How to Block IP Addresses with PHP
Posted on July 3, 2007 in Function by Jeff Starr
![[ Image: Skeletor Blocks a Move ]](http://perishablepress.com/press/wp-content/images/2007/misc-chunks/block-senders.gif "'Sorry, but access is NOT allowed - ha ha ha ha ha!'")
Figuratively speaking, hunting down and killing spammers, scrapers, and other online scum remains one of our favorite pursuits. Once we have determined that a particular IP address is worthy of banishment, we generally invoke the magical powers of htaccess to lock the gates. When htaccess is not available, we may summon the versatile functionality of PHP to get the job done.
This method is relatively straightforward. Simply edit, copy and paste the following code example into the top of any PHP for which you wish to block access:
<?php
$deny = array("111.111.111", "222.222.222", "333.333.333");
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
header("location: http://www.google.com/");
exit();
} ?>The code basically creates an array of the IP addresses that you wish to block, and then checks incoming addresses against the array. If the incoming (i.e., remote) address matches against any value in the array, the function will deny access with a redirect header to the specified URL, which in this case is the majestic Google home page. It all happens quickly, quietly, and without any fuss.
Thus, when using this code in your pages, simply replace the “dummy” IP addresses (i.e., "111.111.111", "222.222.222", ...) with those that you wish to block (e.g., "123.456.789", "123.456.*", "123.*", ...). Yes, PHP understands wildcard operators (i.e., *). After editing the array of IP addresses, upload the file to your server and relax. If you would like to verify this method, simply lookup your own IP address, add it to the array, and try loading the target page. That’s all there is to it — “grab, gulp, and go”.
Using this method, you may also wish to create a customized page to which blocked addresses are redirected, perhaps to explain the situation, provide contact information, or display a macro shot of your greasy bum. If you customize, remember to change the redirect URL (i.e., http://www.google.com/) to that of your custom page.
Related articles
- Block Multiple IP Addresses with PHP
- How to Block Proxy Servers via htaccess
- How to Verify the Four Major Search Engines
- Block Spam by Denying Access to No-Referrer Requests
- Over 150 of the Worst Spammers, Scrapers and Crackers from 2007
- HTAccess Privacy for Specific IPs
- Temporary PHP Redirect: Allow Multiple IP Access and Redirect Everyone Else
Many Thanks
we had some problem scrapers that were causing us some bandwidth problems… script did the trick thanks
Glad to help, Scott — thanks for the feedback!
We had a customer site DOS attacked by the old webmaster when he was fired. Being able to ban his IP so easily was a god send.
Great, Kym!
That is good news, indeed ;)
Thank you for the feedback!
The full IP address works with this script, but wildcards don’t seem to catch the addresses.
Trav,
Try using this format instead:
$deny = array("111.111..*..*", "222.222..*..*");i.e, using two dots before each wildcard operator should do the trick..
You can also use something similar to this:
<? $block = "^123\.123\.";if (in_array($_SERVER['REMOTE_ADDR'],$block)) {header("HTTP/1.1 403 Forbidden");exit;} else {echo '<h1>Welcome to the site..</h1>';} ?>..which would block any IP addresses beginning with 123.123. This code should also work without the second escaped dot (
\.) in the first line. The caret (^) indicates the beginning of the string, while the dots are escaped for clarity.Thanks to both of you for those snippets. I kow very little php and have a hard time learning it so I appreciate it.
We use something along these lines to block specifically defined ranges of IP addresses:
$hulkSmash = array ("^123\.(12[3-9]|1[3-9][0-9])\.","^321\.321\.(32[1-9]|3[3-9][0-9])\.");foreach($hulkSmash as $smashed) {if (ereg($smashed, $_SERVER['REMOTE_ADDR'])) {echo "Sorry, but this site is not available..";exit();} else {echo "Welcome to our site, oh special ones..";exit();}}I agree with August that using a caret to denote the beginning of a string is a great approach — prevents false positives, etc.
This PHP code doesn’t work for an array of IP addresses. I tried several times but none of the above techniques work! They only work if you know the complete IP address (i.e.
xxx.yyy.zzz.aaa). Any clue on how to get this thing to work on an entire range? Thanks!i like this web because you can discover how to unblock some web. i want to know What is the code
222.22.222.Ok, I’m new at PHP and this looks cool but what I want to do is allow all our IP’s access and if they don’t match then no access.
