i am getting automated request from some ips i have blocked the ip now its coming from some other ip..is it possible to detect the automated request ...and block the ip programtically
thanks..
+2
A:
Try to block the IP subnet. Also, you can use CAPTCHA to prevent automated requests.
B7ackAnge7z
2010-03-21 05:53:47
But this would hit fair users too...
Col. Shrapnel
2010-03-21 06:13:08
It's right. That's why I mentioned about CAPTCHA. And, don't forget, that sometimes blocking a subnet, is a good way to protect other users.
B7ackAnge7z
2010-03-21 06:25:06
it's captcha what would hit not only same subnet users but every user of the site.
Col. Shrapnel
2010-03-21 07:11:35
I gave only the idea, and the author of the post must think how to act on. About CAPTCHA, — if same IP makes too many or similar requests, use it... And, there is no universal answer!
B7ackAnge7z
2010-03-21 11:15:36
A:
While I think its better to handle this using a firewall, you could insert time in the execution of the script using sleep(). Amounts less than 100ms won't make a difference to your users, but can seriously reduce the effectiveness of automated attacks. Again, I would attack it using appropriate firewall rules, but this can be an effective hack in the mean time.
Eric Cope
2010-03-21 06:00:35
A:
One thing you can do is to track the IPs of your last X visitors (100/1000/10K, etc) and include timestamps. If there are too many actions within a given time frame, you can disable or discontinue functionality of your pages.
To do this all...
1) You'll need a php file included in every page of your side that performs the check to see if the requester IP is not "banned". Simply build your criteria and have it pull info from the database. If they are to be "blocked" or "banned", just use header() (or similar) to deny access. http://php.net/manual/en/function.header.php
2) To capture the IP, you will need to use $_SERVER['REMOTE_ADDR'] to obtain the IP address of the current client.
Alex
2010-03-21 07:21:35