$_SERVER[REMOTE_ADDR] gets just the gateway IP address. For instance, an organization can have 10000 PCs connected to a LAN, sharing internet. All the PCs will have the same gateway IP address. So banning $_SERVER[REMOTE_ADDR] is not effective as it will ban all the users within the LAN. Are there any methods to solve this problem?
2007-11-26 00:18:32 · 2 answers · asked by Twist of Fate 1 in Computers & Internet ➔ Programming & Design
Nope, unless the remote gateway is kind enough to provide you with a "X-HTTP-Forwarded-For:" header. But even that may not solve the problem, as the local network may assign random IP addresses to computers on it, so the computer that was 192.168.0.12 today may become 192.168.0.87 tomorrow...
Instead of banning IP addresses, you should make sure that only registered users can post to your site and ban offending user names...
2007-11-26 10:57:48 · answer #1 · answered by NC 7 · 1⤊ 0⤋
I never thought of it, but I do not think you can: the remote server (proxy) will usually give a new IP to each machine that connects to the LAN, so the PC that you want to ban will just have to disconnect and re-connect to avoid the ban!
I would ban a "machine" using a small piece of code downloaded TO THE MACHINE while it is on-line and is banned. (NOT a cookie! Easy to find and delete, even edit!)
Your server would then receive a call, CHECK for that file and, if present (or contains a banning code), would send, not the page, but a "forbidden access" page.
The "banning" file would be part of an "innocent" registration process.
Once the user register, the small file is hidden on the machine (a cryptic name, in the "drive" directory for example).
Your PhP would receive the request for the page, send a request for that file during the header, and treat it accordingly.
2007-11-26 05:47:59 · answer #2 · answered by just "JR" 7 · 0⤊ 0⤋