Blocking someone from my website based on IP using PHP

I have this guy who keeps coming to my message board and I want to prevent him from messing it up.

How can I block his entire city and/or state from coming to my site?

And incase he uses a proxy, how can I block all proxies also?

Thanks
davideo7Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

khyer123Commented:
How to block IP with php: http://perishablepress.com/press/2007/07/03/how-to-block-ip-addresses-with-php/

You can't block all proxies without knowing the IP addresses of all proxies.
And why would you block his entire city and/or state from coming to you site? It's not like he can just ask for a different IP address. Besides, IP addresses are assigned by ISP, and not by city or state.

But, if you really want to know, do a whois of the IP address: http://www.networksolutions.com/whois/index.jsp
And block the entire subnet (The CIDR field)
0
davideo7Author Commented:
What do you mean by 'block the entire subnet' ?
0
khyer123Commented:
Generally, an IP is on a subnet, meaning a range of IP addresses. The user is usually stuck with the same IP for a couple of weeks, but it can be renewed and there's a chance he gets a different one. the new address will be on the same subnet (range of addresses). You'll want to block that subnet to prevent him from getting to your site, even if he gets a new IP address.

this of course does not prevent the user from going to a coffee shop, library, workplace, school, etc where they are on a different subnet. Subnets are not geographically fixed, so there's no way for you to block his city or state. Blocking a single person from a website may be impossible. don't forget, that any other legit users from your blocked addresses won't be able to access either.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

davideo7Author Commented:
So how would I block his his subnet?
0
khyer123Commented:
What is the IP address of the user? Without giving you a subnetting lesson, which is basically a huge chunk of a CCNA certification, it would be difficult to tell you.
0
davideo7Author Commented:
Can't you use any IP address as an example?  I haven't got his IP yet
0
khyer123Commented:
Let's take the IP address 128.114.10.10, which belongs to UC, Santa Cruz
Look up the IP address at this site http://www.networksolutions.com/whois/index.jsp
Select "IP address" and type in the IP address
In there, there's a field  called CIDR, which in this case is 128.114.0.0/16. The 0's represent octets that can have a value from 0-255. They're wildcards, and you can replace them with *'s in the PHP code. So, you code would look like this:

<?php
$deny = "128.114.*";
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
   header("location: not_authorized_page.php");
   exit();
} ?>

I would say that you're probably pretty safe blocking the class B subnet (any site that matches the first two numbers). This will ensure that nobody from the user's ISP can get to your site, but it also blocks 65000 IP addresses, and doesn't prevent him from using a different computer at another location.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
davideo7Author Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.