问题
I want write a php function that takes the user's ip address, checks it against known blacklists and redirects users from blacklisted ip addresses to a default "Access Forbidden" page. I only want to allow access to my home page to users from IP addresses that have not been blacklisted. Can anyone help? Here's what I have so far.
<?php
$ip=$_SERVER["REMOTE_ADDR"];
function flush_buffers()
{
ini_set('output_buffering','on');
ini_set('zlib.output_compression', 0);
ini_set('implicit_flush',1);
ob_implicit_flush();
echo ("<html><head><head><body>");
for($i=0;$i<20;$i++) {
echo $i;
echo str_repeat(" ", 500);
ob_flush();
flush();
sleep(1);
}
}
function dnsbllookup($ip)
{
$dnsbl_lookup=array(
"access.redhawk.org",
"b.barracudacentral.org",
"bl.csma.biz",
"bl.emailbasura.org",
"bl.spamcannibal.org",
"bl.spamcop.net",
"bl.technovision.dk",
"blackholes.five-ten-sg.com",
"blackholes.wirehub.net",
"blacklist.sci.kun.nl",
"block.dnsbl.sorbs.net",
"blocked.hilli.dk",
"bogons.cymru.com",
"cart00ney.surriel.com",
"cbl.abuseat.org",
"dev.null.dk",
"dialup.blacklist.jippg.org",
"dialups.mail-abuse.org",
"dialups.visi.com",
"dnsbl.ahbl.org",
"dnsbl.antispam.or.id",
"dnsbl.cyberlogic.net",
"dnsbl.kempt.net",
"dnsbl.njabl.org",
"dnsbl.sorbs.net",
"dnsbl-1.uceprotect.net",
"dnsbl-2.uceprotect.net",
"dnsbl-3.uceprotect.net",
"duinv.aupads.org",
"dul.dnsbl.sorbs.net",
"dul.ru",
"escalations.dnsbl.sorbs.net",
"hil.habeas.com",
"http.dnsbl.sorbs.net",
"intruders.docs.uu.se",
"ips.backscatterer.org",
"korea.services.net",
"mail-abuse.blacklist.jippg.org",
"misc.dnsbl.sorbs.net",
"msgid.bl.gweep.ca",
"new.dnsbl.sorbs.net",
"no-more-funn.moensted.dk",
"old.dnsbl.sorbs.net",
"pbl.spamhaus.org",
"proxy.bl.gweep.ca",
"psbl.surriel.com",
"pss.spambusters.org.ar",
"rbl.schulte.org",
"rbl.snark.net",
"recent.dnsbl.sorbs.net",
"relays.bl.gweep.ca",
"relays.bl.kundenserver.de",
"relays.mail-abuse.org",
"relays.nether.net",
"rsbl.aupads.org",
"sbl.spamhaus.org",
"smtp.dnsbl.sorbs.net",
"socks.dnsbl.sorbs.net",
"spam.dnsbl.sorbs.net",
"spam.olsentech.net",
"spamguard.leadmon.net",
"spamsources.fabel.dk",
"tor.ahbl.org",
"web.dnsbl.sorbs.net",
"whois.rfc-ignorant.org",
"xbl.spamhaus.org",
"zen.spamhaus.org",
"zombie.dnsbl.sorbs.net",
"bl.tiopan.com",
"dnsbl.abuse.ch",
"tor.dnsbl.sectoor.de",
"ubl.unsubscore.com",
"cblless.anti-spam.org.cn",
"dnsbl.tornevall.org",
"dnsbl.anticaptcha.net",
"dnsbl.dronebl.org"
); // Add your preferred list of DNSBL's
$AllCount = count($dnsbl_lookup);
$BadCount = 0;
if($ip)
{
$reverse_ip = implode(".", array_reverse(explode(".", $ip)));
foreach($dnsbl_lookup as $host)
{
if(checkdnsrr($reverse_ip.".".$host.".", "A"))
{
// echo "<span color='#339933'>Listed on ".$reverse_ip.'.'.$host."!</span><br/>";
flush_buffers();
$BadCount++;
}
else
{
// echo "Not listed on ".$reverse_ip.'.'.$host."!<br/>";
flush_buffers();
}
}
}
else
{
// echo "Empty ip!<br/>";
flush_buffers();
}
// echo "This ip has ".$BadCount." bad listings of ".$AllCount."!<br/>";
flush_buffers();
if($BadCount==0)
{
include("index.php");
}
else
{
include("default.htm");
}
}
if(preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/",@$ip) == true)
{
dnsbllookup($ip);
}?>
回答1:
the real problem with this is how long it takes.
