Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Blocking someone from my website based on IP using PHP

Posted on 2009-07-11
8
Medium Priority
?
418 Views
Last Modified: 2013-11-22
I have this guy who keeps coming to my message board and I want to prevent him from messing it up.

How can I block his entire city and/or state from coming to my site?

And incase he uses a proxy, how can I block all proxies also?

Thanks
0
Comment
Question by:davideo7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 4

Expert Comment

by:khyer123
ID: 24832843
How to block IP with php: http://perishablepress.com/press/2007/07/03/how-to-block-ip-addresses-with-php/

You can't block all proxies without knowing the IP addresses of all proxies.
And why would you block his entire city and/or state from coming to you site? It's not like he can just ask for a different IP address. Besides, IP addresses are assigned by ISP, and not by city or state.

But, if you really want to know, do a whois of the IP address: http://www.networksolutions.com/whois/index.jsp
And block the entire subnet (The CIDR field)
0
 

Author Comment

by:davideo7
ID: 24832846
What do you mean by 'block the entire subnet' ?
0
 
LVL 4

Expert Comment

by:khyer123
ID: 24832858
Generally, an IP is on a subnet, meaning a range of IP addresses. The user is usually stuck with the same IP for a couple of weeks, but it can be renewed and there's a chance he gets a different one. the new address will be on the same subnet (range of addresses). You'll want to block that subnet to prevent him from getting to your site, even if he gets a new IP address.

this of course does not prevent the user from going to a coffee shop, library, workplace, school, etc where they are on a different subnet. Subnets are not geographically fixed, so there's no way for you to block his city or state. Blocking a single person from a website may be impossible. don't forget, that any other legit users from your blocked addresses won't be able to access either.
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 

Author Comment

by:davideo7
ID: 24832863
So how would I block his his subnet?
0
 
LVL 4

Expert Comment

by:khyer123
ID: 24832867
What is the IP address of the user? Without giving you a subnetting lesson, which is basically a huge chunk of a CCNA certification, it would be difficult to tell you.
0
 

Author Comment

by:davideo7
ID: 24832872
Can't you use any IP address as an example?  I haven't got his IP yet
0
 
LVL 4

Accepted Solution

by:
khyer123 earned 2000 total points
ID: 24832896
Let's take the IP address 128.114.10.10, which belongs to UC, Santa Cruz
Look up the IP address at this site http://www.networksolutions.com/whois/index.jsp
Select "IP address" and type in the IP address
In there, there's a field  called CIDR, which in this case is 128.114.0.0/16. The 0's represent octets that can have a value from 0-255. They're wildcards, and you can replace them with *'s in the PHP code. So, you code would look like this:

<?php
$deny = "128.114.*";
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
   header("location: not_authorized_page.php");
   exit();
} ?>

I would say that you're probably pretty safe blocking the class B subnet (any site that matches the first two numbers). This will ensure that nobody from the user's ISP can get to your site, but it also blocks 65000 IP addresses, and doesn't prevent him from using a different computer at another location.
0
 

Author Closing Comment

by:davideo7
ID: 31602505
Thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question