If you would like to redirect browsers based on their IP the following method can be used to handle multiple IP’s.  You can choose to redirect entire networks or a single ip.

<?php
//array of ip's you wish to block.  Note that you can block an 
//entire class by replacing it with 0, so to block a class c 
//(254 computers) use something like 123.123.123.0
$blockIP = array('123.123.123.0','100.100.100.101');
 
$remote = explode('.',$_SERVER['REMOTE_ADDR']);
foreach($blockIP as $ip) {
  $goodIP = false;
	for($i=0;$i<4;$i++) {
    $ipSeg = explode('.',$ip);
    if($remote[$i] == $ipSeg[$i] || $ipSeg[$i] == '0') {
      //segment qualifies
      $goodIP = true;
    } else {
      //ip no good so move to the next
      $goodIP = false;
      continue 2; 
    }
  }
  if($goodIP) {
    //ip passes so no need to check the rest
    $blockThisIP = $ip;
    break;			
  }
 
}
//for convenience test $blockThisIP and process here
//replace www.crayola.com with the place you wish to 
//send ip's too
if($blockThisIP) {
  //php header method - can only use this if the page 
  //has not begin to display in the browser
  header('Location: http://www.crayola.com');
 
  //javascript redirection - use this method if browser has 
  //begun to display page
  echo "<script type=\"text/javascript\">
  window.location = \"http://www.crayola.com\";</script>";
}
?>

Most of our hosting servers run Centos Linux but we have Windows servers too and a problem common to both is the occasional high volume of traffic generated by non organic growth.  I don’t mean that someones blog hits the front page of digg, rather a malicious or DDOS attack against a website.  On shared hosting this will effect all sites on the server.  There are bandwidth control tools for both operating systems but they all come at a price to CPU or wallet or both.  I have tried all I could find and none of them have been effective.

Some datacenters offer solutions which usually require traffic being filtered before it reaches your server.  This has obvious advantages but comes with one major drawback and that is you have lost control of your network and are relying on unknown parameters setup by your datacenter, and this can result in false positives which may include potential business for your customers

Liquidweb are the only datacenter I have used to date that rely on monitoring service to alert them of a problem plus a human to decide the appropriate reaction.  As they will notify you of changes made or any IP’s blocked you can recover the situation if they block access incorrectly.  This is as close to remaining in control and could be enough for your needs.

Another way is to utilise services built-in to the operating system.  In the attached autoban.zip file I have prepared bash and php files which placed into a cron monitors connections by count and rejects those who try to open too many.  You can also ban countries from accessing your website too.  Parameters allow you to choose how long the ban should be for and you can set levels so that should someone repeatedly be trying to attack the server their ban can be extended.  I find a 1 hour ban followed by a 3 hour, then 6 hour and then a 31 day ban completely eradicates Denial of Service Attacks.

autoban

You will need root access to the server, see readme.txt for instructions.

On more than one occasion these characters  have turned up just when everything else seems fine.  Known as a “BOM” or Byte Order Mark they can be extremely annoying.

What is  ???

 is often seen at the top left corner of a web page.  When you open the source file and compare that to the output source you will not find , so what causes  to appear in your file?

The reason is your editor has saved the file as UTF-8.  With the ever increasing complexity of character encoding some editors ignore your settings and update your configuration to use UTF-8. Even if you have been using ASCII without any trouble since 1982!

The Fix

Change the character encoding of your page.  With most editors all you need to do is select properties and then choose ASCII then save the file.

Changing the meta tag alone is not enough, with extended attributes on files now no one can be sure where a browser or whatever reader your using will use to determine how to display it.

To remove stuff such as punction and spaces (or anything you want) from a text box before sending to the server for validation you can use code like this, first the HTML:-

<input 
name="name" 
onblur="this.value = entrycheck(this.value);" 
type="text" 
size="20">

And then the following Javascript will remove invalid characters when the user moves to another field:-

<script type="text/javascript">
function namecheck(theInput) {
  var valid = 'abcdefghijklmnopqrstuvwxyz1234567890';
  var test ='';
  var ret ='';
  for(i=0;i<theInput.length;i++) {
    test = theInput.substr(i,1);
    if(valid.indexOf(test.toLowerCase()) != -1) {
      ret = ret + test;
    }
  }
  return ret;
}
</script>

In this example I just want digits and characters. If you want to add certain punctuation such as stops and commas just add them to the valid variable.

It wasn’t long before I needed to expand upon banning a few IP’s. I needed to be able to ban whole networks so here’s the Q&D solution:-

First create a text file called ipsec.txt and enter some IP’s you wish to ban, to ban a network just leave off the end of the IP class number, for example:-

10.20.30.40
10.50

In the above example the first is a specific IP that you wish to ban, the second will ban all IP addresses that start 10.50 (for example 10.50.20.1 and 10.50.100.1 will both be banned). Enter as many as you like, one per line.

Now create or edit your global.asa file and add the following code to the session_onstart sub procedure:

sub session_onstart
  remote_ip = request.servervariables("Remote_Addr")
  ipsec     = server.mappath("/ipsec.txt")
  ips       = getFileContents(ipsec)
  ips       = split(ips,vbcrlf)
 
  for each ip in ips
    if len(trim(ip)) > 0 then
      ip_parts        = split(ip,".")
      remote_ip_parts = split(remote_ip,".")
      found = true
      for x = 0 to ubound(ip_parts)
        if ip_parts(x) <> remote_ip_parts(x) then
          found = false
          exit for
        end if
      next
      If found then
        response.redirect "/redir.html?ip=" & remote_ip
      end if
    end if
  Next
end sub

Replace /redir.html with a file or location you want to redirect banned ip’s too.

As this code runs in the session_onstart section of the global.asa it will be run only once for each visitor, this means that during the session they could return and this code would be bypased. If that is a concern modify the code to be a common function and place it strategically, perhaps in a common file called throughout the website.