IP Ban in PHP isnt working

Maybe I should implement IP bans on Glix?

7 Likes

yep, just add stuff that glitch wont/dont have time to add, lol

2 Likes

How do you plan on getting around cloudflare? There is a way in PHP but I have no idea in Express or any other languages.

There are drivers, pretty sure you need Apache for them to work.

@m4sugar There’s a Node.js package aswell

1 Like

Can you explain the concept or method how it is done using PHP? Might be able to figure out a way for Express…

1 Like

This is what I do on my website:

if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];

$_SERVER['HTTP_CF_CONNECTING_IP'] is the IP.

Can you explain what that piece of code does? :sweat_smile:

It checks is the server variable $_SERVER['HTTP_CF_CONNECTING_IP'] is set, if it is, it sets the $_SERVER['REMOTE_ADDR'] variable to $_SERVER['HTTP_CF_CONNECTING_IP'].

Thats what it looks like to me, correct me if I’m wrong.

2 Likes

I’ll most likely use something called iptables to block out specific IPs from my VPS, however that would be strictly prohibited to only run on port 80 and 443, and only deny access when the IP is banned on a specific pointer.

You can pretty much write it yourself. Apache or NGINX has the tools needed to implement IP bans, however, I doubt they can deny access on specific hosts, I don’t know.

If I’m going to implement this for Glix I’ll have to write a caddy plugin in Go :stuck_out_tongue:

This would be a rather deprecated choice. The connecting remote might be a reverse-proxy, which therefore will ban the proxy instead of the user. You should look out for trusted proxies and make sure to use the X-Forwarded-For header as the IP. However don’t trust the header until you’ve validated that the remote is trusted!

2 Likes

why not ip bans on the reverse proxy? Also this as a feature for glix would be nice

The reason I use this is because this is the method that Cloudflare says to do.

If I’m going to implement this I’ll write a plugin for Caddy :wink:

P.S. Caddy is the reverse proxy I’m using :slight_smile:

3 Likes

Not Nginx? Nginx has more documentation online.

1 Like

Caddy is as well very documented and more fit for my use.

NGINX is an extremey good web server, reverse proxy etc, but is rather an overkill for what I need.

Caddy also comes with a built-in admin API, which Glix takes use of. With NGINX you have to do a bunch of things to get all of the stuff caddy does automatic.

Caddy in my opinion is just easier and better to use.

2 Likes

I love it when things have built in admin :slight_smile:

1 Like