Jump to content
loki

[php]Ban IP script using .htaccess

By loki, in Programare

Recommended Posts

loki Newbie

loki

Posted
Posted (edited)

Un script micut pentru a goni curiosii.

Daca cineva incearca accesarea unui folder privat scriptul modifica .htaccess adaugand clauza deny cu masca 255.255.255.0. Pentru o clasa mai mare de IP-uri e recomandat 255.255.0.0

Cei banati vor fi trimisi direct in google.

Fisierul .htaccess va contine:

    ErrorDocument 400 /index.php
    ErrorDocument 401 /index.php
    ErrorDocument 404 /index.php
    ErrorDocument 405 /index.php
    ErrorDocument 408 /index.php
    ErrorDocument 410 /index.php
    ErrorDocument 411 /index.php
    ErrorDocument 412 /index.php
    ErrorDocument 413 /index.php
    ErrorDocument 414 /index.php
    ErrorDocument 415 /index.php
    ErrorDocument 500 /index.php
    ErrorDocument 501 /index.php
    ErrorDocument 502 /index.php
    ErrorDocument 503 /index.php
    ErrorDocument 506 /index.php

ErrorDocument 403 http://www.google.com
<Limit GET HEAD POST>
order allow,deny
allow from all
</LIMIT>

index.php in acest caz va contine scriptul:

<?php
$ip=$_SERVER['REMOTE_ADDR'];
if(strpos(" ".$ip,"127.0.0.1")||strpos(" ".$ip,"192.168.0.")) echo "<b>Known user!</b>";
else
{
    $tried=explode('/',$_SERVER['REQUEST_URI']);
    switch($tried[1]){
        case 'cgi-bin':
        case 'apache2triadcp':
        case 'awstats':
        case 'phpxmail':
        case 'uebimiau':
        case 'phpsftpd':
        case 'cpanel':
        case 'mss':
        case 'webmail':
        case 'admin':
        {     
            $htaccess=file_get_contents(".htaccess");
            $htaccess=substr($htaccess,0,strpos($htaccess,"allow from all"))."deny from ".$ip."/255.255.255.0\r\nallow from all\r\n</LIMIT>";
            file_put_contents(".htaccess",$htaccess);
            echo "<br><b>Forbidden! Your IP has been banned!</b>"
          break;
        }
    }
}
?>

Observatie: IP-urile locale sunt ignorate, se afiseaza mesajul "known user!":

if(strpos(" ".$ip,"127.0.0.1")||strpos(" ".$ip,"192.168.0."))

inseamna ignora 127.0.0.1 si 192.168.0.* Modificati cu IP-ul local si adaugati altele de pe care nu intra altcineva.

In loc de mesajul de ban (echo "<br><b>Forbidden! Your IP has been banned!</b>")

puneti

header:"Location:http://www.google.com";

In acest fel il si dati afara dupa ce a fost banat, fara explicatii.

Adaugati linii case cu numele folderelor care vreti sa nu fie accesate.

Edited by loki
  • Upvote 1
Flubber Newbie

Flubber

Posted
Posted

folositor, multumesc in cazul asta banuiesc ca un atac susceptibil ar fi daca ai stii ce IP este lasat, sa nu fie banat si incerci sa bagi un socks server pe ala, niste social engineering and stuff si ii folosesti IP-ul, ce ziceti? :)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...