Wednesday, March 11, 2009

ASP IP Ban/deny list from .htaccess file.

:::General Information :::

Granted I did not search for very long for for those familiar with microsoft servers know that trying to use an .htaccess file with IIS just doesn't work. If you have direct access to the server then you can follow microsofts directions on how to do it, but alas not everyone can do that. So I decided to write a little include script to  correct this issue.

So far the only thing in the .htaccess file that it pays attention too is 'deny from' and 'allow from', and it will work across an ip range ... example:   192.168.1.1/100

Just rename the .htaccess file that you want to use to htaccess.txt, save this script into a file that you can include in your asp pages. Very simple. If are not a developer and want this on your site then please visit my site and I will get it up their for you. If you are a developer than feel free to use this script! You cannot charge for the script itself though, or include this script in a larger package that you charge for without my express permission.

If there's something relating to .htaccess files that you want added to this script then please let me know and I will update it and repost it here. 

If your looking for a list of ip addresses then visithttp://www.wizcrafts.net/htaccess-blocklists.html they have .htaccess files for several known spamming and scamming places, including ip's for several web-proxies to preven them from back-dooring into your site.


:::EDITS & UPDATES :::

none yet requested.


::: SOURCE CODE ::: 11MAR2009

Dim FSO, FO, File, numitems, htfile, line, ips, ip, ip4, userIP, accessallowed, overrideaccess

accessallowed = true
overrideaccess = false
userIP = Request.ServerVariables("REMOTE_ADDR") 
htfile   = "htaccess.txt"

Set Fso  = Server.CreateObject ("Scripting.FileSystemObject")
Set Fo   = FSO.GetFile(Server.MapPath("\" & htfile))
set File = FSO.OpenTextFile(Server.MapPath("\" & htfile),1,true)

' Pre-check for ALLOWed IP's. ...
Do While Not File.AtEndOfStream
  line = File.readline                                  ' Open the file for reading
  line = LTrim(LTrim(line))                             ' Trim any excess space from edges
  if LCase(left(line,10)) = "allow from" then           ' IP Deny list, process this line
    if line <> "all" then                               ' We won't be using the "all" keyword
      procDeny = LTrim(RTrim(Mid(left(line,10), 10)))   ' Trims out the ip list itself.
      ips = Split(line, " ")                            ' List is usually seperated with a space, this is used as the delimiter
      for n = 0 to UBound(ips)                          ' Loop through all the possible IP's.
        ip = Split(ips(n), ".")                         ' Split IP string into an array
        if UBound(ip) = 3 then                          ' Got an ip address and not a command. (should start at #2 normally but never assume!)
          ip4 = split(ip(3), "/")                       ' Try to Split 4th IP address string into an array
          if UBound(ip4) = 1 then                       ' Lower and upper bound of the IP address. otherwise it is just an ip address!
            for m = ip4(0) to ip4(1)                    ' Loop through all the IP's in this range and check them.
              if ip(0)&"."&ip(1)&"."&ip(2)&"."&m = userIP then
                overrideaccess = true                   ' Known good user, over ride the deny-checker and let them in
              end if
            next
          else
              if join(ip, ".") = userIP then            ' Single ip address, not a group, check it.
                overrideaccess = true                   ' Known good user, over ride the deny-checker and let them in
              end if
          end if
        end if
      next
    end if
  end if
Loop



' we do a simple close and reopen of the file as to increase server compatibility
File.close()

Set File = FSO.OpenTextFile(Server.MapPath("\" & htfile),1,true)
if overrideaccess = false then
  Do While Not File.AtEndOfStream
    line = File.readline                                  ' Open the file for reading
    line = LTrim(LTrim(line))                             ' Trim any excess space from edges
    if LCase(left(line,9)) = "deny from" then             ' IP Deny list, process this line
      if line <> "all" then                               ' We won't be using the "all" keyword
        procDeny = LTrim(RTrim(Mid(left(line,9), 10)))    ' Trims out the ip list itself.
        ips = Split(line, " ")                            ' List is usually seperated with a space, this is used as the delimiter
        for n = 0 to UBound(ips)                          ' Loop through all the possible IP's.
          ip = Split(ips(n), ".")                         ' Split IP string into an array
          if UBound(ip) = 3 then                          ' Got an ip address and not a command. (should start at #2 normally but never assume!)
            ip4 = split(ip(3), "/")                       ' Try to Split 4th IP address string into an array
            if UBound(ip4) = 1 then                       ' Lower and upper bound of the IP address. otherwise it is just an ip address!
              for m = ip4(0) to ip4(1)                    ' Loop through all the IP's in this range and check them.
                if ip(0)&"."&ip(1)&"."&ip(2)&"."&m = userIP then
                  accessallowed = false                   ' Known bad user, deny them access.
                end if
              next
            else
                if join(ip, ".") = userIP then            ' Single ip address, not a group, check it.
                  accessallowed = false                   ' Known bad user, deny them access.
                end if
            end if
          end if
        next
      end if
    end if
  Loop
end if
File.close()

Set FO = nothing
Set FSO = nothing
Set File = nothing

if accessallowed = false then
  Response.Redirect "/no_access.asp"
end if

Posted by M.Hagston at 11:14 AM
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)