问题
If I want a ban a user by IP in my website, is it possible to do it by both IPv4 and IPv6? Some browsers apparently use IPv4 addresses by default and others, if they have the possibility, use IPv6 addresses. So, if I ban someone by their current IP, they would only have to user another navigator to bypass the ban.
tl;dr: is it possible to translate IPv4 addresses to IPv6 or something like that to "unify" them?
I'm using PHP as the server-side technology.
回答1:
No, it isn't really possible. They are entirely separate network protocols that don't have to have anything to do with each other.
In addition, I would suggest that banning by IP address should only be used in conjunction with other methods, as it is very easy to use a proxy or other means to hit your server from a different IP address.
回答2:
You can't really translate one to the other, the IPv4 and IPv6 Internets are essentially two logically seperate neworks that happen to share much of the same infrastructure.
Things you can do.
- Look out for addresses associated with the 6to4 and teredo transition mechanisms. When you see one translate it to the corresponding IPv4 address for abuse control comparisions.
- Be aware that customers tend to get allocated IPv6 in blocks of at least /64, so there isn't generally much point in banning an individual IPv6 address.
- Include a couple of mostly invisible resources (e.g. 1x1 pixel transparent images) on critical pages, one served from a v4 only hostname and one served from a v6 only hostname. Use these images to collect both of the user's addresses (if they exist).
来源:https://stackoverflow.com/questions/12468069/banning-by-ipv4-and-ipv6