PHP IP Blocking Script

Kodesmart - May 30, 2013 - Kode

EDIT:
If your looking for a blacklisting solution for WordPress please visit Securing WordPress Websites and Blogs – Blacklist by IP Address

Using GeoBytes and HostIP APIs to create a PHP IP addresses filtering system capable of blocking visitors by country. Both APIs are available free of cost but have some amount of restriction/limit governing free access. For this reason we will utilize both services in our script, one as primary and the other as a fall-back.

GEOBytes API

http://www.geobytes.com/IpLocator.htm

API Call Result

Sample Result Array can be seen here: http://www.geobytes.com/phpdemo.php

HOSTIP API

http://api.hostip.info

Access GeoBytes API with PHP

$tags = get_meta_tags('http://www.geobytes.com/IpLocator.htm?GetLocation&template=php3.txt&IpAddress='.$_SERVER['REMOTE_ADDR']);

For testing purposes you can replace $_SERVER['REMOTE_ADDR'] with your IP address.

Access HOSTIP API with PHP

$iptocheck = $_SERVER['REMOTE_ADDR']; # Get visitor's IP
$geoiparray = getInfoFromIP($iptocheck);

function getInfoFromIP($theip){
    if(!$theip) return false; # Missing parameter

    # Pull the XML
    $url = 'http://api.hostip.info/?ip='.$theip;
    $xml = simplexml_load_file($url);

    $result['country'] = $xml->children('gml', true)->featureMember->children()->Hostip->countryName;
    return $result;
}

PHP IP Blocking Script (Complete)

Redirect Users accessing the site from named country

<?php
$tags = get_meta_tags('http://www.geobytes.com/IpLocator.htm?GetLocation&template=php3.txt&IpAddress='.$_SERVER['REMOTE_ADDR']);

if($tags['country'] == "Jamaica"){
    # Send visitor to JM Domain
    header("Location: http://www.kodesmart.com.jm");
}
else if($tags['country'] == "United States"){
    # Send visitor to .COM Domain
    header("Location: http://www.kodesmart.com");
}

/* After 20 Attempts/Hour --FailSafe */
else if($tags['country'] == "Limit Exceeded"){
    # Get visitor's IP
    $iptocheck = $_SERVER['REMOTE_ADDR'];
    $geoiparray = getInfoFromIP($iptocheck);

    if($geoiparray['country'] == "JAMAICA"){
        # Send visitor to JM Domain
        header("Location: http://www.kodesmart.com");
    }
    else if($geoiparray['country'] == "UNITED STATES"){
        # Send visitor to .COM Domain
        header("Location: http://www.kodesmart.com");
    }
}

function getInfoFromIP($theip){
    # Missing parameter
    if(!$theip) return false;

    # Pull the XML
    $url = 'http://api.hostip.info/?ip='.$theip;
    $xml = simplexml_load_file($url);

    $result['country'] = $xml->children('gml', true)->featureMember->children()->Hostip->countryName;
    return $result;
}

/* exit(); */
$_SESSION['$executed'] = true;
echo "loaded";
?>

Note: The example script redirects users instead of blocking them, in order to block a visitor simply change the destination to a somewhere like google.com or a custom restriction page. Eg: header(“Location: http://www.kodesmart.com/restricted-access.php”).

Post Tags:

Join the Newsletter

Sign up for our personalized daily newsletter

Kodesmart

#1 GUIDE TO DRUPAL, WORDPRESS, CSS AND CUSTOM CODING | BEGINNER TO PRO

Garish

There is so much with coding that I do not even know. As a beginner, this can be very confusing, but I do understand what the end result should be. Thanks for posting!

← Previous Post Next Post →