当前位置:theitroad>用 PHP 从我的网站阻止特定的 IP 块

用 PHP 从我的网站阻止特定的 IP 块

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/2869893/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-25 07:58:18  来源:igfitidea点击:

Block specific IP block from my website in PHP

phpip

提问by iTayb

I'd like, for example, block every IP from base 89.95 (89.95..). I don't have .htaccessfiles on my server, so I'll have to do it with PHP.

例如,我想阻止来自 base 89.95 (89.95. .) 的每个 IP 。我的.htaccess服务器上没有文件,所以我必须用 PHP 来做。

if ($_SERVER['REMOTE_ADDR'] == "89.95.25.37") die();

Would block specific IP. How can I block entire IP blocks?

会阻止特定的 IP。如何阻止整个 IP 块?

Thank you very much.

非常感谢。

回答by Tyler Carter

Try strpos()

尝试 strpos()

if(strpos($_SERVER['REMOTE_ADDR'], "89.95") === 0)
{
    die();
}

If you notice, the ===operator makes sure that the 89.95is at the beginingof the IP address. This means that you can sepcify as much of the IP address as you want, and it will block no matter what numbers come after it.

如果您注意到,===运营商会确保位于 IP 地址89.95开头。这意味着您可以根据需要指定尽可能多的 IP 地址,无论后面是什么数字,它都会阻止。

For instance, all of these will be blocked:

例如,所有这些都将被阻止:

89.95-> 89.95.12.34, 89.95.1234.1, 89.95.1.1
89.95.6-> 89.95.65.34, 89.95.61.1, 89.95.6987

89.95-> 89.95.12.34, 89.95.1234.1, 89.95.1.1
89.95.6-> 89.95.65.34, 89.95.61.1,89.95.6987

(some of those aren't valid IP addresses though)

(虽然其中一些不是有效的 IP 地址)

回答by Marcus Adams

Use ip2long()to convert dotted decimal to a real IP address. Then you can do ranges easily.

使用ip2long()以点分十进制转换为真实IP地址。然后你可以很容易地做范围。

Just do ip2long()on the high and low range to get the value, then use those as constants in your code.

只需ip2long()在高低范围内获取值,然后将它们用作代码中的常量。

If you're familiar with subnet masking, you can do it like this:

如果您熟悉子网掩码,您可以这样做:

// Deny 10.12.*.*
$network = ip2long("10.12.0.0");
$mask = ip2long("255.255.0.0");
$ip = ip2long($_SERVER['REMOTE_ADDR']);
if (($network & $mask) == ($ip & $mask)) {
  die("Unauthorized");
}

Or if you're familiar with this format 10.12.0.0/16:

或者,如果您熟悉这种格式10.12.0.0/16

// Deny 10.12.*.*
$network = ip2long("10.12.0.0");
$prefix = 16;
$ip = ip2long($_SERVER['REMOTE_ADDR']);
if ($network >> (32 - $prefix)) == ($ip >> (32 - $prefix)) {
  die("Unauthorized");
}

You can turn these into functions and have very manageable code, making it easy to add IP addresses and customize the ranges.

您可以将这些转换为函数并拥有非常易于管理的代码,从而可以轻松添加 IP 地址和自定义范围。

回答by webbiedave

Convert the dotted quad to an integer:

将虚线四边形转换为整数:

$ip = sprintf('%u', ip2long($_SERVER['REMOTE_ADDR']));

// only allow 10.0.0.0 – 10.255.255.255
if (!($ip >= 167772160 && $ip <=  184549375)) {
    die('Forbidden.');
}

回答by Samuel

Make a substring :) For example for blocking 89.95.25.* you make a substring of the IP, cutting off the last two numbers and compare it to "89.95.25."

制作子字符串 :) 例如,为了阻止 89.95.25.*,您可以制作 IP 的子字符串,截去最后两个数字并将其与“89.95.25”进行比较。

回答by Sumith Harshan

$user_ip = $_SERVER['REMOTE_ADDR']; // get user ip

$denyIPs = array("111.111.111", "222.222.222", "333.333.333");
if (in_array ($user_ip, $denyIPs)) {
   // blocked ip
}
else {
   // not blocked
}

回答by revive

This has always worked very well for me: This checks for the proper server variables and compares it against a list of known IPs.. and yes, PHP does understand wildcards, so using * within the IP with assist in blocking ranges of IPs.

这对我来说一直很有效:这会检查正确的服务器变量并将其与已知 IP 列表进行比较……是的,PHP 确实理解通配符,因此在 IP 内使用 * 有助于阻止 IP 范围。

// The blacklisted ips.
$denied_ips = array(
'1.2.3.4',
'2.3.*',
);

// The function to get the visitor's IP.
function getUserIP(){
    //check ip from share internet
    if (!empty($_SERVER['HTTP_CLIENT_IP'])){
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    //to check ip is pass from proxy
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    } else {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}
//The user
$visitorIp = getUserIP();

// Now let's search if this IP is blackliated
$status = array_search($visitorIp, $denied_ips);

// Let's check if $status has a true OR false value.
if($status !== false){
    echo '<div class="error">Your IP has been banned! Stop spamming us!</div>';
    // header("Location: http://zombo.com");
    // exit; 
}

There's also a great article at Perishable Press: http://perishablepress.com/how-to-block-ip-addresses-with-php/

Perishable Press 上还有一篇很棒的文章:http: //perishablepress.com/how-to-block-ip-addresses-with-php/

回答by artfulhacker

using revive's code, use this to get wildcard search working

使用 revive 的代码,使用它来使通配符搜索工作

// Now let's search if this IP is blackliated
$status = false;
foreach($denied_ips as $val)
{
    if (strpos($val,'*') !== false)
    {
        if(strpos($visitorIp, array_shift(explode("*", $val))) === 0)
        {
            $status = true;
            break;
        }
    }
    else
    {
        if(strcmp($visitorIp, $val) === 0)
        {
            $status = true;
            break;
        }
    }
}

回答by Irshad Pathan

$deny = array("111.111.111", "222.222.222", "333.333.333");

if (in_array($_SERVER['REMOTE_ADDR'], $deny)) {
    header("location:http://www.google.com/");
    exit();
}

相关推荐

php php的Haversine公式

php php的Haversine公式

PHP 反序列化因非编码字符而失败?

PHP 反序列化因非编码字符而失败?

php UNIX 时间戳总是在格林威治标准时间?

php UNIX 时间戳总是在格林威治标准时间?

在 PHP 中创建配置文件

在 PHP 中创建配置文件

相关推荐
最近更新
标签