Skip to content

Instantly share code, notes, and snippets.

@researcx
Created December 22, 2018 10:29
Show Gist options
  • Save researcx/4ca1b1b0dcbb720ef824cc5ee41d2716 to your computer and use it in GitHub Desktop.
Save researcx/4ca1b1b0dcbb720ef824cc5ee41d2716 to your computer and use it in GitHub Desktop.
dnsbl style blocking script (2016)
<?php
function CheckIfSpambot($emailAddress, $ipAddress, $userName, $debug = false)
{
$spambot = false;
$errorDetected = false;
if ($emailAddress != "")
{
$xml_string = file_get_contents("http://www.stopforumspam.com/api?email=" . urlencode($emailAddress));
$xml = new SimpleXMLElement($xml_string);
if ($xml->appears == "yes") // Was the result was registered
{
$spambot = true; // Check failed. Result indicates dangerous.
}
elseif ($xml->appears == "no") // Check passed. Result returned safe.
{
$spambot = false; // Check passed. Result returned safe.
}
else
{
$errorDetected = true; // Test returned neither positive or negative result. Service might be down?
}
}
// -------------
// Check IP Address
// -------------
if ($spambot != true && $ipAddress != "")
{
$xml_string = file_get_contents("http://www.stopforumspam.com/api?ip=" . urlencode($ipAddress));
$xml = new SimpleXMLElement($xml_string);
if ($xml->appears == "yes") // Was the result was registered
{
$spambot = true; // Check failed. Result indicates dangerous.
}
elseif ($xml->appears == "no") // Check passed. Result returned safe.
{
$spambot = false; // Check passed. Result returned safe.
}
else
{
$errorDetected = true; // Test returned neither positive or negative result. Service might be down?
}
}
// -------------
// Check Username
// -------------
if ($spambot != true && $userName != "")
{
$xml_string = file_get_contents("http://www.stopforumspam.com/api?username=" . urlencode($userName));
$xml = new SimpleXMLElement($xml_string);
if ($xml->appears == "yes") // Was the result was registered
{
$spambot = true; // Check failed. Result indicates dangerous.
}
elseif ($xml->appears == "no") // Check passed. Result returned safe.
{
$spambot = false; // Check passed. Result returned safe.
}
else
{
$errorDetected = true; // Test returned neither positive or negative result. Service might be down?
}
}
// To debug function, call it with the debug flag as true and instead the function will return whether or not an error was detected, rather than the test result.
if ($debug == true)
{
return $errorDetected; // If enabled, return whether or not an error was detected
}
else
{
return $spambot; // Return test results as either true/false or 1/0
}
}
function ReverseIPOctets($inputip){
$ipoc = explode(".",$inputip);
return $ipoc[3].".".$ipoc[2].".".$ipoc[1].".".$ipoc[0];
}
function IsTorExitPoint($ip){
if (gethostbyname(ReverseIPOctets($ip).".".$_SERVER['SERVER_PORT'].".".ReverseIPOctets($_SERVER['SERVER_ADDR']).".ip-port.exitlist.torproject.org")=="127.0.0.2") {
return true;
} else {
return false;
}
}
function checkbl($ip){
$blacklisted = 0;
$whitelist = array(''); //ips of users who you wish to whitelist regardless of conditions below
$blacklist = array(''); //bad ips go here
$range_blacklist = array(''); //ip ranges go here e.g. 84.72.0.0
$city_blacklist = array(''); //cities go here
$region_blacklist = array(''); //regions go here
$geoip = geoip_record_by_name($ip);
$mask=ip2long("255.255.255.0");
$remote=ip2long($ip);
//check for tor
if (IsTorExitPoint($ip)) {
$blacklisted = 1;
}
//check stopforumspam if ip is malicious
if (CheckIfSpambot('', $ip, '')){
$blacklisted = 1;
}
//check if ip is in range_blacklist
foreach($range_blacklist as $single_range){
if (($remote & $mask)==ip2long($single_range))
{
$blacklisted = 1;
}
}
//check if geoip city is blacklisted
foreach($city_blacklist as $city){
if ($geoip['city'] == $city)
{
$blacklisted = 1;
}
}
//check if geoip region is blacklisted
foreach($region_blacklist as $region){
if ($geoip['region'] == $region)
{
$blacklisted = 1;
}
}
//check if ip is in the blacklist
if (in_array($ip, $blacklist)) {
$blacklisted = 1;
}
//do stuff (returns 1 for blacklisted and 0 for safe)
if($blacklisted && !in_array($ip, $whitelist)){
return 1;
}else{
return 0;
}
}
if(isset($_REQUEST['ip'])){
echo checkbl($_REQUEST['ip']);
}else{
echo checkbl($_SERVER['REMOTE_ADDR']);
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment