The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Blocking an IP Address without HTACCESS
I want to block any traffic coming from 119.63.196.x but I can't use an HTACCESS file because I'm on a Windows Server (we have an ASP.Net website).
To block the IP address, I want to run this PHP script on every page: Code:
if(substr($_SERVER['REMOTE_ADDR'], 0, 10) == "119.63.196"){exit;} Should I add this code to the global.php file? (I'm using vBulletin 3.7.4) In case you were wondering, 119.63.196 are Baiduspider bots. Baidu is China's search engine (like Google) and they have dozens of spiders constantly indexing our site. |
#2
|
||||
|
||||
Have you talked to your host about other methods to block ips? What about iptables?
|
#3
|
||||
|
||||
Isn't there an option for that already?
AdminCP > Options > User Banning > Banned IP Addresses Quote:
|
#4
|
|||
|
|||
Quote:
Normally, this would be as easy as adding a line of code to the header template (see above). So if I wanted to add the code below to the top of every page, how would I do it if I can't write PHP in the style templates area? Can someone point me to a manual or tutorial? Code:
<php? ECHO "hello world"; ?> Our site is on GoDaddy and they had no solution since we are on a Windows server. I can use a web.config file to block IP addresses from accessing our ASP.Net website but that won't work for our PHP forum. I've never heard of using IPtables to block traffic. ?? |
#5
|
|||
|
|||
There is a free spam blocking product called zbblock which works in the same way (code is inserted at the top of each page). Their instructions say to do this:
Code:
<php? ECHO "hello world"; ?><?php where the <?php in red is the existing one at the beginning of global.php. I think the reason for having them on the same line is that if you put a newline between them, the newline character will get sent as part of the document and you'll get "header already sent" errors. You could also just put your code on line two so that it was inside the existing <?php tag, but I think they figured this way would keep their added code separate. BTW, zbblock is a product that does something similar to what you're trying to do, except that it builds up a list of ips to block by scanning for attacks (and I believe it blocks spiders). We used it for a while and it was pretty good except that it was too aggressive about blocking some legit users, mostly because it thought some search result urls were SQL injection attempts. If I had had more time I think I could have tried to solve that issue myself (or asked for help on their forum). In any case they may have done something about that since I tried it |
#6
|
||||
|
||||
Add the following to your htaccess. Both of the IPs listed are for the Baidu spider. I had a similar issue a few days ago and this stopped them dead in their tracks.
Code:
<Files *.*> order allow,deny allow from all deny from 119.63.196. deny from 220.181.108. </Files> |
#7
|
|||
|
|||
Quote:
--------------- Added [DATE]1312485012[/DATE] at [TIME]1312485012[/TIME] --------------- Quote:
Another admin just tried adding this within the vBulletin header template. Code:
<!-- Block specific IP from continuing --> <if condition=user[ipaddress] = "119.63.196.***" meta HTTP-EQUIV="REFRESH" content="0; url=http://www.msxlabs.org/banned.php"> <!-- End Block of specific IP --> |
#8
|
|||
|
|||
Well, I'm not sure about the meta tag thing, but the template conditional should be something like:
HTML Code:
<!-- Block specific IP from continuing --> <if condition="user[ipaddress] == '119.63.196.***'"> <meta HTTP-EQUIV="REFRESH" content="0; url=http://www.msxlabs.org/banned.php"> </if> <!-- End Block of specific IP --> But even with that, I don't think that comparison with wildcards would work. And unfortunately there is a short list of functions you're allowed to use in a condition, and none of them let you compare substrings. So if you really wanted to go that route you'd have to do the comparison in a plugin and set a variable to use in the condition. Hope that makes sense |
#9
|
||||
|
||||
Add a plugin to init_startup
PHP Code:
Code:
if IP starts with "119.63.196." then spit out a blank page |
#10
|
|||
|
|||
It worked! Dude! You rock! Thanks!!! :up:
That was my first plugin btw. Everything makes so much more sense now. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|