We have a lot of them (large gov’t agency).
So I’d want something like all
123.123.*.*123.12.*.*124.13.*.*and then some
123.123.123.*321.123.223.*etc.
to get in ok.
Ideas?
I have found that your code doesn’t work well with wildcards at all. I still use the
in_array()function check because for exact matches it is quicker but if you are blocking a range of IPs with wildcards then you need to use theeregi()function and check each item in your array separately for example:[ Editor’s note: code example gobbled by WordPress ]
JRSofty,
Please repost! Your code example was gobbled up by WordPress.. Either wrap each line in
<code>tags or enclose the whole lot in a<pre>element. We would love to hear your findings regarding this method. :)Simple, and easy to understand, even for ME!! I’ve been getting spammed from lots of people adding ridiculous off-topic comments (usually selling something) on my site… This should help me screen them out!
Thanks for the tip!!
My pleasure! Thanks for the positive feedback ;)
Sorry about that here is what I am using
if(in_array($_SERVER['REMOTE_ADDR'],$bannedIP)) {// this is for exact matchesheader("Location: {$registry['bannedRedirect']}");exit();} else {// this is for wild card matchesforeach($bannedIP as $ip) {if(eregi($ip,$_SERVER['REMOTE_ADDR'])) {header("Location: {$registry['bannedRedirect']}");exit();}}}Thank you for reposting, JRSofty! I will definitely be experimenting with this method and I am quite sure that it will help people who are dealing with wildcards. Thanks again for sharing your technique with us ;)
If you get the warning that you can’t “modify header information” you can solve this by putting
<?php ob_start; ?>at the very top of your page.
Thanks for reminding us of that, Alex — it is definitely helpful! (Note: I repaired the code in your original comment and deleted the corrective follow-up) - Cheers!
Hello,
I block IPs with this php-code:
<?php $ips = array('123.456.7.8','123.456.7.9');if(in_array($_SERVER['REMOTE_ADDR'],$ips)) die( 'Access denied - Zugriff verweigert' ) ; ?>How can I block a full IP-Range with this Script? From 123.45.6.7 to 123.56.8.9?
Hi Fabian,
Check out JRSofty’s comment and use wildcard operators to block the specified IP range. List all specific and/or address blocks in an array and test accordingly. ;)
Cool. Thanks! It works fine.
But how can I build in an e-mail notify or a log-file?
Fabian, I am sure there are many ways to accomplish your scripting goals. I would recommend a good book on PHP or maybe even a Google search..
Thanks for a neat little script. This is the second solution I’ve found on Perishable Press in as many months. Way to go :-)
Excellent, Andy — thanks for the feedback! :)
thanks a lot for this great script
i’ve searched mor then 2 h for one thing like this and finally gotted
THANKS
My pleasure, Nelson — glad to be of service! :)
i’m with a problem…
my IP
62.139.181.17
if i put only
“62.*”,
i still can get inside the page.
How can it works only using 2 or 3 numbers from the first ones of the IP’s adress?
i would like to have something like:
“62.*”,
“63.*”,
“64.*”,
thanks
Hi Nelson, check out JRSofty’s technique for more information on using wildcard operators via PHP.
sorry but i didnt understad the JRSoft
(i’m new at this php language and all this kind of stuff) just starting :)
Nice script. I use a similar php script using $ip = $_SERVER[’REMOTE_ADDR’]; to log the ip addresses of visitors to my site and then output those ip’s, time, and date to a text file. I then have another script that then logs and writes any future attempts from those banned ips to an errordocs directory. So for the nasty ip’s, ranges, domains I really want banned i don’t even fool with any scripts - i just simply use the “brute force” method of an .htaccess file like below. I also make it a point to add the known ranges of most proxies to prevent them from attempting to connect via a web proxy site. You can ban exact ip’s, ranges, isp’s, or just only the lower level domains under an ISP. Just place the .htaccess file on the root of your site with the contents similar to below as below. The aol.com and cox.net were simply graphic examples of the filtering power of an .htaccess file. You can also comment out the errordocs line if you don’t want to redirect them to your own custom page.
order deny,allowErrorDocument 403 /errordocs/403.phpdeny from 123.123.123.123deny from 234.456.deny from aol.comdeny from cox.netExcellent information, stealth. Blocking individual agents, IPs, and domains is a great method for specific cases, but for long-term scalability it is not as practical. I recently posted a series of articles discussing this and other aspects of the blacklist strategy as a viable security method. The series concludes with a “3G” blacklist that targets the most common aspects of attempted exploits and attacks. By focusing on and protecting against potential attack vectors, we avoid insane user-agent and IP blacklists while preventing a vast majority of exploit attempts.
