Suppose I wanted to ban a specific IP address from accessing the whole domain name (+ all included subdomains). At first I began with the following snippet to add the following lines to the .htaccess file:
$info = 'Order Deny,Allow
Deny from' . IPtoBlock();
if (getIP()){
$htaccess = fopen('.htaccess', 'r+');
fwrite($htaccess, $info);
fclose($htaccess);
}
But is it more relevant to redirect the user to something else? After all, he is still capable of making a request towards the server despite the immediate redirect.
$deny = array('192.168.1.0', '192.168.1.1', '192.168.1.2');
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
header("location: http://www.google.com/");
}
or simply kill the page?
$deny = array('192.168.1.0', '192.168.1.1', '192.168.1.2');
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
die('Access restricted');
}
What is the best approach towards this issue?
In jour .htaccess :
Order Allow,Deny
Allow from all
Deny from 123.123.123.123
User with ip 123.123.123.123 will have a 403.
And if you want to redirect to a specific page, add :
ErrorDocument 403 /forbidden.php
Edit : For ban Ip from text file in htaccess, take a look here : Ban IPs from text file using htaccess
In your .htacces File:
Order Deny,Allow
Deny from all
Allow from xx.xx // This will be your local IP address
Allow from yy.yy.yy.yy // Your server IP address
Except from these scenario, no one can access your website.
The best ist do block this attempt before it even reaches your webserver. That means blocking on a level like iptables (firewall; or if you can't do that and are using a load balancer, then block it there).
Related
I have an ip list file for my country, as like this (txt document):
45.123.116.0/22
5.2.80.0/21
5.11.128.0/17
5.23.120.0/21
5.24.0.0/14
etc
i have two question about that.
1- can i forward the user, if he is in that list via .htaccess file? (if he is, use this adress.. if not this adress)
2- how can i check 'if the user is in my country' via PHP? i mean, how can i say something like that..
if (strstr('list.txt',$_SERVER['REMOTE_ADDR']))
*1).htaccess file
The visitor blocking facilities offered by the Apache Web Server enable us to deny access to specific visitors, or allow access to specific visitors. This is extremely useful for blocking unwanted visitors, or to only allow the web site owner access to certain sections of the web site, such as an administration*
ErrorDocument 403 /specific_page.html
area.*
order allow,deny
deny from 255.0.0.0
deny from 123.45.6.
allow from all
When using the "Order Allow,Deny" directive the requests must match either Allow or Deny, if neither is met, the request is denied.
doc 1)http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order
doc 2)http://www.htaccess-guide.com/deny-visitors-by-ip-address/
2) Proof of Concept (can't say this works as is....)
$current_ip = $_SERVER['REMOTE_ADDR'];
$valid_ip = false;
// Convert IPs to Regex
foreach($cfg['ipallowed'] as $index=>$ip);
{
$ip = str_replace('.', '\\.', $ip);
$ip = str_replace('*', '[0-9]|^1?\\d\\d$|2[0-4]\\d|25[0-5]');
if (preg_match($ip, $current_ip)
{
$valid_up = true;
break;
}
}
if ($valid_ip)
1; you can redirect by IP to a holding page:
# Redirect a user to /specific_page.html based on their IP address.
RewriteCond %{REMOTE_ADDR} ^10\.0\.0\.2$ [OR]
RewriteCond %{REMOTE_ADDR} ^127\.0\.0\.2$
RewriteCond %{REQUEST_URI} !specific_page\.html$
RewriteCond %{REQUEST_URI} !\.(js|png|gif|jpg|css)$
RewriteRule ^ /specific_page.html [R=302,L]
2; see this question/answer which recommends using http://www.hostip.info/use.html.
I have a development subdomain which is http://dev.example.com, how can I stop this website being indexed in search engines and if someone types in that link, how do I redirect them to the main site?
I tried doing it with .htaccess but when I added this line of code it showed that page on the index.html file and messed up the page:
RewriteRule .? http://www.google.com [L]
Any help is appreciated, thank you.
$your_ip = '';
if($_SERVER['REMOTE_ADDR' != $your_ip){
header("location:".$your_redirect_url);
exit;
}
You just need this code in your .htaccess:
Order Deny,Allow
Deny from all
Allow from aa.bb.cc.dd
Allow from mm.nn.pp.qq
Replace aa.bb.cc.dd, mm.nn.pp.qq etc with your own IP address. This will not only block all search bots it will block all unwanted visitors to your dev site.
I am trying to block the website to be viewed as not exist from certain region. Is this possible?
I know we can just put a die() and a blank page will be shown, but is there a way to make it seen like this domain does not exist?
You can use the geoip mod for apache ( http://www.maxmind.com/app/mod_geoip ). Mod_rewrite rules can then determine how to handle the page.
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CA$
RewriteRule ^(.*)$ http://www.america.com$1 [F]
The F forbids page access
No, unless you have the DNS server for that domain under your control. Which you usually don't for domains like domain.tld, you can only adjust the content based on the clients ip - for example you can just serve an empty page as you suggested. But it is still possible to query the domain with tools like nslookup.
