Waaxe.com - Security Site In memory of Ponca Chief Standing Bear
How secure your web site (with github firehol cleantalk info - cron - php)
# Debian & Ubuntu version
# Create one shell :
# this example use 'vi'
# example :
vi loaddeny.sh
# Insert this :
# this dounload github firehol cleantalk info in raw format
wget https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/cleantalk_new_1d.ipset >/dev/null
cp cleantalk_new_1d.ipset /home/yoursite_root_directory/deny.txt
wget https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/cleantalk.ipset >/dev/null
cp cleantalk.ipset /home/yoursite_root_directory/denytotal.txt
# save in 'one path'
# in example 'one_pah' = /usr/local/bin
#edit crontab to insert download scheduling
crontab -e
# insert this line
# update hourly
@hourly 'one_path'/loaddeny.sh #descargar deny.txt and denytotal.txt
# example : @hourly /usr/local/bin/loaddeny.sh #download deny.txt and denytotal.txt
# in example 'one_pah' = /usr/local/bin
# create php script to include this in web site
vi check.php
# insert this :
### Check if the client IP it is in dowloaded lists
### If it is then it shows the message "Sorry, Your IP is banned" and exit.
<?php
$doc = fopen( "deny.txt", "r" );
$cont = fread($doc, filesize("deny.txt"));
fclose($doc);
$posf = stripos($cont, $_SERVER['REMOTE_ADDR']);
if ($posf !== false) {
echo "Sorry, Your IP is banned";
ob_implicit_flush();
echo PHP_EOL;
exit();
}
$doc = fopen( "denytotal.txt", "r" );
$cont = fread($doc, filesize("denytotal.txt"));
fclose($doc);
$posf = stripos($cont, $_SERVER['REMOTE_ADDR']);
if ($posf !== false) {
echo "Sorry, Your IP is banned";
ob_implicit_flush();
echo PHP_EOL;
exit();
}
?>
# save in website root path check.php and
# include this in the top of website pages