Hello, I’m enjoying your page very much. Please forgive me for being less talented in this area however, in reading one of your posts from the first page, I’m wondering where one type’s such things such as your example here:
“This method is relatively straightforward. Simply edit, copy and paste the following code example into the top of any PHP for which you wish to block access:
Is this done in the command window?
Hi Mike, if I understand you correctly, you are wondering where to place the code that is provided in the article. First of all, this article assumes that you are using PHP to deliver site content. For example, you might have an
index.phpfile that serves as your home page. To implement this technique, you would open theindex.phpfile and paste the code at the very top of the document. Edit the IP address to match the one that you would like to block. Then save the file and upload it to your server. If all goes according to plan, the IP address specified in the code will not be able to access your site.I’m up the creek here. I’ve read everything on this page and somewhat understand (I’m not ditsy but I sure am when it comes to this stuff…lol) I have blogspot and it runs on xhtml…does this code work in that? If not, could you recommend a site that I could use a blog and be able to use this code to block? Or anything to block? I have a stalker and she’s threatening me now…sigh…I’m desperate but have no clue what to do! I’ll be back in hopes of answer :)
I’m willing to change sites but there’s no point if my stalker is just going to hunt me down (btdt) and I’m not tech savvy, have no clue the difference between wildcard and php and htpaccess and xhtml…sigh
Thank you for you patience!
Hi Jen, I understand your frustration; as far as I know, blogspot doesn’t provide access to the “under-the-hood” mechanics of your site. Unfortunately, that leaves you with only the tools they provide, which may prove inefficient for long-term blog operation. For example, you might be able to require registration before anyone can visit your site. If so, there goes 90% of your traffic. Also, it is easy for anyone (stalker or not) to sign up for a fake account and then you’re back where you started, only with much less traffic..
As for switching to a site that provides access to PHP, htaccess, and other powerful tools, I don’t think there any free hosted sites that offer such luxury. There is Blogger, WordPress, Facebook, MySpace, and all of those places, but I am pretty sure that you would be in the same boat as with Blogspot.
Unfortunately, having control over the “behind-the-scenes” functionality of a website generally requires a self-hosted solution: i.e., domain name, web host, installing your own blog platform — the whole bit. This either requires a lot of time learning the ropes or a lot of money to have someone do it for you.
I hope this was useful for you — Good luck! :)
Thank you for filling me in :)
I’m going to close down blogger…sigh…but I found my blogstalkers through statscounter so I can keep a better eye out at a different site. Unfortunately it is quite an undertaking to notify everyone but feel this is the only way. I am lucky in the fact its not my business site which is on its own domain, I guess I will have to do the same with a blog if I want to keep that hobby :)
Thanks again for trying :D
No problem, Jen — I wish there was more I could do.. Let me know if you get setup with your own blog; I have all sorts of lovely tricks up my sleeve for stopping stalkers, spammers, and other scumbags ;)
Regards,
Jeff
LOL
I know you do! I’ve checked out this blog and don’t worry, I’ll be back :)
My blog is presently closed until Friday where my last post will be up confronting my blogstalker and then the blog will be deleted on tues aug 26. It should be interesting, if you wanted to swing by and see a live blog soap opera this weekend then please do so ;)
I would love to watch the action! Do I need an invite to get in?
lol
no invite…it’ll be posted on friday morning and then I’ll set my blog to ‘everyone’. It was set for everyone until my blogstalker stepped over ‘my line’ of patience yesterday…lol…shut it down to think on things. So on friday it’ll be open.
