Protect a page by IP address – ban access to website page by IP address

Home Forums BulletProof Security Pro Protect a page by IP address – ban access to website page by IP address

Viewing 15 posts - 1 through 15 (of 16 total)
  • Author
    Posts
  • #41282
    AITpro Admin
    Keymaster

    Email Question:

    Hi

    Does it include banned user ip Address if visit specific page?

    Thanks

    #41283
    AITpro Admin
    Keymaster

    Answer:

    You can add custom htaccess rules in the BPS Custom Code feature to do that.

    Copy the IP blocking code by Request URI into this Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE before any other htaccess code in that text box.
    Click the Save Root Custom Code button.
    Go to the Security Modes tab page and click the Root Folder BulletProof Mode Activate button.

    Example:

    RewriteCond %{REQUEST_URI} ^(.*)/example-page/ [NC]
    RewriteCond %{REMOTE_ADDR} ^(100\.1\.1\.|100\.2\.2\.|100\.3\.3\.) [NC]
    RewriteRule ^(.*)$ - [F]
    #41292
    Budi Haryono
    Participant

    Hi,

    RewriteCond %{REQUEST_URI} ^(.*)/ban/ [NC]
    RewriteCond %{REMOTE_ADDR} ^(100\.1\.1\.|100\.2\.2\.|100\.3\.3\.) [NC]
    RewriteRule ^(.*)$ - [F]

    I just purchased your plugin and run this code, but it’s not working to banned the visitor who visit my /ban/ url.

    Step I did:

    1. from custom code
    2. in “Root htaccess File Custom Code” I go to 14
    3. paste that code
    4. test

    nothing banned

    Note: I test using IP address 103.82.15.210 I try to change (100\.1\.1\.|100\.2\.2\.|100\.3\.3\.) according my IP but nothing banned

    Any missing step?

    Thanks

    #41293
    AITpro Admin
    Keymaster

    Oops I gave you the wrong Custom Code text box for that code.  That IP blocking code by Request URI must go in this Custom Code text box:  1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE since that code must be processed before the WordPress Rewrite loop htaccess code. I have updated my reply above.

    Copy the IP blocking code by Request URI into this Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE before any other htaccess code in that text box.
    Click the Save Root Custom Code button.
    Go to the Security Modes tab page and click the Root Folder BulletProof Mode Activate button.

     

    #41294
    Budi Haryono
    Participant

    Hi,

    I have tried it but still not working.

    screenshoot: https://prnt.sc/24yn07d

    My server:

    • PHP 7.4
    • Apache
    #41295
    Budi Haryono
    Participant

    I’m afraid there will be a misunderstanding, what I mean here is like this screenshot.

    https://prnt.sc/24yonm4

    When a user visits the trap page that I created, he gets banned immediately so he can’t access all URLs on my website after that.

    thanks so much for your help

    #41296
    AITpro Admin
    Keymaster

    The screenshots don’t show anything that makes sense. To do something like that you would need to create php code that automatically updates the htaccess code. A general example would be something like the BPS 403.php logging template file.  When a visitor is blocked by something in BPS that visitor is redirected to the BPS 403.php file, which contains php logging code that writes to the BPS Security Log file.

    Another simpler approach would be to create a WordPress custom page template > https://developer.wordpress.org/themes/template-files-section/page-template-files/. Then you would create your php code that automatically writes to your root htaccess file and adds new IP address lines of htaccess code. You would need to exclude the BPS Root htaccess file from being checked by AutoRestore since the Root htaccess file would be quarantined each time it was automatically updated/written to.

    #41297
    AITpro Admin
    Keymaster

    Also since you want to block IP addresses that you are blacklisting then your htaccess code would need to done like this > separate lines for each IP address you want to block. You would not add a Request URI condition since you want to block IP addresses to your entire site. This would make it much simpler to do in your php code in your custom template file. You would do a preg_match for the RewriteRule ^(.*)$ - [F] line of code and a preg_replace to add a new line of IP blocking htaccess code. If you would like for me to create the custom template file php code then I can do that for you. Will take me about 15 minutes to do that.

