How do I block an IP address?

[yournamehere]

Hi,

I've been having some problem with some spam orders recently, and it's costing me money. Though I'm going through multiple other methods nto protect my site, I do wish to block the IP addresses of the spam bots (which I traced back through my databases)...

How do I do this?

Also: I'm not using the htaccess.txt file for a rewrite (my server won't facilitiate this, and I'm told this is one way of doing it...)

Cheers,
Sam

[Ion_Cannon]

You could open a ticket and have your web hosting company block the IP. If you have Cpanel there are sometimes IP blocking functions if your hosting provider allows it. I would open a ticket with your web hosting and tell them you are getting spam orders from x.x.x.x and ask that it be blocked from hitting your site.

[livret_a]

or you block it with the .htaccess file ... easier i think

[Ion_Cannon]

or you block it with the .htaccess file ... easier i think

"Also: I’m not using the htaccess.txt file for a rewrite (my server won’t facilitiate this, and I’m told this is one way of doing it…)"

[Rémi Gaillard]

Hi, you can do a thing like that on your config.inc.php:

$ip_blacklisted = array('ip_1', 'ip_2', 'ip_n');
if (in_array($_SERVER['REMOTE_ADDR'], $ip_blacklisted))
  exit;

[doigro]

Great ideea!. How do I put a nice message, like: This IP has been black listed, to unblock it please send an email to....

How to do this?

[Rémi Gaillard]

$ip_blacklisted = array('ip_1', 'ip_2', 'ip_n');
if (in_array($_SERVER['REMOTE_ADDR'], $ip_blacklisted))
  die(Tools::displayError('Your message'')); 

[BWT]

Did anyone try this yet? Does it matter what version of prestashop you are using? One other questions I am assuming ip1 ip2 and ipn are the ip's of people you want blocked right? is the "n" just a typo or something else??

 

HEre is a .htaccess method,

 

<Limit get>
order allow, deny
deny from 10.20.30.
deny from 192.168.207.154
allow from all
</limit>

 

This is an example of a .htaccess file that will block access to your site to anyone who is coming from any IP beginning with 10.20.30. and from the specific IP address 192.168.207.154. By specifying only part of an IP address and ending the partial IP address with a period, all sub-addresses coming from the specified IP address block will be blocked. You must use the IP addresses to block access, as use of domain names is not supported.

 

Update: I also found this for blocking IP's can be done via back office BLOCK IP AND COUNTRY

Edited May 1, 2013 by T-Bone (see edit history)

[AngelSpeedy]

Hi Rémi, is possible you make one free module with that code to use in back office ?, is more easy to insert ips or ips range with module, i think..

 

Tks..

[vekia]

here is a free module for ban IP address (access to the front office): Ban ip address free prestashop module

[AngelSpeedy]

Hi Vekia, great module..

 

Tks..

[vekia]

I really hope anybody could help me

 

with?

[marcelderuig]

If you are running your own server or VPS, it is better to block those ip's using iptables in the server itself. This wil deny access to your server. Banning using htaccess or some kind of script wil not prevent serverload. Using iptables simply drops the connection.

 

For example: iptables -A INPUT -j DROP -s 185.13.44.0/22

This wil drop connection from 1 complete russia block.

Bots will sometimes come to your server with different ip's from within the same ip-block. So, blocking the whole block is easier then blocking several ip's.

 

Example: iptables -A INPUT -j DROP -s 185.13.44.1.33 #blocks 1 ip

 

You can type this as a command in the shell of your server (root access required) and the connection is dropped. However, after reboot this rule is gone.

You can put these rules also in /etc/rc.local (be carefull and make a copy! Blocking your own ip will prevent you from access to your own server. It is only accessible for you from another connection or maybe from your control panel of your server)

Ater reboot these rules are applied.

 

How to find a complete block of ip's?

For example...someone from italia bugs your server from a single ip 151.29.148.172. You can block this 1 ip or block the complete ip-block from this ip.

Use whois information of 151.29.148.172 and you find something like 151.29.0.0 - 151.29.255.255

This is the complete ip-range of this block where this ip belongs to.

Use ipcalc to calculate the ip-block: ipcalc 151.29.0.0 - 151.29.255.255

It gives you 151.29.0.0/16

Use 151.29.0.0/16 in your iptable-rule. Now every ip in this block is denied to your server and the connection is simply dropped. For the ip's it is like your server simply is not there.

 

Google on the use of iptables and dropping ip's for more information.

[AngelSpeedy]

What is the fle to insert that code ?

 

Tks..

[selectshop.at]

What is the fle to insert that code ?

 

Tks..

This is only for users running VPS server, with complete root access. It is a commando for to add the IPblock to the IP-tables file. You have a managed server or you have full access to the server (can install serversoftware, modules and change configuration by your own ?) If not please continue use the module Vekia suggested. This is better as nothing.