| |
Author: pgregg@pgregg.com
Last updated: 8 November 2003
Source Code
<?php
/*
* PHP Access Control script
* Version 1.0 - February 2002
* Version 2.0 - November 2003
* (c) 2002,2003 Paul Gregg <pgregg@pgregg.com>
* http://www.pgregg.com
*
* Function: This file should be included by other php scripts
* you maintain an array of the remote IPs/Networks you want to block
* and this script prevents them from accessing your main pages.
*
* Open Source Code: If you use this code on your site for public
* access (i.e. on the Internet) then you must attribute the author and
* source web site: http://www.pgregg.com/projects/
* You must also make this original source code available for download
* unmodified or provide a link to the source. Additionally you must provide
* the source to any modified or translated versions or derivatives.
*
* Continued use of this script is conditional on you changing the default
* email addresses defined below.
* Updated: Changed the default email addresses as some people failed to
* remove my email address.
*/
$DO_EMAIL_REPORT = TRUE; // Should we email a report to the site owner
$DO_EMAIL_ADDRESS = 'SILLYADMIN@DIDNT.READ.THE.INSTRUCTIONS'; // CHANGE THIS
$DO_EMAIL_FROM = 'SILLYADMIN@DIDNT.READ.THE.INSTRUCTIONS'; // CHANGE THIS
$DO_SHOWBLOCK = FALSE; // Turn on blocking for all
// Specify a list of messages (web page content) that can be specified
// for use against other rules. You can just put the message against the
// rule itself, but using this structure saves you repeating.
$BLOCK_MESSAGES = array(
'BADCOMPANY' => "<h1>Stop.</h1>\n<p>Permission has not been granted to this site.<br>You are not welcome here.</p>",
'default' => "<h1>Stop.</h1>\n<p>Permission has not been granted to this site.</p>",
);
// This is the meaty section. Here you specify the IPs or IP networks
// you want to block.
// Simply use the IP (or portion of an IP) as the array key and the value
// is the message (page) to display to the user matching this pattern.
// As you can see there are different sections to check:
// $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_VIA'] and
// $_SERVER['HTTP_X_FORWARDED_FOR'] (for people hiding behind caches)
// You can comment out entries with a #
$BLOCK_PATTERNS = array(
'REMOTE_ADDR' => array(
#'195.92.168.' => "<h1>Stop.</h1>\n<p><b>FreeServe Test block</b></p><p>This is a test entry to block the freeserve caches.",
'10.2.3.4' => $BLOCK_MESSAGES['BADCOMPANY'], // Block this IP
'10.2.150.' => $BLOCK_MESSAGES['default'], // Block this network
),
'HTTP_VIA' => array(
'gateway.badcompany.com' => $BLOCK_MESSAGES['BADCOMPANY'],
'cache.badcompany.com' => $BLOCK_MESSAGES['BADCOMPANY'],
),
'HTTP_X_FORWARDED_FOR' => array(
'10.150.150.250' => $BLOCK_MESSAGES['BADCOMPANY'],
'10.150.150.251' => $BLOCK_MESSAGES['BADCOMPANY'],
'10.3.4.6' => $BLOCK_MESSAGES['default'],
),
);
// -------------------------------------------------------------
// Don't change anything below here
$IS_BLOCKED = FALSE; // Not blocked by default
$msg = ''; // Message to be displayed to the user when blocked
$extra_info = ''; // Additional info to be emailed.
if ($DO_SHOWBLOCK)
$IS_BLOCKED = TRUE;
foreach($BLOCK_PATTERNS as $server_key => $checklist) {
foreach($checklist as $pattern => $textmessage) {
$preg_pattern = preg_quote($pattern, '/');
if (preg_match('/'.$preg_pattern.'/', $_SERVER[$server_key])) {
$IS_BLOCKED = TRUE;
$blockedid = $pattern;
$msg = $textmessage;
break;
}
}
if($IS_BLOCKED) break;
}
if ($IS_BLOCKED) {
print <<<EOBLOCKPAGE
<html>
<head>
<title>Website access denied.</title>
<LINK REL="stylesheet" HREF="/style.css" TYPE="text/css">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
</head>
<body background="/images/background-dash-1x2.gif" bgcolor="#ffffff" text="#000000" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0">
<center><table boder=0 width='80%' cellpadding='10' cellspacing='10'>
<tr><td>
$msg
</td></tr>
</table></center>
</body></html>
EOBLOCKPAGE;
if (DO_EMAIL_REPORT)
mail(
$DO_EMAIL_ADDRESS,
"WEB BLOCK - access blocked from $blockedid",
sprintf( <<<EOM
HTTP Host: %s
%s
Remote Host: %s
Remote Addr: %s
Http via: %s
Http X forw: %s
Referrer: %s
User Agent: %s
EOM
,
$_SERVER['HTTP_HOST'],
$extra_info,
$_SERVER['REMOTE_HOST'],
$_SERVER['REMOTE_ADDR'],
$_SERVER['HTTP_VIA'],
$_SERVER['HTTP_X_FORWARDED_FOR'],
$_SERVER['HTTP_REFERER'],
$_SERVER['HTTP_USER_AGENT']
),
"From: $DO_EMAIL_FROM");
exit;
}
?>
| |
|
