Solved

Blocking someone from my website based on IP using PHP

Posted on 2009-07-11
8
404 Views
Last Modified: 2013-11-22
I have this guy who keeps coming to my message board and I want to prevent him from messing it up.

How can I block his entire city and/or state from coming to my site?

And incase he uses a proxy, how can I block all proxies also?

Thanks
0
Comment
Question by:davideo7
  • 4
  • 4
8 Comments
 
LVL 4

Expert Comment

by:khyer123
ID: 24832843
How to block IP with php: http://perishablepress.com/press/2007/07/03/how-to-block-ip-addresses-with-php/

You can't block all proxies without knowing the IP addresses of all proxies.
And why would you block his entire city and/or state from coming to you site? It's not like he can just ask for a different IP address. Besides, IP addresses are assigned by ISP, and not by city or state.

But, if you really want to know, do a whois of the IP address: http://www.networksolutions.com/whois/index.jsp
And block the entire subnet (The CIDR field)
0
 

Author Comment

by:davideo7
ID: 24832846
What do you mean by 'block the entire subnet' ?
0
 
LVL 4

Expert Comment

by:khyer123
ID: 24832858
Generally, an IP is on a subnet, meaning a range of IP addresses. The user is usually stuck with the same IP for a couple of weeks, but it can be renewed and there's a chance he gets a different one. the new address will be on the same subnet (range of addresses). You'll want to block that subnet to prevent him from getting to your site, even if he gets a new IP address.

this of course does not prevent the user from going to a coffee shop, library, workplace, school, etc where they are on a different subnet. Subnets are not geographically fixed, so there's no way for you to block his city or state. Blocking a single person from a website may be impossible. don't forget, that any other legit users from your blocked addresses won't be able to access either.
0
 

Author Comment

by:davideo7
ID: 24832863
So how would I block his his subnet?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 4

Expert Comment

by:khyer123
ID: 24832867
What is the IP address of the user? Without giving you a subnetting lesson, which is basically a huge chunk of a CCNA certification, it would be difficult to tell you.
0
 

Author Comment

by:davideo7
ID: 24832872
Can't you use any IP address as an example?  I haven't got his IP yet
0
 
LVL 4

Accepted Solution

by:
khyer123 earned 500 total points
ID: 24832896
Let's take the IP address 128.114.10.10, which belongs to UC, Santa Cruz
Look up the IP address at this site http://www.networksolutions.com/whois/index.jsp
Select "IP address" and type in the IP address
In there, there's a field  called CIDR, which in this case is 128.114.0.0/16. The 0's represent octets that can have a value from 0-255. They're wildcards, and you can replace them with *'s in the PHP code. So, you code would look like this:

<?php
$deny = "128.114.*";
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
   header("location: not_authorized_page.php");
   exit();
} ?>

I would say that you're probably pretty safe blocking the class B subnet (any site that matches the first two numbers). This will ensure that nobody from the user's ISP can get to your site, but it also blocks 65000 IP addresses, and doesn't prevent him from using a different computer at another location.
0
 

Author Closing Comment

by:davideo7
ID: 31602505
Thanks
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now