Version: 4.01

Type: Full Script

Category: HTTP

License: GNU General Public License

Description: If you put this script at the top of your pages, you can deny the configured IP from viewing your pages. It has an option to notify you by email if there is a request from the configured IP.



Class definition of the improved Simple IP Deny v3.0
 by s.v.sudharshan - svsudhir@lycos.com
 minor fixes by mikkoeerola@hotmail.com (see revision notes below for changes)
 
The implementation has been modified and raised to the level Class for
easy inclusion in documents.

See the ipdeny.inc below for the actual code.

Here are the attributes of the class.

-------------------------------------------
attribute		      type
-------------------------------------------
$classname	              string
$denyList		      string
$notify			      numeric
$respond		      numeric
$denyMsg		      string
$emailaddress                 string
$remote_ip                    string
$docroot                      string
$denied		              numeric

functions
------------------------------------------
send_email
probe
------------------------------------------


$classname (String)
----------
This is the name of the class which is IP_Deny
 
$denyList (String)
---------
This will deny the IPs from accessing your page.
 
$denyList examples:
Set $denied_ip to the IP or IP subnet to whom you want to deny from seeing your pages
$denyList = "200.12.123.45"   	--- will deny only this IP
$denyList = "200.12.123"   	--- will deny all IPs which start with 200.12.123
$denyList = "200.12"	   		--- will deny all IPs which start with 200.12
$denyList = "200.12.123.45,200.12.123,46" --- will deny access to the two machines
$denyList default value = "";
 

$notify (numeric)
-------
This is for sending notification email to administrator
 
0 = no notification
1 = send email notification (default value)
 
$respond (numeric)
--------
This is for displaying a fake page with some response instead of the actual page.
 
0 = no response to the requesting IP
1 = display a response (default value)
 
$denyMsg (String)
--------
The message user will see when access is denied
 
$denyMsg default value is "Server fail";
 
$emailaddress (string)
-------------
email address of the administrator. Default value retrieved from
getenv("SERVER_ADMIN")

$remote_ip (string)
----------
ip of the remote machine. Default value retrieved from
getenv("REMOTE_ADDR");

$docroot (string)
--------
document root of the server. Default value retrieved from
getenv("SERVER_NAME");

$denied (numeric)
-------
This is set to 1 or 0 indicating denied or not denied.

$denied default value = 0;


ipdeny.inc starts here
----------------------

<?php
     # ip deny class
     # author S.V.Sudharshan. 01/04/2001
     # improved from Simple IP Deny v 3.0 (previous by Robbo)
     # see revision notes below for changes.

     # ***REVISION 4.01***
     # This code was revised by mikkoeerola@hotmail.com 08/27/2001
     # Revision Changes:
     # 1. If denyList is empty, ip check will be skipped
     # 2. Fixed errortime reporting, earlier version displayed hours and minutes
     #    with only 1 digit, eg. 2:3 (14:03). Got rid of unnecessary errortime code
     #    and used date() function instead.

class IP_Deny {
  var $classname = "IP_Deny";
  var $denyList = ""; 
  var $notify = 1;
  var $respond = 1;
  var $denyMsg = "Server fail";
  var $emailaddress = getenv("SERVER_ADMIN");
  var $remote_ip = getenv("REMOTE_ADDR");
  var $docroot = getenv("SERVER_NAME");
  var $denied = 0;

  function send_email(){
   # Request access to the global variables we need
   global $REQUEST_URI;

   # Build the $errortime variable to contain the date/time of the error.
   $errortime = date("D M j Y G:i:s T"); 

   # Create email subject and propaganda =) for the notify email
   $email_subject = "Access attempt from $this->remote_ip";

   # Create the body of the email message
   $message = "IP $this->remote_ip tried to access $this->docroot$REQUEST_URI on your server on $errortime.\n\n";

   # Send the mail message. This assumes mail() will work on your system!
   mail("$this->emailaddress", $email_subject, $message, "From: $this->emailaddress");
   return;
  }
  # send_email function end.
  
  function probe(){
      # if the denied IP == remote IP
      if ($this->denyList != "") {

      if(ereg("^($this->denyList)",$this->remote_ip)){
        $this->denied = 1;
		
        if ($this->notify == 1 ) $this->send_email();
        if ($this->respond == 1) {
          echo '
          <html>
          <head>
          <title></title>
          <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
          </head>
          <body>
          <!-- Error --> 
		  <font name="Arial">';
          echo $this->denyMsg; 
          echo '</font>
		  </body>
          </html>';
        }
      }
    }
  }
  # probe function end.
}
# class definition end.
?>



ipexample.php3 starts here
--------------------------

<?php
 # sample code explaining usage of IP_Deny class to
 # deny HTML access to current page
 # s.v.sudharshan 04/01/2001 - svsudhir@lycos.com
 #
 
 include("ipdeny.inc");
 $currentPage = new IP_Deny;
 $currentPage->denyList = "192.168.1.98";
 $currentPage->notify = 1;
 $currentPage->denyMsg = "The server is not responding";
 $currentPage->probe();

 if ($currentPage->denied){
  exit;
 }
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
	<title>IP Deny</title>
	<meta name="Author" content="S.V.Sudharshan">
</head>
<body>
	  Your content for permitted IPs will go here.
</body>
</html>