[Tut] Super Simple php IP banning

[Mentor]

IP Banning is a method often used to stop annoying or abusive users accessing a website system such as forums or shoutbox's.

A simple way to ban users by there Ips is to use a script like this>

PHP Code:

<?php

//Array of Banned ips
$banned_ips[0] = "000.000.000.001";
$banned_ips[1] = "000.000.000.002";
$banned_ips[2] = "000.000.000.003";
$banned_ips[3] = "000.000.000.004";
$banned_ips[4] = "000.000.000.005";
$banned_ips[5] = "000.000.000.006";

// Loop Threw All the Ips.
for($K = 0; $K<sizeof($banned_ips); $K++)
{
//If an Ip matches the user ip. Stop the page from loading.
if($banned_ips[$K] == $_SERVER['REMOTE_ADDR']){ 
die("You have been Banned from viewing this Page.");
}
}
?>

What the above script does is use a hard coded array of Ip address's then match them against the user viewings IP address. If they match it then displays the "You have been banned from viewing this Page." message to that user, and does not display the rest of the page.
If the viewers ip is not matched, then they are allowed to view the page as they normally would.

The script needs to be placed at the top of a page to work correctly.

The Message shown to banned users can easily be edited, as can the lists of Banned Ips. If you wish to ban more than 6 ips, just add new entrys to the array following the sequence, aka the next one would be $banned_ips[6] = some ip address.
The rest of the script does require any changes.

Correctable (Forum Moderator) - Thread moved to Website Tutorials. Nice Tut

[---MAD---]

To be honest these days, IP banning isnt as effective as it used to be. I think people can change their ip too easily now-a-days. But nice script non the less as people do still ban IPs .

[Sygon.]

Also theres the problem of ISP's going behind a proxy like ntl, you ban one ntl user you ban em all.

[Mentor]

To be honest these days, IP banning isnt as effective as it used to be. I think people can change their ip too easily now-a-days. But nice script non the less as people do still ban IPs .

still the most effective, changeing an ip is alot more work than deleiting a cookie "/ or destroyin a sesssion

[Eric30]

$_SERVER['REMOTE_ADDR'] will show the IP of the connection to the server, with NTL it will show an NTL server.

To find the IP of a ntl user you need to use $_SERVER["HTTP_X_FORWARDED_FOR"]
But that wont work for people connected directly

[Jae]

Well you could do, maybe i think i'm ****** at PHP.But couldnt you do like "if" for NTL and "else if" for others, maybe i dunno.

[Mentor]

$_SERVER['REMOTE_ADDR'] will show the IP of the connection to the server, with NTL it will show an NTL server.

To find the IP of a ntl user you need to use $_SERVER["HTTP_X_FORWARDED_FOR"]
But that wont work for people connected directly

Thats just a very simple basic tutorial, its quite easy to do though

PHP Code:

$ip = "";
if ((isset($_SERVER['HTTP_X_FORWARDED_FOR'])) && (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])))
{
         $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 }
 elseif ((isset($_SERVER['HTTP_CLIENT_IP'])) && (!empty($_SERVER['HTTP_CLIENT_IP'])))
 {
        $ip = explode(".",$_SERVER['HTTP_CLIENT_IP']);
         $ip = $ip[3].".".$ip[2].".".$ip[1].".".$ip[0];
 }
 elseif ((!isset($_SERVER['HTTP_X_FORWARDED_FOR'])) || (empty($_SERVER['HTTP_X_FORWARDED_FOR'])))
 {
         if ((!isset($_SERVER['HTTP_CLIENT_IP'])) && (empty($_SERVER['HTTP_CLIENT_IP'])))
         {
                 $ip = $_SERVER['REMOTE_ADDR'];
         }
 }
 else
 {
        $ip = "0.0.0.0";
 } 


That should get the Ip from pretty much anything. you can then use the $ip varible when u need it

[Jae]

I have been thinking, if you wanted to ban someone from all of your pages wouldn't you use

Code:

<?PHP 
include('ban.php')
?>

[Mentor]

if the script was in ban.php "/

[nets]

PHP Code:

<?php

  $b[] = '0.0.0.1';
  $b[] = '0.0.0.2';
  $b[] = '0.0.0.3';

  in_array($_SERVER['REMOTE_ADDR'], $b) &&die('You\'re banned.');

?>

Haven't tested.