将IP地址列入黑名单 [英] Blacklisting IP Address
问题描述
<?php if($_SERVER['REMOTE_ADDR'] != 'xx.xx.xx.xx') {
header("Location: http://google.com");
} ?>
这是阻止某些IP地址访问Windows服务器上某些文件夹的好方法吗?
Is this a good way to block certain IP addresses from accessing some folders on my windows server ?
或者可以使用像webscarab这样的代理软件拦截它,并且可以修改原始IP地址以绕过这个?
Or it can be intercepted with proxy softwares like webscarab and the originating IP address could be modified to bypass this ?
推荐答案
任何具有与您阻止的IP地址不同的代理都可以绕过它。你可以检查 X-Forwarded-For
(用 apache_request_headers()
挖出来,如果你正在使用Apache),但如果你优先于 $ _ SERVER ['REMOTE_ADDR']
,这就更容易被欺骗。
It can bypassed with any proxy with has a different IP address to the one you are blocking. You could check X-Forwarded-For
(dig it out with apache_request_headers()
if you are using Apache), but this is much easier to spoof if you give it precedence over $_SERVER['REMOTE_ADDR']
.
另外,我可以忽略你的位置
标题。在它之后放一个退出
。
Also, I could ignore your Location
header. Put an exit
after it as well.
这篇关于将IP地址列入黑名单的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!