Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#297807 - 30/04/2007 22:09 PHP syntax help with building an array from a data file
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
As part of my online contact form I grabbed some pieces of code from various places for a number of purposes like string validation and IP blocking.

It's with the IP blocking that I hope I can get some help. Unfortunately I can't remember where I lifted important bits of this section from, so the first step is trying to understand the complete effect of the preg_split.

Currently I can have a list of IPs to block, comma delimited. I would very much like to enhance this to support specifying a range of IPs as well.

The last three attempted attacks on my contact form have all come from 81.177.*.* - today's specifically from 81.177.14.19

I want to block out all of 81.177.x.x and would be happy to specify that as 81.177.0.0 to 81.177.255.255

So who can help out in this effort? Below is the code I have now which contains 2 IPs. IPs are read from a data file and are declared in a 'blockIPs' var like so

Code:

blockIPs: 81.177.38.2, 81.177.14.19



Code:

$IPsToBlock = preg_split('/,\\s*/',$contactDataFile['blockIPs']);

foreach ($IPsToBlock as $ip)
{
if($_SERVER['REMOTE_ADDR'] == $ip) {
include ("contact_header.php");
print "<h1>We're sorry...</h1>";
print "<p>This page has been configured to disallow submissions from the IP address $ip,
from which you appear to be submitting.</p>
<p>If this is incorrect, please contact us via the message forum linked above.</p>";
die( include ("contact_footer.php") );
}
}

_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#297808 - 30/04/2007 23:06 Re: PHP syntax help with building an array from a data file [Re: hybrid8]
cushman
veteran

Registered: 21/01/2002
Posts: 1380
Loc: Erie, CO
preg_split is a regex function that splits a string - in your case a comma.

You could substitute regular expressions for the ips and iterate through them using the same loop, but instead of:

if($_SERVER['REMOTE_ADDR'] == $ip) {

replace that if statement with a regex compare.

81.177.x.x would be 81\.177\..*
_________________________
Mark Cushman

Top
#297809 - 01/05/2007 01:53 Re: PHP syntax help with building an array from a data file [Re: hybrid8]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Block them with a firewall rather than trying to do it after they've already gotten to your web server (??).

Top
#297810 - 01/05/2007 02:12 Re: PHP syntax help with building an array from a data file [Re: mlord]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
Thanks Mark, blocking out the range in htaccess would be a lot faster than customizing the script. Don't know why I didn't think of that. Maybe because I was just thinking of the satisfaction of having them think their attempt was going to work only to be denied when they got to the page.

I think I'm going to give it a few weeks to see if I get any mroe hits after blocking out that one new additional IP. A company in Russia own the whole from 81.177.14.x - 81.177.15.255 - I'm sure they're a hosting company so I don't want to block out everything right now. It may be only a couple that are being misused.
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#297811 - 01/05/2007 11:59 Re: PHP syntax help with building an array from a data file [Re: hybrid8]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Quote:
I think I'm going to give it a few weeks to see if I get any mroe hits after blocking out that one new additional IP. A company in Russia own the whole from 81.177.14.x - 81.177.15.255 - I'm sure they're a hosting company so I don't want to block out everything right now. It may be only a couple that are being misused.


I've been noticing a lot of attempts to create an account on these boards from Russia these days, not sure why. Seems that they always sign up properly, but never respond to the confirmation e-mail, so the account disappears after a few days. Checking the queue, there's 3 of them in there from the past 24 hours, but none from that exact IP range you posted.

And here I figured most of the spam attempts came from China these days.

Top