I have an ip list file for my country, as like this (txt document):
45.123.116.0/22
5.2.80.0/21
5.11.128.0/17
5.23.120.0/21
5.24.0.0/14
etc
i have two question about that.
1- can i forward the user, if he is in that list via .htaccess file? (if he is, use this adress.. if not this adress)
2- how can i check 'if the user is in my country' via PHP? i mean, how can i say something like that..
if (strstr('list.txt',$_SERVER['REMOTE_ADDR']))
*1).htaccess file
The visitor blocking facilities offered by the Apache Web Server enable us to deny access to specific visitors, or allow access to specific visitors. This is extremely useful for blocking unwanted visitors, or to only allow the web site owner access to certain sections of the web site, such as an administration*
ErrorDocument 403 /specific_page.html
area.*
order allow,deny
deny from 255.0.0.0
deny from 123.45.6.
allow from all
When using the "Order Allow,Deny" directive the requests must match either Allow or Deny, if neither is met, the request is denied.
doc 1)http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order
doc 2)http://www.htaccess-guide.com/deny-visitors-by-ip-address/
2) Proof of Concept (can't say this works as is....)
$current_ip = $_SERVER['REMOTE_ADDR'];
$valid_ip = false;
// Convert IPs to Regex
foreach($cfg['ipallowed'] as $index=>$ip);
{
$ip = str_replace('.', '\\.', $ip);
$ip = str_replace('*', '[0-9]|^1?\\d\\d$|2[0-4]\\d|25[0-5]');
if (preg_match($ip, $current_ip)
{
$valid_up = true;
break;
}
}
if ($valid_ip)
1; you can redirect by IP to a holding page:
# Redirect a user to /specific_page.html based on their IP address.
RewriteCond %{REMOTE_ADDR} ^10\.0\.0\.2$ [OR]
RewriteCond %{REMOTE_ADDR} ^127\.0\.0\.2$
RewriteCond %{REQUEST_URI} !specific_page\.html$
RewriteCond %{REQUEST_URI} !\.(js|png|gif|jpg|css)$
RewriteRule ^ /specific_page.html [R=302,L]
2; see this question/answer which recommends using http://www.hostip.info/use.html.
Related
There are several URLs that link to my site. I want to deny access to them.
All of these sites have a unique and common keyword in the URL: /roger23/
Example URLs are:
example.net/roger23/studie-ee.html
second-domain.org/roger23/somt-ohter-file.php
yetanotherone.eu/roger23/hello-world
etc.
So, again, the common keyword in all of these URLs is: /roger23/
I want to use .htaccess to deny access to such URL. Here is what I tried, but I need to make sure this is the correct way and it only covers links that contain "/roger23/" and nothing else (to prevent legitimate sites linking to the site).
So in htaccess I tried this:
SetEnvIfNoCase Referer "/roger23/" spam=yes
Order allow,deny
Allow from all
Deny from env=spam
Is this the right way to do it? It seems to work but I don't want to exclude any other legitimate links that don't contain the word '/roger23/'.
For example, these ones should be allowed:
some-things.net/roger23
some-others2.com/roger23.html
I'm confused if there should be quotation marks there or maybe there should also be * or ^..
You can try to use such pattern to restrict access to urls with /roger23/:
SetEnvIfNoCase Referer "^(.*)/roger23/(.*)" spam=yes
Order allow,deny
Allow from all
Deny from env=spam
Another solution for same problem of restricting access:
# Block visits from /roger23/
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^(.*)/roger23/(.*)$ [NC]
ReRewriteRule .* - [F,L]
I'm working with a client who has a site with many subdomains representing different areas covered in his locksmith business. He picks up a lot of traffic from directory websites, and wants to use his domain only as the link on these websites. When someone clicks it, he wants them to be redirected based on a keyword in the referring URL.
For example, a referring Yell URL could be
yell.com/ucs/UcsSearchAction.do?keywords=locksmith&location=Watford%2C+Hertfordshire&scrambleSeed=1311994593
Client wants htaccess or something similar to pick out the keyword 'Watford' from that URL, and redirect to watford.hisbusiness.com accordingly.
This isn't something I've done before and I'm baffled. Research found no clues.
You can check HTTP_REFERER to grab information from the referring URL.
RewriteEngine on
RewriteCond %{HTTP_REFERER} yell\.com/.*\?.*\&location\=(\w+)\%2C\+(\w+)
RewriteRule ^$ http://${lower:%1}.hisbusiness.com/ [R=302,L]
The ${lower:$1} is used to make Watford lowercase. In order for this to work, you'll need to add the following to your httpd.conf or virtual host configuration file:
RewriteMap lower int:tolower
Note: The rule in place above is designed for the domain root (hisbusiness.com) only - that is to say that a request to hisbusiness.com/something won't trigger the redirect. If you'd like it to check for the URI as well, use the following rule instead:
RewriteRule ^(.*)$ http://${lower:%1}.hisbusiness.com/$1 [R=302,L]
To make the redirect permanent and cached by browsers/search-engines, change 302 to 301.
Use Header on PHP using your required conditions:
if(condition 1){
header("Location: http://mywebsite1.com");
}
if(condition 2){
header("Location: http://mywebsite2.com");
}
else{
header("Location: http://mywebsite3.com");
}
You can use [stristr][1] on the if condition.
i am running a website and my website root directory have .htaccess and index.php, now i want to redirect all user's/traffic to "Under-Construction.php" page except my ip address.
i.e
www.example.com redirect to "www.example.com/under-construction/under-construction.php"
except my ip address.