Oh, I am SO there on Friday ;)
http://humbleopinion2.blogspot.com/2008/08/sigh.html
my last post
the soap opera, episode 1 has begun…bwahahaha (thats my evil laugh…I know, it needs work…lol)
for those that use blog spot this could help I had to put it in my wife’s blog do to someone making nasty comments.
http://toolator.com
For the record, I tried toolator and it only worked for a few days. When the blogstalker’s IP changed, I couldn’t get back in to change the IP at toolator. Nor could add any other webpage or anything…so if this happens to her and you find a way around it, let me know, I’ll add it to my new blog
thanks
Jen, you are hilarious! How did everything go with that last post? I am just getting back from a nice vacation and have been away from the computer and out of the loop..
nice…vacation…lol
it was fine, she realized I could track her (to the point my hubby could leave messages on her comp…lol)and knew who she was so she got other people to track my blog for her…then I closed it down and started new…so far so good…just don’t call me jen over at this new one and she’ll never find me…blogland is a small world…lol
Sounds good, Jen. Glad to hear everything is back on track with your new blog. Hopefully your stalker will give up looking for you and move on with her life. Best of luck to you; let me know if I may be of any help in the future. :)
Cheers,
Jeff
Thanks for the well wishes :)
you can stop by and visit my blog any time you want but don’t expect anything too exciting…LOL
Keep me posted on that toolator :)
Hi Jeff, Could you help me out with some code that will block an IP on a Craigslist ad? Please? Someone is deleting my ad every day. I have their IP address, but can’t find a code that will work. Please help if you can. Thanks, David
Hi David, I feel your pain, but unfortunately blocking someone from accessing the Craigslist site requires access to the Craigslist server, unless I am missing something here..
Thanks Jeff. I was ready for that answer. Do you, or does anyone have any neat little tricks that I can add to the html of the ad to get a little pay back?
Unfortunately, all of the fun stuff requires access to the server.. And even then, getting involved with “pay back”-type behavior may be risky, especially if you aren’t really familiar with what you are doing. The person whom you are targeting might be some deadly hacker ninja who could ruin your life. Not worth it, in my opinion.
Hi,
this is a nice code.
Do you know about a free hacker/spammer ip database?
That is the only thing I miss now. ;)
Yes, that would be nice, eh! ;)
Thanks for the post. Do you know how to deny a submission if keywords and .com etc. are in the message field?
P.S.
Here’s a cool link to redirect them to rather than google: http://www.ftc.gov/bcp/conline/edcams/spam/report.html
: )
I am trying to prevent a spam source from leaving comments or pingbacks. Although spam is caught by Akismet it clutters my mind more than anything else. I placed this snippet at the very top of the header.php file with no effect what so ever. Am I supposed to place it after the DTD declaration or HTML or any other part?
Thank you.
Cemal
Hi Cemal, the problem is that comments and pingbacks are processed by a file other than those found in your WordPress theme files. The theme files display information from the database, but they aren’t generally involved in putting it there. Instead, look for a file called
wp-comments.php(or something similar, depending on your particular WP version), and try adding the code to that file. Thewp-comments.phpis the actual file that must be accessed by commentators (or spammers, etc.) to leave comments. Placing the PHP block script at the very beginning of that file should do the trick, although I have not tested it because I prefer to block via htaccess instead.Regards,
Jeff
Jeff, thank you very much for the quick response. I added an htaccess file but it did not have any effect either. It may be because my site is running on Windows IIS platform. I will try your suggestion and let you know.
Thanks agin,
Cemal
Well, I placed the code snippet into three files:
wp-blog-header.php
wp-comments-post.php
wp-trackback.php
The first one seemed to be the header for all the files, so there it went. The other two by virtue of their names received the same treatment. The code snippet I inserted is below (I hope it does not get gobbled up):
After this, the code that was there starts, again with <?php and so on.
The spammers are still able to post, not visible but they are not blocked. What am I doing wrong? Am I supposed to take the part that begins with $deny and ends with exit(); and place it inside the original code? I know as much about php as I know how to jump over tall buildings!
If this is too much, I certainly can keep deleting the posts. I don’t mean to be bugging you.
Thanks,
Cemal
@Cemal: If the goal is to prevent spam from reaching your post comments, there may be no need to fiddle around with PHP, htaccess, and other intrusive methods of protection. Fortunately, there are several excellent WordPress plugins that do an excellent job preventing and eliminating comment spam, among which are Akismet, Bad Behavior, and Spam Karma. Check these out and see if any suit your needs; if not, try searching for alternates on Google — there should be several.