If you don't have access to the DNS server, you can add .htaccess rule to ban people from specific ipaddresses. Following are some sample .htaccess rules
order allow,deny
deny from 123.456.789.012 #block the visitors from the specific ipaddress 123.456.789.012
deny from 123.456.789. #blocks the visitors from all ip within the range 123.456.789.xxx (i.e. 123.456.789.000 – 123.456.789.255)
deny from 123.456. #blocks the visitors from all ip within the range 123.456.xxx.xxx
deny from 123. #blocks the visitors from all ip within the range 123.xxx.xxx.xxx
allow from all #allow from all other.
<?php
if (getenv(HTTP_X_FORWARDED_FOR)) {
$pipaddress = getenv(HTTP_X_FORWARDED_FOR);
$ipaddress = getenv(REMOTE_ADDR);
echo "Your Proxy IPaddress is : ".$pipaddress. "(via $ipaddress)" ;
} else {
$ipaddress = getenv(REMOTE_ADDR);
echo "Your IP address is : $ipaddress";
}
?>
This code u can use to get ip address of visitor...
To detect region you'll need some free api..Try this..
This Api can also be used..
The second one is really easy to use..
<A HREF="http://www.hostip.info">
<IMG SRC="http://api.hostip.info/flag.php?ip=12.215.42.19" ALT="IP Address Lookup">
</A>
I have a site that is up and running and have gotten another domain and need redirect any visit to exampleA.com or any sub-domain of it, to a page where I can check the requested page's sub-domain to a dynamic list of sites and if its a match send it to that sub-domain on exampleB.com, and if not send it to the main site on exampleB.com. there will be no site at all on exampleA.com is is just a shorter version of the main domain. The main site is a wordpress site.
What I have.
I have exampleA.com and exampleB.com with exampleB.com having sub-domains.
What I need.
redirect *.exampleA.com to exampleB.com/somePage/?from=*
After it gets to exampleB.com/somePage/?from=* I can check the $_GET info. but I'm not sure how to set the arbitrary sub-domain to the $_GET
You'd need a few things:
a) exampleA.com's DNS setup must be configured to allow wildcard subdomains:
*.exampleA.com. 3600 IN A x.x.x.x
b) exampleA.com's web server configuration must allow wildcard host matching
<VirtualHost ...>
ServerName exampleA.com
ServerAlias *.exampleA.com
</VirtualHost
c) exampleA.com's default document would be a simple PHP script that extracts the hostname in use and issues a redirect to exampleB with the extracted host name.
<?php
$requested_host = $_SERVER['HTTP_HOST'];
$parts = explode('.', $requested_host);
array_pop($parts); // com
array_pop($parts); // exampleA
$requested_subhost = implode('.', $parts);
header("Location: http://exampleB.com/?from=$requested_subhost");
When you match the domain name against the list (which you can get from $_SERVER['HTTP_HOST']), you can then redirect the user dynamically using PHP's header('Location: http://example.com/').
I need to access a site only from a specific IP address.
Is that possible using PHP.
The project is under development and some people used that and say "The site is not good". So
i like to avoid that kind of things. That's why i need this solutin.
try this:
if ($_SERVER['REMOTE_ADDR'] == "x.x.x.x")
echo "admin";
else
echo "user";
it checks the ip of user and do the action.
I would suggest to use a .htaccess file instead of adding this to your php-code:
RewriteEngine On
RewriteBase /
# IPs that are still allowed to view everything
RewriteCond %{REMOTE_ADDR} !^213.123.39.12$ [NC]
RewriteRule !^(noentry_image.jpg|favicon.ico)$ sorry_stay_out.html [L]
just put the ".htaccess" file into your root-dir of your website. Then everybody will be redirected to the sorry_stay_out.html page, that contains the noentry_image.jpg.
All visitors from the IP that is allowed will see the site as normal. You can repeat the line "RewriteCond %{REMOTE_ADDR} !^213.123.39.12$ [NC]" with different IPs as often as you want, to add additional IPs.
Alternative with just blocking:
order allow,deny
allow from 62.57.16.192
allow from 72.232.56.154
deny from all
You can use $_SERVER variables to check if the source is from the IP you're limiting to. Here are some useful function snippets ($s is just $_SERVER):
function gethostname($ip){
return gethostbyaddr($ip);}
function gethostnamepretty($ip){
$host=gethostbyaddr($ip);
$host=explode('.',$host);
$max=count($host);
return $host[$max - 2];}
function getRawRealIP($s){
if (!empty($s['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$s['HTTP_CLIENT_IP'];
}
elseif (!empty($s['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$s['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$s['REMOTE_ADDR'];
}
return $ip;}
function checkIP($ip){
return long2ip(ip2long($ip));}
function useragent($s){
return $s['HTTP_USER_AGENT'];}