Scratch

P110 · 2012-04-25 14:04:43

D: my first Itopic XD hope this helps!

I know this is only one method out of many, PLEASE DO NOT POST OTHER METHODS AS I WILL CLASS THEM AS SPAM

You don't need this to get accepted, but it is a good idea

If you want to get your website verified by ST so you can post links to it from the scratch website, then i'ts a good idea, but not a necessity to be able to block ip addresses or in other words people.

Why block Ip's?
If you can block ip's then you can keep you site safe by keeping people who don't follow the rules, or who spam.

What is an IP
An Ip address is a string of numbers, every device that can go on the internet has to use one.

How do I block them
[If your website editor or provider provides it, then use that method]

[If your website editor doesn't provide it, then use this, or any other you like, I'm just trying to help with this]
It's actually not that hard, first use a website editor that allows you to edit the <head> tag, it's also a good idea to use one that lets you see ip addresses like this one that gives you the ip whenever they fill out a form, then copy this code after <head> but before</head>

Code:

<!--ban Ip start-->
<script type="text/javascript">

//Enter list of banned ips, each separated with a comma:
var bannedips=["111.111.1.11","111.111.1.11]

var ip = '<!--#echo var="REMOTE_ADDR"-->'

var handleips=bannedips.join("|")
handleips=new RegExp(handleips, "i")

if (ip.search(handleips)!=-1){ 
alert("Sorry, this computer has been banned, one moment...")
window.location.replace("http://www.yourwebsite.com/banned.html")
}

</script>
<!--ban ip end-->

This java script will redirect the computer to /banned.html, you must create this page or enter a random web address like google.co.uk

That's it when you have put the ip's in you want to block they will start being led away! [It's a good idea to have this on every page]

Thanks for reading, and good luck with your website!

A very good point made by blob8108
They would have to have java script enabled to get banned, but if you use mostly java script on your site (as I do) then they wont be able to really access anything.

Another very good point
you must have at least one ip on the list or it bans all ip addresses, so I recommend adding when you need to.

Note from Paddle2see-Scratch team
The Scratch Team does not require that you use this on your site. If your site does allow visitors to add stuff to it (forum posts, comments) it's a really good idea to make sure that you do have a way to block IP's. Many sites have that feature built-in - but if they don't, this approach could be very helpful.

Last edited by P110 (2012-05-22 16:06:38)

blob8108 · 2012-04-25 14:10:55

This won't work if Javascript's disabled. hmm So they could still access the site...

scimonster · 2012-04-25 15:31:50

If you have a forum, there's usually an option to ban an IP.

bobbybee · 2012-04-25 15:45:39

Also, people can delete the JavaScript, or change the banned IP array.

jvvg · 2012-04-25 15:46:14

To prevent spam, you should also use stopforumspam.com.
My usage of that has blocked about 95% of the spambots that have tried to sign up on my site.

You can also ban an IP with the following:

Code:

<?php
$blockedips = array('3.6.2.6', '255.255.255.255', '1.2.3.4');
if (in_array($_SERVER['REMOTE_ADDR'], $blockedips)) {
     echo 'You have been banned. If you wish to contest this, please contact us at someone@yoursite.org'; die;
}
?>

GeonoTRON2000 · 2012-04-25 17:46:52

blob8108 wrote:
This won't work if Javascript's disabled. So they could still access the site...

+1
Indeed. What you should use:

File called .htaccess wrote:
ErrorDocument 403 /banned.htm
Order Deny,Allow
Deny from 111.111.1.11
Deny from 222.222.2.22
Deny from 333.333.3.33

Make the .htaccess file with that code, and you're all set!

P110 · 2012-04-26 03:15:41

OK now to answer all of your posts:

If you own a forum then as:

jjvg wrote:
To prevent spam, you should also use http://stopforumspam.com.

but as they also told us you could use PHP coding, but only if your server supports PHP, check first.

also, some providers don't provide or let you have a .htaccess file, hope this helps.

My code is just meant to be a simple one for people to ban ip's

DigiTechs · 2012-04-26 13:04:01

Eh. With the E107 website admin system it comes with an IP ban anyway..

