PHP IP Ban/Redirect. Can you help with my script?

[X_X_ROB_X_X]

Im in need of a little help with my php script if anyone has a bit of time. Simply put what i'm attempting to do is have the php script look at every person's IP as they come to my page. If their IP is in the banned_ip list i'm wanting to redirect that person to the first URL ( http://www.yahoo.com ).
If their IP is not in the list I want to redirect these people to the second URL in the script ( http://www.google.com ).

It's basically a php IP ban/redirect script. I have tried it on my host the way it is written and added my own IP to the banned list and it kept sending me to the 2nd URL when it should have sent me to the 1st. I'm lost. I'm a complete PHP newb guys so please keep the laughing and rude comments to a minimum, lol.

Anyways i'd appreciate any and all help I can get. Below is my code.

<?php 
$banned_ip = array(); 
$banned_ip[] = '204.96.148.3'; 
$banned_ip[] = '205.162.217.141'; 
$banned_ip[] = '209.62.82.14'; 
$banned_ip[] = '24.7.101.103'; 
$banned_ip[] = '65.31.130.2'; 
$banned_ip[] = '68.168.78.226'; 
$banned_ip[] = '68.205.75.110'; 
$banned_ip[] = '69.36.158.35'; 
$banned_ip[] = '70.173.198.69'; 
$banned_ip[] = '70.97.122.18'; 
$banned_ip[] = '71.189.157.53'; 
$banned_ip[] = '71.230.54.244'; 
$banned_ip[] = '74.52.245.146'; 
$banned_ip[] = '76.90.3.205'; 
$banned_ip[] = '24.20.251.76'; 
$banned_ip[] = '68.83.254.243'; 
$banned_ip[] = '69.2.27.10'; 

foreach($banned_ip as $banned) {  
    $ip = $_SERVER['REMOTE_ADDR']; 
    if($ip == $banned){  
        header("location: http://www.yahoo.com"); 
}
else
{
        header("location: http://www.google.com"); 
        exit();  
    }  
}  


?>

 

[Peter]

<?php 
$banned_ip = array();
$banned_ip[] = '204.96.148.3';
$banned_ip[] = '205.162.217.141';
$banned_ip[] = '209.62.82.14';
$banned_ip[] = '24.7.101.103';
$banned_ip[] = '65.31.130.2';
$banned_ip[] = '68.168.78.226';
$banned_ip[] = '68.205.75.110';
$banned_ip[] = '69.36.158.35';
$banned_ip[] = '70.173.198.69';
$banned_ip[] = '70.97.122.18';
$banned_ip[] = '71.189.157.53';
$banned_ip[] = '71.230.54.244';
$banned_ip[] = '74.52.245.146';
$banned_ip[] = '76.90.3.205';
$banned_ip[] = '24.20.251.76';
$banned_ip[] = '68.83.254.243';
$banned_ip[] = '69.2.27.10';


if(in_array($_SERVER['REMOTE_ADDR'], $banned_ip)){
	header("location: http://www.yahoo.com");
}
else
{
	header("location: http://www.google.com");
	exit();
}
?>

That should work

 

[X_X_ROB_X_X]

Thank you very much.
Any ideas about banning a range of IPs if I want to use th same script as well. Like if i wanted to ban 208.80.193.[1 - 255]

 

[xrvel]

Thank you very much.
Any ideas about banning a range of IPs if I want to use th same script as well. Like if i wanted to ban 208.80.193.[1 - 255]

Try this, however, it does not support more than 1 pair of brackets such as [1-3].4.5.[6-7].

<?php 
$banned_ip = array();
$banned_ip[] = '204.96.148.3';
$banned_ip[] = '205.162.217.141';
$banned_ip[] = '209.62.82.14';
$banned_ip[] = '65.31.130.[5-29]';
$banned_ip[] = '68.168.78.226';
$banned_ip[] = '[2-3].1.1.1';

$banned_ip = parse_range($banned_ip);
echo('<pre>'.print_r($banned_ip, true).'</pre>');


if(in_array($_SERVER['REMOTE_ADDR'], $banned_ip)){
    //header("location: http://www.yahoo.com");
}
else
{
   // header("location: http://www.google.com");
    exit();
}

function parse_range($array) {
	$new_array = array();
	foreach ($array as $el) {
		if (preg_match('/\[([0-9]+)\-([0-9]+)\]/', $el, $match)) {
			$from = $match[1];
			$to = $match[2];
			$el = preg_replace('/\[([0-9]+)\-([0-9]+)\]/', '{REPL}', $el);
			for ($i = $from ; $i<=$to;$i++) {
				$new = str_replace('{REPL}', $i, $el);
				$new_array[] = $new;
			}
		} else {
			$new_array[] = $el;
		}
	}
	sort($new_array);
	return($new_array);
}
?>

 

[monaco]

If you're going to ban a bunch of IPs, I'd suggest keeping the ban list in a database table somewhere...that for loop is going to start soaking up compute cycles if it gets huge.

 

[RegisterRants]

In lieu of the for look, I would use an in_array() check.

Jason

 

[monaco]

In lieu of the for look, I would use an in_array() check.

Jason

Would that not still perform a O sequential search across the whole array?

 

[Peter]

yes it would. However as it is a built in function written in c it would perform faster than initially doing a for loop yourself. Although it will double the work if you then go ahead and carry out a for loop.

 

[Palyriot]

Maybe make a script that for banning a range of IPs, you type in the range you want to ban and it will add all of those IPs to a database where you can then perform a search query for that IP.