Regards,
Jeff
Hi I want to write a script to block some ip address on my
index.phpi have tried the script above.
it only block when i type
domain.comas my urlbut it will not block when i type in
www.domain.comanyone know why? and how can i rewrite the script to block
www.domain.comtoo?here is the script i used:
$deny = array("11.111.1.1");if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {echo " exit please";exit();@kristy: this sounds like a canonicalization issue. Your best bet is to get all URL requests resolving to either
wwwor non-wwwversions of your pages. This should not only remedy the IP-blocking script, but also improve the overall SEO-quality of your site as well.I have a huge problem i have blocked like 40 ip addresses, always who is spamming to my website, is changing ip address, how i make him stop, soon ill go his home and rip his computer out of the wall and throw it out of the window
Greetings from finland, ITS FREEZING HERE
@Tomi Teirikangas: I feel your pain! Unfortunately, if someone wants to spam your site bad enough, there is really no way of stopping them from doing so. You can target different aspects of the spam attacks, however. For example, instead of blocking via IP, you may check to see if he using the same user agent and then block that instead (or in addition to). Likewise, if he is always spamming you using the same keywords or phrases, you could use some regex magic and block them as well. It really all depends on your setup and the nature of the attacks. I recently went into great depth explaining several strategies for preventing spam and malicious activity; you can read through the articles that are summarized here for more information on this topic.
You could also physically destroy his machine, but it sounds like you might prefer to stay indoors where it’s warm ;)
HAAA i god it i make him stop like you Jeff said, got an idea form this sentence “if he is always spamming you using the same keywords or phrases”, now i have blocked 3 links what he pasted to my site, no there hasn’t been any spams, last night was clean :D thanks for all help Jeff.
PHP <3
hey jeff,
so where should i start? do you have any link that can show me how to solve the canonicalization issue ?
thanks,
Hi kristy, here is an article I wrote on Universal www-Canonicalization via htaccess. It has everything you need to resolve essential canonicalization issues for your site.
Jeff,
I am 70 years old and not very computer savvy. I want to thank you for the list of IPs to block when they come up. I was never quite sure when they mention they are trying to connect with remote IP #…..so, I always select “block” to be safe. Thank you for your help and I will keep your site in my “favorites” for reference and to learn.
Sandy
@Sandy: Thank you for the positive feedback — it is my great pleasure to provide assistance to the community! Cheers! :)
Thanks Jeff.. I never knew its so simple to kick spammers :)
I have a feedback form on my website that has been getting hit by spammers. I never understood why they would target a feedback form, but now after reading this thread it makes sense that they are probably just running a script that looks for anything that might possibly publish the spam onto the website and do not recognize the difference between a feedback form and a blog comment form.
I started trying to log ip addresses using some code from above. It works well on all the legitimate messages that I’ve gotten so far, however I am not getting any IP address from the last two pieces of spam that came through. That’s easy enough to block by just blocking anything with an empty IP address. But I don’t want to miss any legitimate messages coming through our feedback form, so I’m not sure if there are legitimate circumstances when the above code would not be able to pull an IP address or would that only happen if someone is intentionally blocking the IP address? How might they be doing this?
BTW great site, thanks!
Dave
Whoops - I found the problem with not getting IP addresses on the incoming spam. I had the IP logging code on the feedback form and posted it to the actual submit page. So the spammers are apparently bypassing my form and just directly passing the data to my submit page. Anyhow the fact that they skip the form should be a pretty good way to identify the spam from the legit messages.
Dave
@Dave: Absolutely. To prevent this from happening on WordPress-powered sites, we simply use a little HTAccess to block all no-referrer requests. Perhaps something like this will work in your situation as well. Thanks for posting the follow-up comment, btw!
Cheers, Jeff
I have an IP I wish to block, but the IP is 220.255.7.177. But the three last numbers change quite frequently. Where should I place the wildcard operator? (Following your code)
Hello, very nice website, but can you tell me one thing ?
I want a script through which we can trace ip in a file.html or something ???
@Ayumi: The script in the article has been found not to work well with wildcard operators. This was discussed in the comment thread beginning at around comment #13 by JRSofty. A little further down the thread, JRSofty provides a way to loop through the IP addresses that is better accommodating of wildcard operators.