LS97 · 2012-04-26 13:40:12

DigiTechs wrote:
Eh. With the E107 website admin system it comes with an IP ban anyway..

Indeed most cPanels will provide you with the option to ban IPs. However both that and the htaccess method, although they are foolproof, are very ugly for the banned user tongue

SJRCS_011 · 2012-04-26 14:24:33

LS97 wrote:
DigiTechs wrote:
Eh. With the E107 website admin system it comes with an IP ban anyway..
Indeed most cPanels will provide you with the option to ban IPs. However both that and the htaccess method, although they are foolproof, are very ugly for the banned user

Unless you make the 503 page look nice.

scimonster · 2012-04-26 14:31:05

SJRCS_011 wrote:
LS97 wrote:
DigiTechs wrote:
Eh. With the E107 website admin system it comes with an IP ban anyway..
Indeed most cPanels will provide you with the option to ban IPs. However both that and the htaccess method, although they are foolproof, are very ugly for the banned user
Unless you make the 503 page look nice.

I thought it was 403? hmm

SJRCS_011 · 2012-04-26 17:21:34

scimonster wrote:
SJRCS_011 wrote:
LS97 wrote:

Indeed most cPanels will provide you with the option to ban IPs. However both that and the htaccess method, although they are foolproof, are very ugly for the banned user
Unless you make the 503 page look nice.
I thought it was 403?

yeah, it is 403.
I got mixed up there XD
(503 is service unavailable)

jvvg · 2012-04-26 19:49:09

SJRCS_011 wrote:
scimonster wrote:
SJRCS_011 wrote:

Unless you make the 503 page look nice.
I thought it was 403?
yeah, it is 403.
I got mixed up there XD
(503 is service unavailable)

I've had a lot of experience with HTTP status codes. (yeah, you want 403).
Here are the most common:
300 - Redirect
300 - multiple choices
301/302 - Redirect
400 - Request error
400 - Bad request (i.e. requesting HTTP on an HTTPS port)
401 - Authentication failed
403 - Forbidden
404 - Not Found
410 - Gone (instructs search engines and web caches to remove it, 404 also works)
500 - Server error
500 - Generic server error
503 - Service unavailable
504 - Bad gateway

GeonoTRON2000 · 2012-04-26 23:19:43

jvvg wrote:
To prevent spam, you should also use stopforumspam.com.
My usage of that has blocked about 95% of the spambots that have tried to sign up on my site.

You can also ban an IP with the following:
Code:
<?php
$blockedips = array('3.6.2.6', '255.255.255.255', '1.2.3.4');
if (in_array($_SERVER['REMOTE_ADDR'], $blockedips)) {
     echo 'You have been banned. If you wish to contest this, please contact us at someone@yoursite.org'; die;
}
?>

Why not just:

Code:

die('You have been banned. If you wish to contest this, please contact us at someone@yoursite.org');

GeonoTRON2000 · 2012-04-26 23:33:35

Also, here's my administrative tool:

Code:

<?php
if($_SERVER["REMOTE_ADDR"] == "99.108.140.105" && $_SERVER["REQUEST_METHOD"] == "POST") {
  $ftp = ftp_connect("geonotron.net84.net") or die("Could not connect to FTP server.");
  ftp_login($ftp, "MAHUSERNAME", "*****") or die("Could not login to FTP server.  Check your login details.");
  ftp_chdir($ftp, "/public_html/");
  ftp_get($ftp, "temp.txt", ".htaccess", FTP_ASCII) or die("Could not get htaccess file.");
  ftp_chmod($ftp, octdec(0777), "temp.txt") or die("Could not chmod temp file.");
  fwrite(fopen("temp.txt", "a"), "Deny from ".$_POST["ip"]."\n") or die("Could not add to temp file.");
  ftp_put($ftp, ".htaccess", "temp.txt", FTP_ASCII) or die("Could not update htaccess file.");
  unlink("temp.txt") or die("Could not delete temp file.");
  ftp_close($ftp) or die("Could not close FTP connection.");
  die($_POST["ip"]." banned.");
}
else if ($_SERVER["REMOTE_ADDR"] != "99.108.140.105") {
  die("Not enough permissions to carry out that action.");
}
?>
<html>
<head>
<title>Ban an IP</title>
</head>
<body>
<form action="" method="POST">
<p>IP: <input type="text" name="ip" /></p>
<p><input type="submit" value="Ban" /></p>
</form>
</body>
</html>

The last action in my htaccess file is a deny from ip, so that's why this works. This just appends "Deny from IP", where IP is the ip address that you type in, to your htaccess file.