    RewriteCond %{REMOTE_ADDR} ^100.1.1.1 [NC,OR]
    RewriteCond %{REMOTE_ADDR} ^100.2.2.2 [NC,OR]
    RewriteCond %{REMOTE_ADDR} ^100.3.3.3 [NC]
    RewriteRule ^(.*)$ - [F]
    #41299
    Budi Haryono
    Participant

    hi,

    thanks for the explanation, sorry for just replying because there is something else I have to do.

    about this
    If you would like for me to create the custom template file php code then I can do that for you. Will take me about 15 minutes to do that.

    I am very happy and very grateful if you make it for me.

    Thanks

    #41304
    AITpro Admin
    Keymaster

    I just need to know a few things before I create the custom template page.  Can the custom template page be your new trap page or do you want to keep your existing trap page?  If you want to keep your existing trap page then what you can do is redirect someone from your trap page to the new custom template page.  When the custom template page is visited it will automatically get the visitors IP address and write a new line of IP blocking htaccess code in your Root htaccess file.  A message will be displayed on the custom template page: “Your IP address has been banned. If this is a mistake contact me here: someone@example.com”.

    Also email me your Theme’s page.php template file:  /your-theme-folder-name/page.php.  So I can add the Ban IP Address code in your Theme’s page.php template file, customize it and send the new custom template file back to you.

    #41307
    Budi Haryono
    Participant

    Hi

    Is it possible if I give you access to my website?

    Or

    I use oxygen builder which is there’s code block element to create custom php + I install wpcodebox AS well to create custom php, can I use it to place your code?

    Where i can send an email directly to you?

    Thanks so much

    #41308
    AITpro Admin
    Keymaster

    For something this simple I don’t need to login to your site.  I have already created the Ban IP address custom template for my Theme.  So now I just need to use your Theme’s page.php template file, copy the Ban IP address code into your page.php template file and rename it. So that it will be a new custom template file. I have sent you an email to your forum email address.  Please respond to that email.

    #41309
    AITpro Admin
    Keymaster

    Ok so yeah per our email conversion, since I know absolutely nothing about Oxygen Builder then here is the raw code below and the general concept and steps to utilize it.

    General Concept:
    When a visitor visits your trap page they are redirected to your IP Ban page, which will get the visitor’s IP address and write a new line of htaccess code in your root htaccess file that will block that visitor’s IP address. You will need to add your IP address in the php code so that it is whitelisted and not banned. You will need to exclude the root htaccess file from being checked by BPS Pro AutoRestore|Quarantine so that your root htaccess file is not quarantined each time a new line of htaccess code is written to your root htaccess file > https://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#autorestore-exclude-rules

    Steps to add the php code:
    Copy this code to wherever you would do that with Oxygen Builder. Since I don’t know anything about Oxygen Builder I cannot help you with this. Do not forget to add/whitelist your IP address in the php code below or you will ban your IP address and will have to edit your Root htaccess file via FTP to be able to view your website.

    <?php
    
    $root_htaccess_file = ABSPATH . '.htaccess';
    
    if ( file_exists($root_htaccess_file) ) {
    $root_htaccess_file_contents = file_get_contents($root_htaccess_file);
    }
    
    $htaccess_code_pattern_match = '/RewriteCond\s%\{REMOTE_ADDR\}\s\^127\.0\.0\.5\s\[NC\]\s*RewriteRule\s\^\(\.\*\)\$\s\-\s\[F\]\s*#\sEND\sBAN\sIP\sADDRESS\sLIST/';
    
    $bpsPro_remote_addr = false;
    if ( array_key_exists('REMOTE_ADDR', $_SERVER) ) {
    $bpsPro_remote_addr = $_SERVER['REMOTE_ADDR'];
    }
    