 

[monaco]

You could always make a table with 8 cols (4 octets x 2) then you could do all of the work in a single sql statement which would process ranges too. Add another column for a custom redirect would be a fun touch. Imagine what some banned ppl would think if they got redirected to the DOJ site, or 2girls1cup, or got rickrolled *evil grin*

 

[RegisterRants]

I vote for the rickroll

 

[Palyriot]

OK, this script should work for any range in any quartile of the IP. Even [0-255].[0-255].[0-255].[0-255] will work. With every $ip_range value you add, it will only get a very small fraction of a second slower. Running the script with 100 ip ranges took 0.00264000892639 seconds.

Have Fun!

<?php

function checkban($ip, $banned_ip, $ip_ranges)
{
	$ipquartiles = explode('.', $ip);
	if (in_array($ip, $banned_ip))
	{
		return true;
		
	}
	
	if ($banned != true)
	{
		foreach($ip_ranges as $ip_range)
		{
			$quartiles = explode('.', $ip_range);
			for ($i = 0; $i <= 4; $i++)
			{
				if (preg_match('/\[([0-9]+)\-([0-9]+)\]/', $quartiles[$i], $matches))
				{
				    $start = $matches[1];
				    $end = $matches[2];
					if ($ipquartiles[$i] < $start || $ipquartiles[$i] > $end)
					{
						return false;
					}
					else
					{
						$banned = true;
					}
				}
				else
				{
					if ($quartiles[$i] != $ipquartiles[$i])
					{
						return false;
					}
				}
			}
		}
	}
	return $banned;
}

$banned_ip = array();
$banned_ip[] = '204.96.148.3';
$banned_ip[] = '205.162.217.141';

$ip_ranges = array();
$ip_ranges[] = '[0-255].0.0.1';

$ip = $_SERVER['REMOTE_ADDR'];

$banned = checkban($ip, $banned_ip, $ip_ranges);

if ($banned == true)
{
	echo 'banned!';
    //header("location: http://www.yahoo.com");
}
else
{
   // header("location: http://www.google.com");
   echo 'not banned';
}

?>

 

[Palyriot]

Any updates? Did you try my script out?

 

[mhuynh]

Derek "Palyriot"...

You seem like a real GURU at PHP... I'm also doing something similar I was going through your code and it works great.... I modified it a bit to make it suitable for what i need it to do... but what I need to do is to block out all IP ranges and exclude a few.

Is it possible to exclude some IPs or IP ranges ?

 

[mhuynh]

Hey guys...

what I did to block out all IP's except these range and this ip ... I'm a bit of a noob as well at this but, if would be nice if someone could just have a quick look to see if it is right... I just need ip range of 150.203.197.*** to work, and 136.153.2.2 ... And reject all other ips.

thanks in advanced...

<?php

$valid_ips = array('150.203.197..*','136.153.2.2');
if (!in_array($_SERVER['REMOTE_ADDR'],$valid_ips)) {
echo "Access denied. Please go return to menu screen you must login in with your barcode and password before you can access this page.";

//header('Location: /index.php'); //change according to your site if needed
exit();
}

?>

 

[Palyriot]

This should do it

  <?php

function checkban($ip, $banned_ip, $ip_ranges, $valid_ip)
{
	if (in_array($ip, $valid_ip))
	{
		return false;
	}
	$ipquartiles = explode('.', $ip);
    if (in_array($ip, $banned_ip))
    {
    	return true;
    }
    foreach($ip_ranges as $ip_range)
    {
        $quartiles = explode('.', $ip_range);
        for ($i = 0; $i <= 4; $i++)
        {
            if (preg_match('/\[([0-9]+)\-([0-9]+)\]/', $quartiles[$i], $matches))
            {
                $start = $matches[1];
                $end = $matches[2];
                if ($ipquartiles[$i] < $start || $ipquartiles[$i] > $end)
                {
                    return false;
                }
                else
                {
                    $banned = true;
                }
            }
            else
            {
                if ($quartiles[$i] != $ipquartiles[$i])
                {
                    return false;
                }
            }
        }
    }
    return $banned;
}

$valid_ip = array();
$valid_ip[] = '127.0.0.1';

$banned_ip = array();
$banned_ip[] = '204.96.148.3';
$banned_ip[] = '205.162.217.141';

$ip_ranges = array();
$ip_ranges[] = '[0-255].0.0.1';

$ip = $_SERVER['REMOTE_ADDR'];

$banned = checkban($ip, $banned_ip, $ip_ranges, $valid_ip);

if ($banned == true)
{
    echo 'banned!';
    //header("location: http://www.yahoo.com");
}
else
{
   // header("location: http://www.google.com");
   echo 'not banned';
}

?>

 

[mhuynh]

Thanks dude.... !!! Your the best !!!

I'm going to give it a go....

 

[Palyriot]

Cool, tell me if there are any problems with it.

 

[mhuynh]

Awesome.... dude...
Alright ... I've added the ip_ranges array

$ip_ranges[] = '[0-255].[0-255].[0-255].[0-255]';

That blocked out all the IPs [which is what I wanted]...

In valid_ip array I added

$valid_ip[] = '136.153.2.2';

I'm assuming that I can't add valid IP ranges in there right?

I've tried to play around with the figures in the ip_ranges array to skip this range '150.203.197.*' but I couldn't get it to work....

I must be doing something wrong I think.... I've playing around with you code at all morning to try to rejig it a bit but, I still be unsucessful.

hmm....

 

[boleemenee]

I'm surprised that no one mentioned .htaccess mod_rewrite and mod_access, this apache modules works faster and better, was made for this kind of tasks and enabled everywhere by default. If you need dynamic IP lists - you can simply remove and add IPs to .htaccess file (manually or via php).