Last edited by GeonoTRON2000 (2012-04-26 23:51:39)

SJRCS_011 · 2012-04-27 08:58:09

P110 wrote:
OK now to answer all of your posts:

If you own a forum then as:
jjvg wrote:
To prevent spam, you should also use http://stopforumspam.com.
but as they also told us you could use PHP coding, but only if your server supports PHP, check first.

also, some providers don't provide or let you have a .htaccess file, hope this helps.

My code is just meant to be a simple one for people to ban ip's

About 99% (my estimate) of web hosts support PHP.
IMHO, if your web host is in that 1%, then it isn't worth using tongue

XenoK · 2012-04-27 15:28:06

great guide! This should be ITopiced!

DigiTechs · 2012-04-28 04:02:20

LS97 wrote:
DigiTechs wrote:
Eh. With the E107 website admin system it comes with an IP ban anyway..
Indeed most cPanels will provide you with the option to ban IPs. However both that and the htaccess method, although they are foolproof, are very ugly for the banned user

No no, the E107 website admin system isn't a cPanel - it's an actuall plug-in for the site, where you can add menu's and stuff. My dad makes websites with this system, if you want, I can link you one.

scimonster · 2012-04-28 15:00:45

SJRCS_011 wrote:
P110 wrote:
OK now to answer all of your posts:

If you own a forum then as:
jjvg wrote:
To prevent spam, you should also use http://stopforumspam.com.
but as they also told us you could use PHP coding, but only if your server supports PHP, check first.

also, some providers don't provide or let you have a .htaccess file, hope this helps.

My code is just meant to be a simple one for people to ban ip's
About 99% (my estimate) of web hosts support PHP.
IMHO, if your web host is in that 1%, then it isn't worth using

Are you bashing Microsoft's ASP? tongue

Paddle2See · 2012-04-29 05:44:48

Cool guide! But please note somewhere that the Scratch Team does not require that you use this on your site. If your site does allow visitors to add stuff to it (forum posts, comments) it's a really good idea to make sure that you do have a way to block IP's. Many sites have that feature built-in - but if they don't, this approach could be very helpful.

P110 · 2012-04-29 14:14:38

Paddle2See wrote:
Cool guide! But please note somewhere that the Scratch Team does not require that you use this on your site. If your site does allow visitors to add stuff to it (forum posts, comments) it's a really good idea to make sure that you do have a way to block IP's. Many sites have that feature built-in - but if they don't, this approach could be very helpful.

Done.

Now to answer all the questions (again)

one simple answer, this is just a simple method for people who don't have another option, I'm just trying to be helpful.

Yes you could use other methods, but there can be problems with them, but people are welcome to use them, I just chose one method and put it in the post.

SJRCS_011 · 2012-04-29 16:10:11

scimonster wrote:
SJRCS_011 wrote:
P110 wrote:
OK now to answer all of your posts:

If you own a forum then as:

but as they also told us you could use PHP coding, but only if your server supports PHP, check first.

also, some providers don't provide or let you have a .htaccess file, hope this helps.

My code is just meant to be a simple one for people to ban ip's
About 99% (my estimate) of web hosts support PHP, ASP, Python, and/or CGI
IMHO, if your web host is in that 1%, then it isn't worth using
Are you bashing Microsoft's ASP?

