/    Sign up×
Community /Pin to ProfileBookmark

IP tracking? I’m getting hate mail.

Copy linkTweet thisAlerts:
Feb 02.2008

Hi guys,

I have been getting hate (e)mail from time to time and really would like to crack down on who this person is and if it’s from the same person or not. A quick google search brought up a few topics about using a PHP script with MySQL to track IP addresses. Or is there a better code/script to use? I know that proxies will give you false IP addresses, so is there an actual sound-proof way of getting an IP address from someone visiting a site? If so, is there a way I could get my hands on the code? Does anyone have any recommendations? And lastly, this is the right forum, right?

to post a comment
PHP

18 Comments(s)

Copy linkTweet thisAlerts:
@klaroenFeb 02.2008 — if someone is visiting your site, you can get his ip like this:

$ip=$_SERVER['REMOTE_ADDR'];
Copy linkTweet thisAlerts:
@WarbladeauthorFeb 02.2008 — Thank you! Now, I'm not really too knowledgeable about PHP. The extent of my knowledge is using the PHP tags in WordPress and messing around with the values in my PHP contact script. Could someone please explain how to implement this into my site? Thanks.
Copy linkTweet thisAlerts:
@koolaidFeb 03.2008 — Thank you! Now, I'm not really too knowledgeable about PHP. The extent of my knowledge is using the PHP tags in WordPress and messing around with the values in my PHP contact script. Could someone please explain how to implement this into my site? Thanks.[/QUOTE]

Try this

[CODE]
<?php

// get ip
$ip = $_SERVER['REMOTE_ADDR'];

// ip you want to ban
$ban_ip = '1.2.3.4';

// echo ip
echo 'Your IP is -> '.$ip;

// if users ip matches the ip you want to ban

if ($ip == $ban_ip)
{
// do something
exit('Get lost!');
}

?>
[/CODE]

Of course, you will have to know the IP you want to get rid of first, try checking the logs maybe?
Copy linkTweet thisAlerts:
@WarbladeauthorFeb 03.2008 — koolaid, thank you so much. I'm not exactly sure [I]how[/I] I'll retrieve his IP, but I'll do some research as to how to snatch it up.
Copy linkTweet thisAlerts:
@WarbladeauthorMar 12.2008 — Sorry to bring this thread back but I've finally gotten some IP's to ban. Just to make sure I've done this correctly, could someone look over this to make sure it's correct? I'm in no way a PHP expert, so a little help is MUCH appreciated!

[code=php]<?php

// get ip
$ip = $_SERVER['REMOTE_ADDR'];

// ip you want to ban
$ban_ip = '38.100.42.25' '64.210.144.214';

// echo ip
echo 'Your IP is -> '.$ip;

// if users ip matches the ip you want to ban

if ($ip == $ban_ip)
{
// do something
exit('Get lost!');
}

?> [/code]

Do I need to do anything else to this? Or just insert this exact code into my page? Does it matter if it's at the top of bottom? Also do I have to put MY IP address is the 'Your IP is ->' spot?

Thanks!
Copy linkTweet thisAlerts:
@HuevoosMar 12.2008 — you should make $ban_ip an array
[code=php]<?php

// get ip
$ip = $_SERVER['REMOTE_ADDR'];

// ip you want to ban
$ban_ip = array('38.100.42.25', '64.210.144.214');

// echo ip
echo 'Your IP is -> '.$ip;

// if users ip matches the ip you want to ban

if (in_array($ip, $ban_ip))
{
// do something
exit('Get lost!');
}

?> [/code]
Copy linkTweet thisAlerts:
@WarbladeauthorMar 12.2008 — Alright so this is ALL I need to insert in my page (does it matter top or bottom?)? I don't need to put my IP address in the [code=php]echo 'Your IP is -> '[/code] spot so it looks something like [code=php]// echo ip
echo '1.2.3.4' .$ip;[/code]?
Copy linkTweet thisAlerts:
@HuevoosMar 12.2008 — yep, that's all, on top of the page, you may want to delete this line though

// echo ip

echo 'Your IP is -> '.$ip;
Copy linkTweet thisAlerts:
@WarbladeauthorMar 12.2008 — Why would I delete that out of curiosity?
Copy linkTweet thisAlerts:
@roscorMar 12.2008 — you would just be telling them what their IP is before the exit where 'Get lost' is displayed. It matters not either way. For your info it is quite correct to keep the banned ip's in an array, as you can continue to add to, each one sepearted by a coma, such as '89.22.33.12' , '78.65.44.33' , 'and so on' you need to do this as ip's change so you need to be able to add on a regular basis as bad ip's come to notice.
Copy linkTweet thisAlerts:
@WarbladeauthorMar 12.2008 — Thanks guys. Hopefully this will cut down on hate mail. Is there a standard time table for when IP's usually change? Is it every day, once every week, once every month?
Copy linkTweet thisAlerts:
@roscorMar 12.2008 — Not sure, I think its random(or when there are changes on the host set up) they usually hold the same first two sets eg. '[COLOR=Red]86.98[/COLOR].89.00' may change to '[COLOR=Red]86.98[/COLOR].56.45' but using your array you should be able to combat the problem. when your knowledge grows you will be able to use other functions such as [URL]http://uk3.php.net/manual/en/function.in-array.php[/URL] which checks for values within your array.

