Created
December 22, 2018 10:29
-
-
Save researcx/4ca1b1b0dcbb720ef824cc5ee41d2716 to your computer and use it in GitHub Desktop.
dnsbl style blocking script (2016)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function CheckIfSpambot($emailAddress, $ipAddress, $userName, $debug = false) | |
| { | |
| $spambot = false; | |
| $errorDetected = false; | |
| if ($emailAddress != "") | |
| { | |
| $xml_string = file_get_contents("http://www.stopforumspam.com/api?email=" . urlencode($emailAddress)); | |
| $xml = new SimpleXMLElement($xml_string); | |
| if ($xml->appears == "yes") // Was the result was registered | |
| { | |
| $spambot = true; // Check failed. Result indicates dangerous. | |
| } | |
| elseif ($xml->appears == "no") // Check passed. Result returned safe. | |
| { | |
| $spambot = false; // Check passed. Result returned safe. | |
| } | |
| else | |
| { | |
| $errorDetected = true; // Test returned neither positive or negative result. Service might be down? | |
| } | |
| } | |
| // ------------- | |
| // Check IP Address | |
| // ------------- | |
| if ($spambot != true && $ipAddress != "") | |
| { | |
| $xml_string = file_get_contents("http://www.stopforumspam.com/api?ip=" . urlencode($ipAddress)); | |
| $xml = new SimpleXMLElement($xml_string); | |
| if ($xml->appears == "yes") // Was the result was registered | |
| { | |
| $spambot = true; // Check failed. Result indicates dangerous. | |
| } | |
| elseif ($xml->appears == "no") // Check passed. Result returned safe. | |
| { | |
| $spambot = false; // Check passed. Result returned safe. | |
| } | |
| else | |
| { | |
| $errorDetected = true; // Test returned neither positive or negative result. Service might be down? | |
| } | |
| } | |
| // ------------- | |
| // Check Username | |
| // ------------- | |
| if ($spambot != true && $userName != "") | |
| { | |
| $xml_string = file_get_contents("http://www.stopforumspam.com/api?username=" . urlencode($userName)); | |
| $xml = new SimpleXMLElement($xml_string); | |
| if ($xml->appears == "yes") // Was the result was registered | |
| { | |
| $spambot = true; // Check failed. Result indicates dangerous. | |
| } | |
| elseif ($xml->appears == "no") // Check passed. Result returned safe. | |
| { | |
| $spambot = false; // Check passed. Result returned safe. | |
| } | |
| else | |
| { | |
| $errorDetected = true; // Test returned neither positive or negative result. Service might be down? | |
| } | |
| } | |
| // To debug function, call it with the debug flag as true and instead the function will return whether or not an error was detected, rather than the test result. | |
| if ($debug == true) | |
| { | |
| return $errorDetected; // If enabled, return whether or not an error was detected | |
| } | |
| else | |
| { | |
| return $spambot; // Return test results as either true/false or 1/0 | |
| } | |
| } | |
| function ReverseIPOctets($inputip){ | |
| $ipoc = explode(".",$inputip); | |
| return $ipoc[3].".".$ipoc[2].".".$ipoc[1].".".$ipoc[0]; | |
| } | |
| function IsTorExitPoint($ip){ | |
| if (gethostbyname(ReverseIPOctets($ip).".".$_SERVER['SERVER_PORT'].".".ReverseIPOctets($_SERVER['SERVER_ADDR']).".ip-port.exitlist.torproject.org")=="127.0.0.2") { | |
| return true; | |
| } else { | |
| return false; | |
| } | |
| } | |
| function checkbl($ip){ | |
| $blacklisted = 0; | |
| $whitelist = array(''); //ips of users who you wish to whitelist regardless of conditions below | |
| $blacklist = array(''); //bad ips go here | |
| $range_blacklist = array(''); //ip ranges go here e.g. 84.72.0.0 | |
| $city_blacklist = array(''); //cities go here | |
| $region_blacklist = array(''); //regions go here | |
| $geoip = geoip_record_by_name($ip); | |
| $mask=ip2long("255.255.255.0"); | |
| $remote=ip2long($ip); | |
| //check for tor | |
| if (IsTorExitPoint($ip)) { | |
| $blacklisted = 1; | |
| } | |
| //check stopforumspam if ip is malicious | |
| if (CheckIfSpambot('', $ip, '')){ | |
| $blacklisted = 1; | |
| } | |
| //check if ip is in range_blacklist | |
| foreach($range_blacklist as $single_range){ | |
| if (($remote & $mask)==ip2long($single_range)) | |
| { | |
| $blacklisted = 1; | |
| } | |
| } | |
| //check if geoip city is blacklisted | |
| foreach($city_blacklist as $city){ | |
| if ($geoip['city'] == $city) | |
| { | |
| $blacklisted = 1; | |
| } | |
| } | |
| //check if geoip region is blacklisted | |
| foreach($region_blacklist as $region){ | |
| if ($geoip['region'] == $region) | |
| { | |
| $blacklisted = 1; | |
| } | |
| } | |
| //check if ip is in the blacklist | |
| if (in_array($ip, $blacklist)) { | |
| $blacklisted = 1; | |
| } | |
| //do stuff (returns 1 for blacklisted and 0 for safe) | |
| if($blacklisted && !in_array($ip, $whitelist)){ | |
| return 1; | |
| }else{ | |
| return 0; | |
| } | |
| } | |
| if(isset($_REQUEST['ip'])){ | |
| echo checkbl($_REQUEST['ip']); | |
| }else{ | |
| echo checkbl($_SERVER['REMOTE_ADDR']); | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment