IP Ban in PHP isnt working

yeah that is another way.

I think that would be your best option, is your project entirely in PHP?

Wouldn’t that also be express-php?

Yep, if you want to use express then you would use express-php

So there happens to be a server.js file code directly for that.

Yep, just follow the instructions in the readme and add the line to server.js

I thought you could use PHP by adding this to glitch.json
{ "install": "echo 'We Are Ready!'", "start": "php -S 0.0.0.0:3000 -t ." }

1 Like

You need to retrieve the user’s IP from the X-Forwarded-For header.

3 Likes

Yes. @RiversideRocks and @charliea21 reply is correct.
I use PHP a lot on Glitch. I can explain this in detail.

To make PHP work with Glitch, just include it in glitch.json.(I made it simpler):

{
  "start": "php -S 0.0.0.0:3000"
}

$_SERVER['REMOTE_ADDR'] does not get the expected value.
Instead you need to get it from $_SERVER['HTTP_X_FORWARDED_FOR']
This can be checked with phpinfo(). Please confirm your global IP address in advance.
I publish a minimal PHP project. The index.php is phpinfo():

when you look at $_SERVER['HTTP_X_FORWARDED_FOR'], you get the following value:

54.230.173.96,::ffff:10.10.10.246,::ffff:10.10.86.42

So you need to split it with , to get 54.230.173.96.

<?php
  $ip = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
  echo "{$ip[0]}\n";

This will output the IP address. You may know such a service. I also publish this project.

So the source of @m4sugar is

<?php
$ip = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
$deny = array("111.111.111", "222.222.222", "333.333.333");
if(in_array($ip[0],$deny))
{
  header("location: http://www.google.com/");
  exit;
}
?>

You can do what you expect. Try it!

1 Like

Thank you so much! That worked!

But what about if they’re ok to visit the site? What do I add?

What do you mean?


I think Glitch should implement an IP ban feature, because even if your project bans certain IPs, it still gets through the Glitch reverse-proxy and counts towards your request quota. :confused:

4 Likes

Maybe you should make a post on #feature-ideas?

Eddie

Using Cloudflare makes it really tricky to do IP bans. I would love if Glitch had a built in service for this.

That would be a neat idea, along with project comments which I have seen mentioned around the forum.

1 Like

Maybe I should implement IP bans on Glix?

7 Likes

yep, just add stuff that glitch wont/dont have time to add, lol

2 Likes

How do you plan on getting around cloudflare? There is a way in PHP but I have no idea in Express or any other languages.