使用.htaccess或PHP阻止用户IP?
[英]Block user IP's with .htaccess or PHP?
问题描述
From a performance only view, which would be the best way to block 30 IP addresses? 
从仅性能视图来看,这将是阻止30个IP地址的最佳方法吗?
A) .htaccess file A).htaccess文件
or 要么
B) PHP code in the file B)文件中的PHP代码
5 个解决方案
解决方案1
9 已采纳 2010-01-19 00:09:29
If you are administrator of your server, I would use none of those, and would ban the IPs at the firewall level -- this way, nor Apache nor Apache+PHP will have to work. 如果您是服务器的管理员,我将不会使用这些服务器,并且会禁用防火墙级别的IP - 这样,Apache和Apache + PHP也不会起作用。
If you're not admin ; 如果你不是管理员; well, .htaccess means only Apache, and no PHP to load/compile/execute ; 好吧, .htaccess只表示Apache,没有PHP加载/编译/执行; I'm guessing Apache alone (ie .htaccess ) should require less resources than Apache+PHP. 我猜测Apache (即.htaccess )应该比Apache + PHP需要更少的资源。
Another way of seing things is maintenance : if you need to add/delete IPs addresses from that list, what would the easiest way be ? 另一种看待事物的方法是维护:如果你需要添加/删除该列表中的IP地址,最简单的方法是什么?
(In that case, I would generally bet for some PHP code...) (在这种情况下,我通常会赌一些PHP代码...)
解决方案2
3 2010-01-19 00:10:48
I agree with Pascal's answer. 我同意Pascal的回答。 But the PHP code is: 但PHP代码是:
$banned = array('129.168.1.1');
if(in_array($_SERVER['REMOTE_ADDR'], $banned))
{
die();
}
And the .htaccess is: 而.htaccess是:
order allow,deny
deny from 192.168.1.1
allow from all
Just for the record. 仅供记录。
解决方案3
3 2010-01-19 00:19:02
Hardware
or 要么
Hardware + OS
or 要么
Hardware + OS + Apache
or 要么
Hardware + OS + Apache + PHP
Understanding the stacks should help indicate which will be the fastest. 理解堆栈应该有助于指出哪个是最快的。
解决方案4
1 2010-01-19 00:13:33
Why not block them at the hardware level (router, load balancer, firewall, etc)? 为什么不在硬件级别阻止它们(路由器,负载平衡器,防火墙等)? - If its only a block of 30 and you don't need to update them often. - 如果它只有30块,你不需要经常更新它们。
解决方案5
0 2017-02-24 23:52:42
@MikeB 's answered it perfectly. @MikeB完美地回答了这个问题。 Nevertheless I use PHP and .htaccess in combination as they are easier to maintain and I'm able to use honeypots to automatically add new IPs. 然而,我结合使用PHP和.htaccess,因为它们更容易维护,我可以使用蜜罐自动添加新的IP。 Example: 例:
login.php 的login.php
if ($login_tries > 3) {
touch('deny/' . $_SERVER['REMOT_ADDR']);
}
.htaccess 的.htaccess
# check if ip has been banned
RewriteCond /usr/www/{YOUR_PATH}/deny/%{REMOTE_ADDR} -f
RewriteRule . - [F]
But the main reason why I use this is to allow accidentally blocked visitors to unblock themself through a captcha . 但我使用它的主要原因是允许意外阻止访问者通过验证码解锁自己 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.