Camen Design Forum

Banning By IPs

Jos

Nice. I've used this one to block entire countrys from the forum - really only allow traffic from my country - Denmark. Its very easy to block an entire range with this
Do a seach for ip_in_range to find an updated version

----

%
<?php
/**
 * Check if a given ip is in a network
 * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
 * @return boolean true if the ip is in this range / false if not.
 */
function ip_in_range($ip, $lines)
{
    foreach ($lines as $range) {
        if (strpos($range, '/') == false) {
            $range .= '/32';
        }
        // $range is in IP/CIDR format eg 127.0.0.1/24
        list( $range, $netmask ) = explode('/', $range, 2);
        $range_decimal = ip2long($range);
        $ip_decimal = ip2long($ip);
        $wildcard_decimal = pow(2, ( 32 - $netmask )) - 1;
        $netmask_decimal = ~ $wildcard_decimal;
        if (( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal )) {
            return 1;
        }
    }
    return 0;
}

$incidents = $_SERVER['DOCUMENT_ROOT'].'/ipblok/ipblok.log';

$lines = explode("\n", file_get_contents($_SERVER['DOCUMENT_ROOT'].'/ipblok/DK.cidr'));
if (!ip_in_range($_SERVER['REMOTE_ADDR'], $lines)) {  //udenlandske
    $txt = $_SERVER['REMOTE_ADDR']." [".date('Y-m-d H:i:s')."] FOR";
    $myfile = file_put_contents($incidents, $txt.PHP_EOL, FILE_APPEND);
    die;
}
%

----

Since i now need to block TOR and VPNs and proxys, i just block TOR users from certain pages and foreign IP's from posting in the forum. Its softer and works perfectly if you use both approaches.

Foreign IP's are removed by using a request to freegeoip.net.
I dont even bother to test for errors and such.

%
function isDanish()
{
    $theaddress="http://freegeoip.net/json/github.com/".$_SERVER['REMOTE_ADDR'];
    file_get_contents($theaddress);
    $response=json_decode(file_get_contents($theaddress), true);
    if ($response['country_code']=='DK')
        return true;
    else
        return false;
    }
%

Tor users are blocked by using the ip_in_range and using tor exit nodes list from https://www.dan.me.uk/torlist/?exit . Same idea used by rex

:: @Jos added on 26 Feb ’18 · 07:43

I forget.
I add the function to the top og start.php and call it from

%
if ((   //if HTTP authentication is used, we don’t need to validate the form fields
        @$_SERVER['PHP_AUTH_USER'] && @$_SERVER['PHP_AUTH_PW']
) || (  //if an input form was submitted:
        FORM_SUBMIT &&
        //are the name and password non-blank?
        NAME && PASS &&
        //the email check is a fake hidden field in the form to try and fool spam bots
        isset ($_POST['email']) && @$_POST['email'] == 'example@abc.com' 
        //Er det en dansk adresse
        && isDanish()
)) {
        //users are stored as text files based on the hash of the given name
  ....
  ....
%

Append

(Leave this as-is, it’s a trap!)

Only the original author or a moderator can append to this post.

Pro tip: Use markup to add links, quotes and more.

Your friendly neighbourhood moderators: Kroc, Impressed, Martijn