How to ban IP addresses
PHP-Nuke: Management and Programming
Prev Chapter 23. Security Next

23.5. How to ban IP addresses

So you have been hacked and your IP Tracking module (Section 8.3.6) shows you it was an attack from a few IP addresses? Perhaps your site is continuing to be the aim of notorious cracking attempts from those IP addresses and you now want to ban them? That's something you can accomplish easily in two ways, a hard-coded approach and a more elaborate one.

The hard-coded approach (suitable only for just a few IP addresses, unless you want to clutter the code with unwanted IPs) requires you to place this 4-liner:

$ip = getenv("REMOTE_ADDR");
if ($ip != "66.666.66.6" AND $ip != "55.555.55.5") {
return 0;
}

in two places:

  1. after after the global line of the is_amdin() function in mainfile.php and

  2. at the begining of the admin.php file.

Change the "66.666.66.6" and "55.555.55.5" to the IP addresses you want to block and you are done! See How to block an IP address in PHP-Nuke.

The more elaborate approach is to create a text file, call it banned.txt, containing all the IP addresses you want to ban, one address per line. Upload banned.txt in the PHP-Nuke root directory on your web server (this is the same directory where also config.php is located). Then include the following code in the includes/my_header.php file (the custom HTML header file of PHP-Nuke, see Chapter 15):

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
elseif (isset($_SERVER['HTTP_VIA'])) {
    $ip = $_SERVER['HTTP_VIA'];
}
elseif (isset($_SERVER['REMOTE_ADDR'])) {
    $ip = $_SERVER['REMOTE_ADDR'];
}
else {
    $ip = "Banned";
}
$banned = file("banned.txt", "r+");
$nbanned = count($banned);
function ban($ip, $banned, $nbanned){
    for ($i = 0 ; $i < $nbanned ; $i++) {
        
        // Use this if you want to use IP patterns with regular expressions:
        // if (eregi($ip, $banned[$i])) {
        // We have to strip the end-of-line characters, to test for equality: 
        if ($ip ==  rtrim($banned[$i])) {
            echo "You have been banned from this portal, if you feel this is in error ";
            echo "please send email to you@yoursite.com ";
            die();
        }
    }
}
ban($ip, $banned, $nbanned);

If you are having problems with PHP not recognizing the line endings when reading files with the PHP file() function (see the code above), either on or created by a Macintosh computer, you might want to enable the auto_detect_line_endings run-time configuration option (which, however, is available only starting PHP v. 4.3.0).

If you would like to ban whole ranges of IP addresses, you can play with the PHP eregi() function and use

if (eregi($ip, $banned[$i])) {

instead of

if ($ip ==  rtrim($banned[$i])) {

You then use patterns of IP addresses, i.e. regular expressions (see Section 25.3, Regular Expression Functions (POSIX Extended)), instead of constant IPs in banned.txt. See also How to ban IPs real fast.

Tip How to ban IPs using the web server
 

Of course, you can achieve the same results by putting deny directives in the server configuration file, or .htaccess file (Section 25.4):

deny from xxx.xxx.xxx.xxx

See the Protector Module (Section 8.3.7) for a PHP-Nuke module for IP banning.

Prev Home Next
Cookies - timeout and configuration Up Hacked - now what?

PHP-Nuke HOWTO brought to you by Chris Karakas
Karakas Online
Spaghettibrain
 

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2011 by Raven

You can syndicate our news using the file xml

CSE HTML Validator Helped Clean up This Page! [Valid RSS] valid RSS 2.0 Valid robots.txt Stop Spam Harvesters, Join Project Honey Pot

Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.

:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com ::
:: fisubice Theme Modified by the RavenNuke™ Team ::

:: W3C CSS Compliance Validation :: W3C HTML 4.01 Transitional Compliance Validation ::

zerosum