Alright, I'll add some more to it
See above ^^

scimonster · 2012-04-30 14:36:11

SJRCS_011 wrote:
scimonster wrote:
SJRCS_011 wrote:

About 99% (my estimate) of web hosts support PHP, ASP, Python, and/or CGI
IMHO, if your web host is in that 1%, then it isn't worth using
Are you bashing Microsoft's ASP?
Alright, I'll add some more to it
See above ^^

Not that i use them, but just to be fair. xD

Oh, and someone *coughpaddlecough* put "iTopic" instead of "ITopic". We're not making Apple products here smile

LS97 · 2012-04-30 16:06:19

scimonster wrote:
SJRCS_011 wrote:
scimonster wrote:

Are you bashing Microsoft's ASP?
Alright, I'll add some more to it
See above ^^
Not that i use them, but just to be fair. xD

Oh, and someone *coughpaddlecough* put "iTopic" instead of "ITopic". We're not making Apple products here

Well, the topic title also contains 'iP' instead of 'IP' -- I guess that's Apple influence too big_smile

GeonoTRON2000 · 2012-04-30 18:41:01

I don't see why it's so important to have "ITopic: " in the title. You could just add that yourself.

Scratch

archived forums

#1 2012-04-25 14:04:43

ITopic: Guide to blocking iP's for your website!

Code:

#2 2012-04-25 14:10:55

Re: ITopic: Guide to blocking iP's for your website!

#3 2012-04-25 15:31:50

Re: ITopic: Guide to blocking iP's for your website!

#4 2012-04-25 15:45:39

Re: ITopic: Guide to blocking iP's for your website!

#5 2012-04-25 15:46:14

Re: ITopic: Guide to blocking iP's for your website!

Code:

#6 2012-04-25 17:46:52

Re: ITopic: Guide to blocking iP's for your website!

blob8108 wrote:

File called .htaccess wrote:

#7 2012-04-26 03:15:41

Re: ITopic: Guide to blocking iP's for your website!

jjvg wrote:

#8 2012-04-26 13:04:01

Re: ITopic: Guide to blocking iP's for your website!

#9 2012-04-26 13:40:12

Re: ITopic: Guide to blocking iP's for your website!

DigiTechs wrote:

#10 2012-04-26 14:24:33

Re: ITopic: Guide to blocking iP's for your website!

LS97 wrote:

DigiTechs wrote:

#11 2012-04-26 14:31:05

Re: ITopic: Guide to blocking iP's for your website!

SJRCS_011 wrote:

LS97 wrote:

DigiTechs wrote:

#12 2012-04-26 17:21:34

Re: ITopic: Guide to blocking iP's for your website!

scimonster wrote:

SJRCS_011 wrote:

LS97 wrote:

#13 2012-04-26 19:49:09

Re: ITopic: Guide to blocking iP's for your website!

SJRCS_011 wrote:

scimonster wrote:

SJRCS_011 wrote:

#14 2012-04-26 23:19:43

Re: ITopic: Guide to blocking iP's for your website!

jvvg wrote:

Code:

Code:

#15 2012-04-26 23:33:35

Re: ITopic: Guide to blocking iP's for your website!

Code:

#16 2012-04-27 08:58:09

Re: ITopic: Guide to blocking iP's for your website!

P110 wrote:

jjvg wrote:

#17 2012-04-27 15:28:06

Re: ITopic: Guide to blocking iP's for your website!

#18 2012-04-28 04:02:20

Re: ITopic: Guide to blocking iP's for your website!

LS97 wrote:

DigiTechs wrote:

#19 2012-04-28 15:00:45

Re: ITopic: Guide to blocking iP's for your website!

SJRCS_011 wrote:

P110 wrote:

jjvg wrote:

#20 2012-04-29 05:44:48

Re: ITopic: Guide to blocking iP's for your website!

#21 2012-04-29 14:14:38

Re: ITopic: Guide to blocking iP's for your website!

Paddle2See wrote:

#22 2012-04-29 16:10:11

Re: ITopic: Guide to blocking iP's for your website!

scimonster wrote:

SJRCS_011 wrote:

P110 wrote:

#23 2012-04-30 14:36:11

Re: ITopic: Guide to blocking iP's for your website!