-6

我想禁止某人访问我的网站。

到目前为止,这是我尝试过的:

  • 如果某个 IP 包含例如“188.91.1.x”的人进入我的网站,我会访问die()该网站。

  • 饼干

我试图禁止的用户绕过了我采取的上述步骤。

我的网站上有公共聊天室,我想让他远离它。

各位大佬,这个人怎么封号啊?

有什么方法可以获取特定于用户机器甚至浏览器的任何其他唯一 ID?

附言:

  • 我不能通过登录名禁止(试过了,他一直在创建一个新帐户)

  • 我不能列入白名单,原因与上述相同。

编辑:

我找到了这段代码,它在使用 HideMyAss.com 进行测试时有效

<?
if( @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) )
{
    die("I'm not letting you in");
}
else
{
?>
Hello normal user, thanks for not trying to use a proxy
<?
}
?>

有什么可能出错的地方(即使只是在生产中尝试)?

好吧,fsockopen 方式似乎只适用于基于 Web 的代理(这是完美的,因为我相信他正在使用它)。我将首先计算有多少访问者触发了我粘贴在我的帖子中的 fsockopen 代码,看看是否适合我用作成功禁止该人的下一步。

4

5 回答 5

1

If he is using proxies it will be impossible to keep him out by using the IP.

You could try to set a cookie and then block access depending on that, but even that is easily circumvented.

于 2013-10-01T10:01:51.240 回答
1

It would be impossible to stop him completely, but you can make it much harder for him.

Cookies You can attept to store a cookie on the banned users computer. As long as the user doesn't delete his cookies or change browser, you can ban his new ips.

Registration You can require new users to register and activate account their account via email. This will slow any banned users down a lot as for every account they make, they'll need a new email.

Automatic ban You could add a ban button for yourself, to make it easy to ban people. You could add a vote ban feature so other members could ban people temporarily.

于 2013-10-01T10:08:34.693 回答
0

你不能......你唯一能做的就是将他使用的IP地址添加到你的“banlist”中。当用户更改 IP 地址(实际上他正在使用代理)时,无法禁止用户。

于 2013-10-01T10:00:24.210 回答
0

没有办法完全阻止某人,我过去也遇到过同样的问题。

我过去最好的方法是使用 htaccess 文件并阻止如下子网:

<Limit GET POST>
 order allow,deny
 allow from all
 deny from 1.2.3.4
 deny from 2.0.
</Limit>

来源:使用 .htaccess 文件阻止 IP 访问

Another way is to create a whitelist only using htaccess as well much alike the example below

AuthName "CIRC Under Maintenance" 
AuthType Basic 
<Limit GET POST> 
order deny,allow 
deny from all 
allow from 216.249.119. 
allow from 216.249.123.120 
</Limit>

Source: .htaccess allow/deny rules for subnet

More about .htacces files:.htaccess - Wikipedia

Another solution would be to check out unique id's per device found here: Unique ID for a device with PHP as mentioned by Adam in the comments

于 2013-10-01T10:01:21.520 回答
0

Sometimes the only way to get around these things is manual approval of users. Like RainFromHeaven says, whitelist not blacklist.

于 2013-10-01T10:02:49.250 回答