@Sms India: I’m not sure about that.. you may want to try searching on Google for more information.
In keeping track of who lands on my site(other than googlebots and crawlers) I test the IP’s at the website http://www.stopforumspam.com first and if they show up as spammers they are entered into a database.
As they show up on my site again I dont bother to send them anywheres else or redirect them, I simply check their IP against my spammer database then if positive I display a “nice note” showing their IP and then have the script die. The script runs at the top of all my pages as part of the template so no matter where they go they are blocked
All they ever see of my site is the nice note I leave them. Of course I dont have a high traffic site so its no problem to keep them under review.
I have thought of redirecting them back to their own IP. Wonder how that would work.
@Brad: Very interesting approach, and definitely good grist for the mill. I would be concerned about performance on high-volume sites, but many targeted sites receive relatively low amounts of traffic.
Also, thanks for the link to stopforumspam.com — another useful tool in the ongoing war on spam. Cheers.
Hi, The script for some reason didn’t work :(
Would you be able to help ?
Thanks,
Chris :-)
Hi yall,
I know the topic it’s kinda old but after reading the comments above, I decided to put it all together within a usable function:
// First create a text file and add some dummy IPs
[test.txt]
�]u�]u�m��}��}��}�// Then copy and paste the following function into a php file:
(change the $list var to your list address)
(change the header() method to whatever you want)
[block_ip.php]// Usage:
�w%�כ��$��a��^rD�r��Hope it helps =)
wow, wordpress just eat the entire code.
I post it on my blog too: http://www.phpseeker.org/viewtopic.php?f=7&t=1387
Awesome. It worked. Thank you very much. I posted a link to your site on Elgg.org
Ok I know absolutely nothing about html or code writing, but I need to block a handful of IP addresses that have been harassing me. I’ve been tracking their activity on my site using StatCounter. I tried using Toolator.com but they only let me block 3 addresses for free. Is there anything I can paste into my template html code that will ban these addresses?
Hi,
I need code that will block every IP address, then allow me to add just a few that are allowed. I have been looking on Google for hours, and can’t find what I’m looking for. I can’t access the directory, so .htaccess is out, but I can cut/paste PHP code.
Is this possible?
Thank you in advance.
Leslie
@Leslie
Check out Taniguchi’s post. You can add the IP’s you wnat to block on the list using wild cards. But if you want to allow JUST a few IPs, it’s simple. Create a method to validate the IP you want to allow. Ex.: (note that the sample below returns TRUE is IP is allowed and FALSE if not.). To use just call:
Hope it helps
Sorry to double post but the code its just gone….
### USAGEif(allowedIP()) {// do something for allowed IP} else {// do something else}function allowedIP() {$accessIP[] = '127.0.0.1' ; // the ip you want to allow$accessIP[] = '127.0.0.2' ;$userIP = $_SERVER['REMOTE_ADDRESS'];$trackReturn = false;for($i=0; $i < count($accessIP); $i++) {if($accessIP[$i] == $userIP) {$trackReturn = true;}}return $trackReturn;}I actually tried the temporary re-direct instead, as that seemed to be a solution I could implement, but it didn’t work. It must be the program I’m using to do my webpage. I’m anything but saavy when it comes to this stuff. I use SiteBuilder, from Homestead, and that must be my problem. =(
if you need any further help with that, call me on skype@isynapps. I have no experience with site builder but I can code….a little :)
I do still need a solution, but I hate to take up your time this way. You’re very generous. If you are up for it, what I need is something that, when a person clicks a link to visit a restricted page, if their IP address is not on the approved list, they are re-directed to another page. SiteBuilder will allow an html string to be pasted into the page, but not PHP, nor .htaccess. I can’t get to the actual directory where I would put these files. If this is possible with html code, and you’re up for it, I’ll call. Thank you again for your generosity. I’m grateful.
I got a couple of questions so I can better figure your problem:
Are you talking about Yahoo SiteBuilder?
what is the filename? [.html, .htm, .php]?
are you allowed to use PHP at all?
Just to let you know, you can’t perform server-side interaction with just html. If you’re not allowed to code PHP, it will be a little hard to get it done. An alternative is deploying a flex based app to validate the user for you. because flex frameworks runs as stand-alone within flash player, you could easily validate any type of info or even query database within html enviroment.
