Banning by IPv4 and IPv6
Question
If I want a ban a user by IP in my website, is it possible to do it by both IPv4 and IPv6 ? Some browsers apparently use IPv4 addresses by default and others, if they have the possibility, use IPv6 addresses. So, if I ban someone by their current IP, they would only have to user another navigator to bypass the ban.
tl;dr: is it possible to translate IPv4 addresses to IPv6 or something like that to "unify" them?
I'm using PHP as the server-side technology.
2 answers
solution1
5 ACCPTED 2012-09-17 22:46:03
No, it isn't really possible. They are entirely separate network protocols that don't have to have anything to do with each other.
In addition, I would suggest that banning by IP address should only be used in conjunction with other methods, as it is very easy to use a proxy or other means to hit your server from a different IP address.
solution2
0 2017-06-14 13:18:01
You can't really translate one to the other, the IPv4 and IPv6 Internets are essentially two logically seperate neworks that happen to share much of the same infrastructure.
Things you can do.
- Look out for addresses associated with the 6to4 and teredo transition mechanisms. When you see one translate it to the corresponding IPv4 address for abuse control comparisions.
- Be aware that customers tend to get allocated IPv6 in blocks of at least /64, so there isn't generally much point in banning an individual IPv6 address.
- Include a couple of mostly invisible resources (eg 1x1 pixel transparent images) on critical pages, one served from a v4 only hostname and one served from a v6 only hostname. Use these images to collect both of the user's addresses (if they exist).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.