Jump to content
loki

[php]Ban IP script using .htaccess

Recommended Posts

Posted (edited)

Un script micut pentru a goni curiosii.

Daca cineva incearca accesarea unui folder privat scriptul modifica .htaccess adaugand clauza deny cu masca 255.255.255.0. Pentru o clasa mai mare de IP-uri e recomandat 255.255.0.0

Cei banati vor fi trimisi direct in google.

Fisierul .htaccess va contine:

    ErrorDocument 400 /index.php
ErrorDocument 401 /index.php
ErrorDocument 404 /index.php
ErrorDocument 405 /index.php
ErrorDocument 408 /index.php
ErrorDocument 410 /index.php
ErrorDocument 411 /index.php
ErrorDocument 412 /index.php
ErrorDocument 413 /index.php
ErrorDocument 414 /index.php
ErrorDocument 415 /index.php
ErrorDocument 500 /index.php
ErrorDocument 501 /index.php
ErrorDocument 502 /index.php
ErrorDocument 503 /index.php
ErrorDocument 506 /index.php

ErrorDocument 403 http://www.google.com
<Limit GET HEAD POST>
order allow,deny
allow from all
</LIMIT>

index.php in acest caz va contine scriptul:

<?php
$ip=$_SERVER['REMOTE_ADDR'];
if(strpos(" ".$ip,"127.0.0.1")||strpos(" ".$ip,"192.168.0.")) echo "<b>Known user!</b>";
else
{
$tried=explode('/',$_SERVER['REQUEST_URI']);
switch($tried[1]){
case 'cgi-bin':
case 'apache2triadcp':
case 'awstats':
case 'phpxmail':
case 'uebimiau':
case 'phpsftpd':
case 'cpanel':
case 'mss':
case 'webmail':
case 'admin':
{
$htaccess=file_get_contents(".htaccess");
$htaccess=substr($htaccess,0,strpos($htaccess,"allow from all"))."deny from ".$ip."/255.255.255.0\r\nallow from all\r\n</LIMIT>";
file_put_contents(".htaccess",$htaccess);
echo "<br><b>Forbidden! Your IP has been banned!</b>"
break;
}
}
}
?>

Observatie: IP-urile locale sunt ignorate, se afiseaza mesajul "known user!":

if(strpos(" ".$ip,"127.0.0.1")||strpos(" ".$ip,"192.168.0."))

inseamna ignora 127.0.0.1 si 192.168.0.* Modificati cu IP-ul local si adaugati altele de pe care nu intra altcineva.

In loc de mesajul de ban (echo "<br><b>Forbidden! Your IP has been banned!</b>")

puneti

header:"Location:http://www.google.com";

In acest fel il si dati afara dupa ce a fost banat, fara explicatii.

Adaugati linii case cu numele folderelor care vreti sa nu fie accesate.

Edited by loki
  • Upvote 1
Posted

folositor, multumesc in cazul asta banuiesc ca un atac susceptibil ar fi daca ai stii ce IP este lasat, sa nu fie banat si incerci sa bagi un socks server pe ala, niste social engineering and stuff si ii folosesti IP-ul, ce ziceti? :)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...