Made a few changes to show what I mean
average time 60 seconds and that is a long time to wait at a website
<?php
$ip=$_SERVER["REMOTE_ADDR"];
$tstart=time();
echo $ip."<BR>";
function flush_buffers()
{
ini_set('output_buffering','on');
//ini_set('zlib.output_compression', 0);
ini_set('implicit_flush',1);
ob_implicit_flush();
//echo ("<html><head><head><body>");
for($i=0;$i<20;$i++) {
// echo $i;
echo str_repeat(" ", 500);
ob_flush();
flush();
// sleep(1);
}
}
function dnsbllookup($ip)
{
$dnsbl_lookup=array(
"access.redhawk.org",
"b.barracudacentral.org",
"bl.csma.biz",
"bl.emailbasura.org",
"bl.spamcannibal.org",
"bl.spamcop.net",
"bl.technovision.dk",
"blackholes.five-ten-sg.com",
"blackholes.wirehub.net",
"blacklist.sci.kun.nl",
"block.dnsbl.sorbs.net",
"blocked.hilli.dk",
"bogons.cymru.com",
"cart00ney.surriel.com",
"cbl.abuseat.org",
"dev.null.dk",
"dialup.blacklist.jippg.org",
"dialups.mail-abuse.org",
"dialups.visi.com",
"dnsbl.ahbl.org",
"dnsbl.antispam.or.id",
"dnsbl.cyberlogic.net",
"dnsbl.kempt.net",
"dnsbl.njabl.org",
"dnsbl.sorbs.net",
"dnsbl-1.uceprotect.net",
"dnsbl-2.uceprotect.net",
"dnsbl-3.uceprotect.net",
"duinv.aupads.org",
"dul.dnsbl.sorbs.net",
"dul.ru",
"escalations.dnsbl.sorbs.net",
"hil.habeas.com",
"http.dnsbl.sorbs.net",
"intruders.docs.uu.se",
"ips.backscatterer.org",
"korea.services.net",
"mail-abuse.blacklist.jippg.org",
"misc.dnsbl.sorbs.net",
"msgid.bl.gweep.ca",
"new.dnsbl.sorbs.net",
"no-more-funn.moensted.dk",
"old.dnsbl.sorbs.net",
"pbl.spamhaus.org",
"zen.spamhaus.org",
"proxy.bl.gweep.ca",
"psbl.surriel.com",
"pss.spambusters.org.ar",
"rbl.schulte.org",
"rbl.snark.net",
"recent.dnsbl.sorbs.net",
"relays.bl.gweep.ca",
"relays.bl.kundenserver.de",
"relays.mail-abuse.org",
"relays.nether.net",
"rsbl.aupads.org",
"sbl.spamhaus.org",
"smtp.dnsbl.sorbs.net",
"socks.dnsbl.sorbs.net",
"spam.dnsbl.sorbs.net",
"spam.olsentech.net",
"spamguard.leadmon.net",
"spamsources.fabel.dk",
"tor.ahbl.org",
"web.dnsbl.sorbs.net",
"whois.rfc-ignorant.org",
"xbl.spamhaus.org",
"zen.spamhaus.org",
"zombie.dnsbl.sorbs.net",
"bl.tiopan.com",
"dnsbl.abuse.ch",
"tor.dnsbl.sectoor.de",
"ubl.unsubscore.com",
"cblless.anti-spam.org.cn",
"dnsbl.tornevall.org",
"dnsbl.anticaptcha.net",
"dnsbl.dronebl.org"
); // Add your preferred list of DNSBL's
$AllCount = count($dnsbl_lookup);
$BadCount = 0;
if($ip)
{
$reverse_ip = implode(".", array_reverse(explode(".", $ip)));
foreach($dnsbl_lookup as $host)
{
if(checkdnsrr($reverse_ip.".".$host.".", "A"))
{
echo "<span color='#339933'>Listed on ".$reverse_ip.'.'.$host."!</span><br/>";
flush_buffers();
$BadCount++;
}
else
{
// echo "Not listed on ".$reverse_ip.'.'.$host."!<br/>";
flush_buffers();
}
}
}
else
{
// echo "Empty ip!<br/>";
flush_buffers();
}
echo "This ip has ".$BadCount." bad listings of ".$AllCount."!<br/>";
flush_buffers();
if($BadCount==0)
{
// include("index.php");
echo "Not blacklisted ";
}
else
{
// include("default.htm");
echo "Blacklisted";
}
}
if(preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/",@$ip) == true)
{
dnsbllookup($ip);
}
$tend=time();
$tvar=$tend-$tstart;
echo "<BR> took $tvar seconds <br>";
?>
回答2:
After pondering the nice but slow solution above, I came up with a much-simplified listing of bad IPs that returns only TRUE (if blacklisted) or FALSE (if it is not). Not as all-inclusive as the above, of course, but it seems to cover any test I could throw at it and it is quite fast.
Unremark the $UserIP value at the top to see one that fails or pass your own to (hopefully) see one that does not. Although I didn't actually time it, it seems to load quickly, especially as all of the blocklist.de sites have only raw IPs and nothing else to have to filter through. In fact, perhaps SpamHouse alone would do the job for most users.
Credit for this code is James who posted the another example and I just simplified it and I also eliminated flush_buffers() as I don't see a need for it.
function dnsblLookup($UserIP) {
//$UserIP = "216.145.14.142";
$dnsbl_lookup=array(
"blocklist.de/lists/ssh.txt",
"blocklist.de/lists/apache.txt",
"blocklist.de/lists/asterisk.txt",
"blocklist.de/lists/bots.txt",
"blocklist.de/lists/courierimap.txt",
"blocklist.de/lists/courierpop3.txt",
"blocklist.de/lists/email.txt",
"blocklist.de/lmostists/ftp.txt",
"blocklist.de/lists/imap.txt",
"blocklist.de/lists/pop3.txt",
"blocklist.de/lists/postfix.txt",
"blocklist.de/lists/proftpd.txt",
"blocklist.de/lists/sip.txt",
"ciarmy.com/list/ci-badguys.txt",
"sbl.spamhaus.org",
"xbl.spamhaus.org",
"zen.spamhaus.org"
);
$BadCount = 0;
if ($UserIP) :
$reverse_ip = implode(".", array_reverse(explode(".", $UserIP)));
foreach($dnsbl_lookup as $host) :
if (checkdnsrr($reverse_ip.".".$host.".", "A")) :
$BadCount++;
if ($BadCount > 0) :
break;
endif;
endif;
endforeach;
endif;
if ($BadCount == 0) :
return FALSE;
else :
return TRUE;
endif;
}
来源:https://stackoverflow.com/questions/45873004/php-check-if-users-ip-address-is-blacklisted-and-block-it-from-my-application