    // Enter your actual IP address so that you do not ban yourself/your IP address.
    $whitelisted_ip_address = '127.0.0.1';
    
    if ( ! empty($bpsPro_remote_addr) && $bpsPro_remote_addr == $whitelisted_ip_address ) {
    $text = '<h1>Your IP address ' .$bpsPro_remote_addr. ' is whitelisted and will not be banned.</h1>';
    echo $text;
    }
    
    if ( ! empty($bpsPro_remote_addr) && $bpsPro_remote_addr != $whitelisted_ip_address ) {
    
    $text = '<h1>Your IP address ' .$bpsPro_remote_addr. ' has been banned. If this is a mistake contact me here: someone@example.com. Copy this email address now since you will not be able to access this website page or any other website pages on this website again until your IP address is unbanned.</h1>';
    echo $text;
    
    if ( ! preg_match( '/'.$bpsPro_remote_addr.'/', $root_htaccess_file_contents ) ) {
    
    $root_htaccess_file_contents = preg_replace( $htaccess_code_pattern_match, "RewriteCond %{REMOTE_ADDR} ^$bpsPro_remote_addr [NC,OR]\nRewriteCond %{REMOTE_ADDR} ^127.0.0.5 [NC]\nRewriteRule ^(.*)$ - [F]\n# END BAN IP ADDRESS LIST", $root_htaccess_file_contents);
    
    file_put_contents( $root_htaccess_file, $root_htaccess_file_contents );
    }
    }
    
    ?>

    Root htaccess BAN IP Address code:
    Important: Do not change any of the htaccess code below because the pattern matching php code above matches this code. If you want to make changes to the htaccess code then you will also need to change the pattern matching php code above.
    This htaccess code below needs to be added using the htaccess File Editor or by editing your root htaccess file directly. The code goes at the top of your Root htaccess file after: BULLETPROOF PRO 16.1 SECURE .HTACCESS.
    Do NOT add this code in BPS Custom Code or it will be overwritten and you will lose any banned IP addresses. You will need to exclude the Root htaccess file from being checked by AutoRestore. When your root htaccess file is quarantined, restore the root htaccess file (auto_.htaccess file) in Quarantine. Then use the Quarantine form at the top of the page and create a single file exclude rule for your root htaccess file.

    # BEGIN BAN IP ADDRESS LIST
    # Do not delete the 127.0.0.5 line of code. It is used to create new lines of code.
    # New lines of banned IP address code will be added above the 127.0.0.5 line of code.
    RewriteCond %{REMOTE_ADDR} ^127.0.0.5 [NC]
    RewriteRule ^(.*)$ - [F]
    # END BAN IP ADDRESS LIST
    

    Custom Code Redirect htaccess code:
    You will need to create redirect htaccess code so that your trap page redirects visitors to your BAN IP Address page. Add this redirect code in this BPS Root Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE, click the Save Root Custom Code button and activate Root Folder BulletProof Mode.
    Important: This is example redirect htaccess code. You will need to edit it and add your actual correct URI’s and URL’s.

    # Redirect visitor from trap page to the Ban IP address page
    RedirectMatch 301 ^(.*)/trap-page/$ https://www.example.com/ban-ip-address/
    #41312
    Budi Haryono
    Participant

    SOLVED!

    Thanks for AITpro Admin&lt

    I need this feature because:

    the website that I have is a website “related to job vacancies” (outsourcing companies). But my website is NOT FOR job seekers.

    Then I provide a whatsapp chat facility on the website for prospective clients “who are looking for outsourcing services” NOT FOR JOB SEEKERS.

    But in practice 95% of those who chat on whatsapp come from those who are looking for job vacancies, even though I have informed that there are no job vacancies.