good luck
Copy linkTweet thisAlerts:
@HuevoosMar 12.2008 — Why would I delete that out of curiosity?[/QUOTE]
When you deny someone access to your site you're telling them that it works with their IP, making it easier for them to just change their IP and get access again.

Security through obscurity is not something to rely on, but something you must always add.
Copy linkTweet thisAlerts:
@WarbladeauthorMar 13.2008 — When you deny someone access to your site you're telling them that it works with their IP, making it easier for them to just change their IP and get access again.

Security through obscurity is not something to rely on, but something you must always add.[/QUOTE]

Right right. I get it now. Thank you SO VERY MUCH everyone! You've been extremely helpful.

And Huevoos, I see what you mean. Obscurity is sometimes a good thing. Therefore instead of "Get Lost!" I'm changing it to "Undergoing Scheduled Maintenance..." I think it's a bit more subtle than "GET OUT OF MY SITE, YOU ARE EXTREMELY RUDE!"
Copy linkTweet thisAlerts:
@Super-JonMar 23.2008 — Hey guys.

I've been looking through threads and this is the closest topic I've found which matches my needs.

What I've been trying to create, is a script which will record a user's IP address when they make a failed login attempt, and if they make 3 failed logins in a row, their account is locked out.

I know this is a sucky method for controlling dictionary attacks, because it means that anyone can effectively lock anyone out of the site. But, if I create a page with a "secret question" on, which locked out users are directed to when they successfully login, they have the ability to unlock their own account.

This is how I'm thinking of going about it:

First, there will be a row in the database called "locked", if a user has a value of 0 in the locked field, then they can login. But if it's 1, then they are redirected to question.php. On successfully answering their secret question, they change their value in the locked field back to "0".

For checking the data against the database, I'm going to use a file called checklocked.php, which will be in my includes folder. This is that file:

[code=php]<?php
$q = mysql_query("SELECT * FROM ".TBL_USERS." WHERE username = '$session->username'");
$row = mysql_fetch_array($q);
$locked = $row['locked'];

if ($locked == (1)){
$user = $session->username;

header("Location: question.php");


exit;
}
?>
[/code]
Copy linkTweet thisAlerts:
@ZnupiMar 23.2008 — If you want to play around with some MySQL, you can set up a table called "bans" in which you will store all banned ips. Here's the query to set up the table:
<i>
&gt; </i>USE <span><code>your-database-name-here</code></span>;
<i>&gt; </i>CREATE TABLE <span><code>bans</code></span> (
<span><code>ip</code></span> VARCHAR( 15 ) NOT NULL
) ENGINE = MYISAM;

After that you can insert into that table all the ips you want banned. Then use this in php:
[code=php]
// connect to the db and select your database using mysql_connect() and mysql_select_db()

// Get visitor's IP
$ip = $_SERVER['REMOTE_ADDR'];
// In $check we will have the number of entries in the database with the ip column equal to the users IP.
list($check) = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM bans WHERE ip = '{$ip}'"));
if ($check) {
// IP was found at least once in the table, so the user is banned
die("GET OUT OF MY SITE, YOU ARE EXTREMELY RUDE!");
}
// User is not banned. Show the website :)
[/code]
It's nicer than having to change the script each time a new ban is added ?
Copy linkTweet thisAlerts:
@ZnupiMar 23.2008 — Super-Jon: sorry I posted and didn't see your post.

Here's my idea: when a user attempts to login and provides wrong credentials, increment the field locked (it's more intuitive if you call it something like 'tries' or whatever). Now, if locked is equal to 3, redirect to the question.php page and if the user answers the question, reset it to 0.

You can also tell the user how many tries he's got left like this:
[code=php]
echo "Tries left: " . (3 - $locked);
[/code]
Good luck ?
Copy linkTweet thisAlerts:
@roscorMar 24.2008 — I have a phpbb forum which includes IP's to ban from that i used this site [URL]http://www.stopforumspam.com/[/URL] to assist with potential problem IP's. There are others out there which may be of assistance!

[URL]http://www.sumbit.com/phpbb_spam.htm[/URL]
×

Success!

Help @Warblade spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.27,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...