How can do this with .htaccess.
How can do this with index.php.
example: if $_SERVER['REMOTE_ADDR'] is 123.123.123 redirect index.php else redirect "www.example.com/under-construction/under-construction.php"
Regards.
Like this with php. Put the code at the top of index.php.
if (!in_array(#$_SERVER['REMOTE_ADDR'], array('127.0.0.1', '123.123.123.123')))
{
header('Location: http://www.example.com/under-construction/under-construction.php');
exit;
}
I tested this on my server:
<?php
// echo $_SERVER['REMOTE_ADDR'];
// For proof of concept
if($_SERVER['REMOTE_ADDR'] == "123.123.123.123") {
header( 'Location: http://www.google.com/' ) ;
}
?>
(Obviously that's not my ip ;)
Just as a side note, this may not be the best way to filter incoming clients, especially if you don't have a static ip address that you'll be requesting from. Perhaps set a cookie on your machine that tells the site who you are? Or add a $_GET parameter i.e. if $_GET['dev'] == true then redirect.
Use this .htaccess code
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^\/index.php$
RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ # replace 127.0.0.1 with your IP address
RewriteRule ^ http://www.example.com/under-construction/under-construction.php
</IfModule>
Note: Replace 127.0.0.1 with your IP address
I am trying to block the website to be viewed as not exist from certain region. Is this possible?
I know we can just put a die() and a blank page will be shown, but is there a way to make it seen like this domain does not exist?
You can use the geoip mod for apache ( http://www.maxmind.com/app/mod_geoip ). Mod_rewrite rules can then determine how to handle the page.
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CA$
RewriteRule ^(.*)$ http://www.america.com$1 [F]
The F forbids page access
No, unless you have the DNS server for that domain under your control. Which you usually don't for domains like domain.tld, you can only adjust the content based on the clients ip - for example you can just serve an empty page as you suggested. But it is still possible to query the domain with tools like nslookup.
If you don't have access to the DNS server, you can add .htaccess rule to ban people from specific ipaddresses. Following are some sample .htaccess rules
order allow,deny
deny from 123.456.789.012 #block the visitors from the specific ipaddress 123.456.789.012
deny from 123.456.789. #blocks the visitors from all ip within the range 123.456.789.xxx (i.e. 123.456.789.000 – 123.456.789.255)
deny from 123.456. #blocks the visitors from all ip within the range 123.456.xxx.xxx
deny from 123. #blocks the visitors from all ip within the range 123.xxx.xxx.xxx
allow from all #allow from all other.
<?php
if (getenv(HTTP_X_FORWARDED_FOR)) {
$pipaddress = getenv(HTTP_X_FORWARDED_FOR);
$ipaddress = getenv(REMOTE_ADDR);
echo "Your Proxy IPaddress is : ".$pipaddress. "(via $ipaddress)" ;
} else {
$ipaddress = getenv(REMOTE_ADDR);
echo "Your IP address is : $ipaddress";
}
?>
This code u can use to get ip address of visitor...
To detect region you'll need some free api..Try this..
This Api can also be used..
The second one is really easy to use..
<A HREF="http://www.hostip.info">
<IMG SRC="http://api.hostip.info/flag.php?ip=12.215.42.19" ALT="IP Address Lookup">
</A>
I need to access a site only from a specific IP address.
Is that possible using PHP.
The project is under development and some people used that and say "The site is not good". So
i like to avoid that kind of things. That's why i need this solutin.
try this:
if ($_SERVER['REMOTE_ADDR'] == "x.x.x.x")
echo "admin";
else
echo "user";
it checks the ip of user and do the action.
I would suggest to use a .htaccess file instead of adding this to your php-code:
RewriteEngine On
RewriteBase /
# IPs that are still allowed to view everything
RewriteCond %{REMOTE_ADDR} !^213.123.39.12$ [NC]
RewriteRule !^(noentry_image.jpg|favicon.ico)$ sorry_stay_out.html [L]
just put the ".htaccess" file into your root-dir of your website. Then everybody will be redirected to the sorry_stay_out.html page, that contains the noentry_image.jpg.
All visitors from the IP that is allowed will see the site as normal. You can repeat the line "RewriteCond %{REMOTE_ADDR} !^213.123.39.12$ [NC]" with different IPs as often as you want, to add additional IPs.
Alternative with just blocking:
order allow,deny
allow from 62.57.16.192
allow from 72.232.56.154
deny from all
You can use $_SERVER variables to check if the source is from the IP you're limiting to. Here are some useful function snippets ($s is just $_SERVER):
function gethostname($ip){
return gethostbyaddr($ip);}
function gethostnamepretty($ip){
$host=gethostbyaddr($ip);
$host=explode('.',$host);
$max=count($host);
return $host[$max - 2];}
function getRawRealIP($s){
if (!empty($s['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$s['HTTP_CLIENT_IP'];
}
elseif (!empty($s['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$s['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$s['REMOTE_ADDR'];
}
return $ip;}
function checkIP($ip){
return long2ip(ip2long($ip));}
function useragent($s){
return $s['HTTP_USER_AGENT'];}