    In a day we get more than 100 whatsapp chats only from those who are looking for job vacancies, it’s very annoying because I HAVE written “NO JOB vacancies“.

    the conclusion specifically for Oxygen Builder users:

    – Create a new page
    – insert “codeblock element”
    – paste this code

    
    <?php
    
    $root_htaccess_file = ABSPATH . '.htaccess';
    
    if ( file_exists($root_htaccess_file) ) {
    $root_htaccess_file_contents = file_get_contents($root_htaccess_file);
    }
    
    $htaccess_code_pattern_match = '/RewriteCond\s%\{REMOTE_ADDR\}\s\^127\.0\.0\.5\s\[NC\]\s*RewriteRule\s\^\(\.\*\)\$\s\-\s\[F\]\s*#\sEND\sBAN\sIP\sADDRESS\sLIST/';
    
    $bpsPro_remote_addr = false;
    if ( array_key_exists('REMOTE_ADDR', $_SERVER) ) {
    $bpsPro_remote_addr = $_SERVER['REMOTE_ADDR'];
    }
    
    // Enter your actual IP address so that you do not ban yourself/your IP address.
    $whitelisted_ip_address = '127.0.0.1';
    
    if ( ! empty($bpsPro_remote_addr) && $bpsPro_remote_addr == $whitelisted_ip_address ) {
    $text = '<h1>Your IP address ' .$bpsPro_remote_addr. ' is whitelisted and will not be banned.</h1>';
    echo $text;
    }
    
    if ( ! empty($bpsPro_remote_addr) && $bpsPro_remote_addr != $whitelisted_ip_address ) {
    
    $text = '<h1>Your IP address ' .$bpsPro_remote_addr. ' has been banned. If this is a mistake contact me here: someone@example.com. Copy this email address now since you will not be able to access this website page or any other website pages on this website again until your IP address is unbanned.</h1>';
    echo $text;
    
    if ( ! preg_match( '/'.$bpsPro_remote_addr.'/', $root_htaccess_file_contents ) ) {
    
    $root_htaccess_file_contents = preg_replace( $htaccess_code_pattern_match, "RewriteCond %{REMOTE_ADDR} ^$bpsPro_remote_addr [NC,OR]\nRewriteCond %{REMOTE_ADDR} ^127.0.0.5 [NC]\nRewriteRule ^(.*)$ - [F]\n# END BAN IP ADDRESS LIST", $root_htaccess_file_contents);
    
    file_put_contents( $root_htaccess_file, $root_htaccess_file_contents );
    }
    }
    
    ?>

    – login to public_html hosting or where your .htaccess file is located
    – paste this code at the very top after the text “# BULLETPROOF PRO 16.1 SECURE .HTACCESS ”

    # BEGIN BAN IP ADDRESS LIST
    # Do not delete the 127.0.0.5 line of code. It is used to create new lines of code.
    # New lines of banned IP address code will be added above the 127.0.0.5 line of code.
    RewriteCond %{REMOTE_ADDR} ^127.0.0.5 [NC]
    RewriteRule ^(.*)$ - [F]
    # END BAN IP ADDRESS LIST

    OPTIONAL: you can enable redirect with this code as instruction above

    # Redirect visitor from trap page to the Ban IP address page
    RedirectMatch 301 ^(.*)/trap-page/$ https://www.example.com/ban-ip-address/
    #41315
    Budi Haryono
    Participant

    @AITpro

    I additional question,

    How to prevent my htaccess being restore after I add the code

    # BEGIN BAN IP ADDRESS LIST
    # Do not delete the 127.0.0.5 line of code. It is used to create new lines of code.
    # New lines of banned IP address code will be added above the 127.0.0.5 line of code.
    RewriteCond %{REMOTE_ADDR} ^127.0.0.5 [NC]
    RewriteRule ^(.*)$ - [F]
    # END BAN IP ADDRESS LIST

    Thanks

Viewing 15 posts - 1 through 15 (of 16 total)
  • You must be logged in to reply to this topic.