Prohibit IP from accessing the site by multiple methods to share of linux php nginx apache
- 2020-05-12 06:28:14
- OfStack
PHP prohibits access to an IP or IP segment
Without further ado, please look at the guest officer:
<?
// Ban a IP
$banned_ip = array (
"127.0.0.1",
//"119.6.20.66",
"192.168.1.4"
);
if ( in_array( getenv("REMOTE_ADDR"), $banned_ip ) )
{
die (" your IP No access! ");
}
// Ban a IP Period of
$ban_range_low=ip2long("119.6.20.65");
$ban_range_up=ip2long("119.6.20.67");
$ip=ip2long($_SERVER["REMOTE_ADDR"]);
if ($ip>$ban_range_low && $ip<$ban_range_up)
{
echo " your IP In prohibited IP Section, no access! ";
exit();
}
?>
apache prohibits access using IP
Method 1: at the end of the httpd.conf file, add the following code
NameVirtualHost 221.*.*.*
<VirtualHost 221.*.*.*>
ServerName 221.*.*.*
<Location />
Order Allow,Deny
Deny from all
</Location>
</VirtualHost>
<VirtualHost 221.*.*.*>
DocumentRoot "c:/web"
ServerName www.ofstack.com
</VirtualHost>
Note: the blue part is the implementation to deny any access request directly through the IP of 221.*.*.*. The red part allows access through the domain name www.ofstack.com, and the home directory points to c:/web. (let's say the root of your site is c:/web.)
Linux blocks access to IP
# Block a single IP The command is
iptables -I INPUT -s 123.45.6.7 -j DROP
# Seal the entire segment immediately from 123.0.0.1 to 123.255.255.254 The command
iptables -I INPUT -s 123.0.0.0/8 -j DROP
# seal IP Section is from 123.45.0.1 to 123.45.255.254 The command
iptables -I INPUT -s 124.45.0.0/16 -j DROP
# seal IP Section is from 123.45.6.1 to 123.45.6.254 The command is
iptables -I INPUT -s 123.45.6.0/24 -j DROP
service iptables save
Save in /etc/sysconfig/iptables if there is no iptables file will be created automatically
Nginx prohibits access to IP
First create the following configuration file and place it under nginx's conf directory, blocksip.conf:
deny 4.4.4.4 // this is IP to be banned by nginx
So let's save 1.
Add: include blocksip.conf; include blocksip.conf; Then restart nginx and it will take effect. When the blocked ip opens the site, it will prompt:
403 Forbidden
blocksip.conf: there are many other formats that can be configured to allow only IP access or IP segment access:
deny IP;
allow IP;
# block all ips
deny all;
# allow all ips
allow all;
The section is written like this: 192.168.1.0/24.