block ip address using php code

I tryed to block some ip's with my htacces file, but it seems that is blocking also other users.

Can anyone help me with a PHP script that i can use to block or redirect to an error page some IP adresses and IP classes i have in a TXT file?

 

<?
$banned[0]="xxx.xxx.xxx.xxx"; // IP in the form of "127.0.0.1" or whatever
$banned[1]="yyy.yyy.yyy.yyy";
$banned[2]="zzz.zzz.zzz.zzz";

// add as many as you wish

if (in_array($_SERVER['REMOTE_ADDR'],$banned)) header("HTTP/1.1 403 Forbidden");
?>

PHP:

Of course you could check that against a .txt file or whatever.

 

Thank you.

I also want to know how i can ban a class of ip's.
For example i want to ban all ip;s between xx.x.xx.x to xx.x.x.x .
How i can do this?

i finded some bug in your code and fixed it:

<?
$banned[0]="x.x.x.x";
if (in_array($_SERVER['REMOTE_ADDR'],$banned))
{
header("HTTP/1.1 403 Forbidden");
exit;
}
?>


Now i need to know how i can block a class of ip's?

 

that good stuff to block ip via script. But .htaccess is better option to do that.
it makes your page efficient

 

wouldn't doing it in php code weigh down the page and make it slower loading for everyone?

 

Not in this case

Hardly, it's just one operation

 

I tryed the .hta... file.
Is nor blocking well. Sometimes is blocking users i don't want to block.

 

And that's why you asked for a php script which is in my first post in this thread. You're weird. :-/

PS And I don't know exactly how to ban a class of IPs, never tried to find out, never needed it.

 

One thing you have to remember, Nearly everyone is on Dynamic IP address's now.
You may block one person oneday, but not the next

 

This is what I used for years to block a class of ips.

$targetAddr = "123.123..*..*";  //yes is two dots

//this code will match any class of 123.123.x.x, 
//you can also do "123.123.123..*" to do anything that is 123.123.123.x

if (ereg($targetAddr, $_SERVER['REMOTE_ADDR'])) {
    //remote address match, do something or don't do anything
} else {
   //do whatever you want to address that doesn't match
}

PHP:

If you have set of address, just write a function and input an array of these address patterns should do.

Like the last post said, many IPs are dyanmic now, so becareful who you are blocking. I've used to write intranet applications but never for Internet app.

 

hello,

I found these examples REALLY useful for some stuff I am trying to do. thank you all for the contribution. I tried some different things that worked which I thought were worthy of adding here.

With regard to how to do a range of IP's, you can use an array if the other examples do not work.

You can also block like saidev says with a Addr = "123.123..*..*" but in my tests, Addr = "123.123." will do same result. In my problem, I wanted to block all access from .ru domains and isp's, also from .vn. So, I tried a simple Addr = ".ru", Addr = ".vn" and that did great job and this works pretty well with most domains or hosts. This will really cut down the malicious visitors to your site.

 

Try this:

$targetAddr = "^154\.(3[5-9]|[456][0-9])\.";

PHP:

This matches 154.35. to 154.39. or 154.40. to 154.60.

Note that I've used \. for every dot, and started my expression with ^. I recommend you do this for every IP matching expression. Otherwise you could match other IP addresses that you wouldn't expect, for example xxx.154.35.xxx.

Cryo.

 

Thank you.
This is fine.

 

Hello,

I'd like to set up an IP ban script on my site.
I used this next code for a while but now I want to tweak it so I can add few more range of IP address as needed.

//Set banned IP range
$targetAddr = "^154\.(3[5-9]|[456][0-9])\.";

if (ereg($targetAddr, $_SERVER['REMOTE_ADDR'])) { 
  
echo "BANNED MESSAGE HERE"; 
    exit();  
  }
//Set banned IP range

PHP:

This code works fine for a single range of IP
How can I have this script to work with more than one range of IPs
I have tried this :

$targetAddr = array ("^154\.(3[5-9]|[456][0-9])\.",
"^81\.(3[5-9]|[456][0-9])\.",
"^21\.(3[5-9]|[456][0-9])\."
);

But this just don't works and doesn't return error at all.
Please, can someone give me an Idea Thanks!

 

I Got it

//Set banned IP range
$targetAddr = array ("^154\.(3[5-9]|[456][0-9])\.","^81\.(3[5-9]|[456][0-9])\.");

foreach($targetAddr as $var) {
if (ereg($var, $_SERVER['REMOTE_ADDR'])) { 

echo "BANNED MESSAGE HERE"; 
    exit();  
  }
}
//End banned IP range

PHP:

Maybe there is a better way but it work.

 

wow- looks cool, nice script guys, thanks for sharring with us!

 

I'm sorry to dig out this old thread, but I've been wondering if there's a way to block visitors (using a php script like the one above) based on their host names (e.g. *.sg, *.cn) instead of ip address.

Any idea?

 

Reggie_ You can use the GEO ip location script to block IPs of certain countries

 

Just building on saidev, for multiple IP addresses:

<?php





//      To use a wildcard, add an extra dot before the
//      number and then instead of the number, use a wildcard (see below for examples)...
//      
//      If your IP Address was 46.32.255.255:
//      
//      46..*..*..*    = returns true
//      46.32..*..*    = returns true
//      46.32.255..*   = returns true
//      46..**.255.255 = returns true
//      .*.32.255.255  = returns true
//      *.32.255.255   = returns false + PHP error





$whitelist = array(
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
"999.999.999.999",
//etc...
"999.999..*..*");
//i know these aren't real ip addresses, just examples...
$a = 0;
$i = 0;
while ($whitelist[$i+1] !== null)
{
if (ereg($whitelist[$i], $_SERVER['REMOTE_ADDR']))
{
$a=$a+1;
}
$i=$i+1;
}










if ($a==0)           // This means that during the loop above, the IP address did not match up to any
                     // IP addresses in the whitelist.
{
 // not in whitelist
echo ("Your IP Address is not in the whitelist.");
}
else                 // This means that during the loop above, the IP address did match up to an IP
                     // address in the whitelist.
{
 // in the whitelist
echo ("Your IP Address is in the whitelist.");
}










?>

Code (markup):