Answers to questions:
It’s SiteBuilder through Homestead (well, it’s now Intuit, but it used to be Homestead).
Not sure what you mean by ‘file’ name. I am allowed to insert html code through a ‘feature’ in SiteBuilder. I choose the feature, and insert the code. It then puts it in the page.
I’m not sure about the use of PHP. It appears I have to open a directory to insert it, and ‘call’ it, but I’m unable to find these directories.
I’m sure none of this is helpful. I’m sorry. I don’t really understand much of this, though I am doing a pretty fair job with the SiteBuilder app.
by file name I mean index.html or index.php.
I did some research about SiteBuilder. I found out that you can’t really use PHP on your pages. They use modules and alot of JS. You can use Javascript though.
LOL…I don’t know to use that, either! Sigh…web page work is not for the technically challenged! Where might I find some information about Javascript to do what I need, if you don’t mind my asking?
sorry admin for flooding the topic … :D
I’ll get you the code, gimme 5 min…
…and if you can solve my problem with your code, where might I send a donation to you for your time? I can’t take all this help without providing you some compensation.
hey leslie,
you mentioned that you want to block all IP allowing just certain IPs to have access to your content. I mentioned Javascript and while I was writting a piece of code for you, I just remembered that JS must “load” the entire page BEFORE it executes. This means that, even if the code works, one could easily ‘hack’ the content of your page by turn javascript off on the browser settings… in other words, this is not the solutions.
Unless you are able to upload files to the server root and use a server-side script like PHP, ASP or CF, blocking IP will be not possible.
check out the SiteBuilder administrator’s page for modules that offers the same functionality. I built the iPurikura.com web site that provides free sites with no add for free. It also allows you to set access keys, like logins. maybe that would serve your purposes better.
about donation, don’t worry about that :D Human knowledge belongs to the world!
Thanks, Jay. I appreciate your time very much! Where did you find the SiteBuilder Admin page?
Here is the tutorials of what you can do at SiteBuilder:
http://www.homesteadconnection.com/Tutorials.html
here is the homepage
http://www.homestead.com/
sorry I could help more!
It appears I actually *can* get to the root directory, so that changes things for me, doesn’t it? Perhaps I can use some of the PHP code?
I checked the documentation and indeed you can upload files but the files you can upload are unrelated to scripts. gimme some more time to check the documentation.
I went through the whole documentation. On the topic How to View Files in File Manager, states that you can upload media type files which means that you can’t use server side. even if you upload the script, it won’t run.
SiteBuilder has its pre-set modules that can be added into your site project. You can’t go any further than that. If you really need to deploy a solution that requires database or authentication, you will have to look for a server and manage your own files (which I recommend if you’re doing a business site).
I’m sorry for not been helpful but SiteBuilder won’t allow you to do much.
Oh my goodness, Jay, I can’t thank you enough for answering these questions for me. Thank you very much for your time, and your knowledge. I’m grateful. =) Have a great day!
Jay,
Is it possible to slay my dragon by putting the sensitive information on a page, on a server, other than Homestead, that will allow PHP or .htaccess, and just point to that page from the Homestead lead-in page? If the IP address isn’t on my allowed list, the re-direct would go back to the Homestead page? I only need to protect one page, not the entire site.
Does that make sense?
If so, can you recommend a novice friendly service? I chose Homestead for a reason, intially…they might be basic, but it’s easy if you are a novice.
Thanks in advance.
Leslie
Leslie,
it is but the problem lies on how would you pass data to another server without lacking security. That would not help you at all. Your homestead would still be open to anyone who knows the url to the page because there is no way you can validate the visitor at the main page.
I do understand that Homestead might be friendly to newbies but, if you’re thinking about getting serious, you should step forwards into the wonders of coding :D
Still, almost all host services provides a Homestead “like” service based on templates. All you have to do it’s get a domain and host services which cost less than $100 bucks (year). Take a look on this page: http://www.simplescripts.com/ for the most common solutions for personal and small business web sites. It’s just one click install.
I’ll try to contact Homestead support tomorrow to find out a possible solution - if any - I’ll get back to you later.
Thanks, Jay.
THANK YOU FOR THE CODE!
I got some problems with spam from a specific IP. You helpt me a lot!
Thanx again!