I have a simple 1 page website... www.HowManyHits.com where im trying to see how many hits a site can get by doing no paid advertising.... it is going fairly well... but today for the second time I have a feeling I have some jackass who has set up an auto refresher on the site as it is going up 2-6 hits per second and I would like to block this person if possible. Today is actually the second time I have suspected someone doing this and I will be able to find out if it is from the same IP in a couple hour when my godaddy reports are available.... and if it is I would really like to have this person(s) blocked immedietly.
<?php $target = $_SERVER['REMOTE_ADDR']; $target_ip = 'attacker ip here'; if ($target == $target_ip) { echo "Banned get lost"; } else { echo "..."; } ?> PHP:
Thanks! Can I use this code in the simple HTML page i created from Frontpage... unfortunitly my skills are quite limited when it comes to this kind of stuff.
Damn the index page is .html? Rename it to .php ... also change it's extensions in any file that may link to index. EDIT: Use this code: <?php $target = $_SERVER['REMOTE_ADDR']; $target_ip = 'attacker ip here'; if ($target == $target_ip) { echo "Banned get lost"; } ?> PHP: No else
It depends a bit on what control you have over your server. If you have a firewall, just add that IP address to the firewall so that it logs and drops any packets with that IP address. The reason you should log them is so that if the IP address belongs to a dynamic range, you'll know when to unblock it again. If you don't have a firewall but you do have access to your Apache config or .htaccess files, then add these two lines to either one: RewriteCond %{REMOTE_ADDR} 10.0.0.1 RewriteRule .* - [F] Code (markup): (Don't forget to change the IP address to your target's IP address.) If you don't have either of those, then PHP is the way to go. NuLLByTe's code above looks good except that I would add header("HTTP/1.1 403 Forbidden"); PHP: right before echo "Banned get lost"; PHP: The HTTP status code is usually more important than the message. Scripts and crawlers often pay attention to status codes but I have never seen one care about what was written on the page.
<script type="text/javascript"> // Block IP address script //banned ips just put the ip to those x's var bannedips=["xx.xxx.xxx.xxx", "xx.xxx.xxx.xxx"] var ip = '<!--#echo var="REMOTE_ADDR"-->' var handleips=bannedips.join("|") handleips=new RegExp(handleips, "i") if (ip.search(handleips)!=-1){ alert("Your IP has been banned from this site. Redirecting...") //Redirect page window.location.replace("http://www.google.com") } </script>
well, do u have a cPanel installed on ur server? if so, u can just use 'IP Deny Manager' so that you dont have to put those codes in everypage in ur site..
Or he can do a banlist.php file and <?php include_once('banlist.php'); ?> PHP: it on every page For easy management.
If it's a static site, you could use a firewall to block the IP. In case of a Linux host (dedicated or VPS), you could use iptables to drop any connections from that IP. It's a lot more efficient than using a dynamic page for this purpose.