Login or Sign up Help | Site Map
Connecting Tech Pros Worldwide
Bytes > Forums - Questions and Answers > ASP Forum

Blocking IP addresses

Question posted by: printedgoods (Newbie) on March 28th, 2008 04:21 PM
I currently have an IP address checking system in place to block IP's that abuse my querystrings. Most of these are from outside the US.

My question is:

How can I block everyone but US IP addresses? I don't know if i can use somthing like this "215.*.*.*" or "215*"' and it work.

Thanks
Jason
Would you like to answer this question?
Sign up for a free account, or Login (if you're already a member).
jhardman's Avatar
jhardman
Moderator
2,043 Posts
April 1st, 2008
11:01 PM
#2

Re: Blocking IP addresses
Code: ( text )
  1. response.write request.serverVariables("remote_addr")
  2. response.write request.serverVariables("remote_host")
I can't remember what happens when you try to connect thru a proxy, and I've never bothered to check which IP addresses belong to which areas, but I understand that isn't hard to look up. So you could do something like this:
Code: ( text )
  1. if left(request.serverVariables("remote_addr"), 3) = "255" then
  2.    response,.write "Welcome to my site"
  3. else
  4.    response.write "see you later, bozo."
  5. end if
Reply
danp129's Avatar
danp129
Expert
224 Posts
April 3rd, 2008
08:42 PM
#3

Re: Blocking IP addresses
Download IP2Country.zip from here and extract it.

Make this vbs script and edit it to allow only US country code or whatever country codes you wish to allow. Then execute the file.

Code: ( text )
  1. 'RemoveJunk.vbs
  2. Const Countries2Keep = "US,CA,AU"   'Country codes to allow access
  3. Const ForReading = 1
  4. Const ForWriting = 2
  5.  
  6. Dim sAppPath, sFileIn, sFileOut
  7. sAppPath = Mid(Wscript.ScriptFullName, 1, InStrRev(Wscript.ScriptFullName, "\"))
  8. sFileIn=sAppPath & "iptocountry.csv"
  9. sFileOut=sAppPath & "CountryIPs.csv"
  10.  
  11. call TrimJunk(sFileIn, sFileOut)
  12.  
  13. sub TrimJunk(from_name, to_name)
  14.     Dim sTemp, arTemp, LineNo
  15.     Dim fFrom, fTo
  16.     Dim fso
  17.     set fso = CreateObject("Scripting.FileSystemObject")
  18.     Set fFrom = fso.OpenTextFile(from_name, ForReading)
  19.     Set fTo = fso.CreateTextFile(to_name, True)
  20.    
  21.     fTo.WriteLine "StartIP" & vbtab & "EndIP" & vbTab & "CountryCode"
  22.    
  23.     Do Until fFrom.AtEndOfStream
  24.         sTemp = replace(fFrom.ReadLine,"""","")
  25.         LineNo=LineNo+1
  26.         If sTemp <> empty and left(sTemp, 1) <> "#" Then
  27.             ' write line to combined csv file
  28.             arTemp=split(stemp,",")
  29.             if ubound(arTemp) <> 6 then
  30.                 wscript.echo "Error parsing line (" & LineNo & ") too many commas."
  31.             else
  32.                 if IsGoodCountry(arTemp(4)) then
  33.                     fTo.WriteLine arTemp(0) & vbtab & _
  34.                                   arTemp(1) & vbtab & _
  35.                                   arTemp(4)
  36.                 end if
  37.             end if
  38.         End If
  39.     Loop
  40.    
  41.     fFrom.close
  42.     fTo.close
  43. End sub
  44.  
  45. function IsGoodCountry(sCC)
  46.     Dim arGoodCCs, iCC
  47.     arGoodCCs=split(Countries2Keep,",")
  48.     for iCC = 0 to ubound(arGoodCCs)
  49.         if arGoodCCs(iCC) = sCC then
  50.             IsGoodCountry=True
  51.             exit for
  52.         end if
  53.     next 'iCC
  54. end function


Import the "CountryIPs.csv" output file created by the script into your database.

Use this ASP page to test.

Code: ( text )
  1. <%
  2. 'IPCheck.asp
  3. 'ASP File (need to add your own DB connection string)
  4.  
  5. Dim rs
  6. Dim cn
  7. 'Create database connection object
  8. set cn = server.CreateObject("adodb.connection")
  9. 'Create recordset object
  10. set rs = server.CreateObject("adodb.recordset")
  11. 'Open database connection
  12. cn.Open strCon 'use your DB connection string here
  13.  
  14. call WritePage
  15. 'End
  16.  
  17.  
  18. sub WritePage
  19.     dim VisitorIP
  20.     VisitorIP=Request.ServerVariables("Remote_Addr")
  21.  
  22.     strSQL="Select StartIP, EndIP, CountryCode from CountryIPs.dbo.IPs WHERE " & IPToNum(VisitorIP) & " BETWEEN StartIP AND EndIP"
  23.  
  24.     rs.Open strSQL, cn, adOpenForwardOnly, adLockReadOnly
  25.     if rs.EOF then
  26.         Response.Write "Access Denied, If you are in the United States please <a href=""mailto:Webmaster@mydomain.com"">Let us know</a> you are having this error."
  27.     else
  28.         Response.Write "Access Granted: " & VisitorIP & " is between " & Num2IP(rs("startip")) & " and " & Num2IP(rs("endip")) & " assigned to " & rs("CountryCode")
  29.     end if
  30. end sub
  31.  
  32.  
  33.  
  34. 'IPToNum() function - turns a textual IP address into a 32-bit number
  35. Function IPToNum(strIP)
  36.     Dim numOctetsArray
  37.     Dim i
  38.     numOctetsArray = Split(strIP,".")
  39.    
  40.     'sanity checks
  41.     If UBound(numOctetsArray) <> 3 Then
  42.         'oops = wrong number of octets
  43.         IPToNum = -1
  44.         Exit Function
  45.     End If
  46.  
  47.     For i = 0 to 3
  48.         If Not IsNumeric(numOctetsArray(i)) Then
  49.             'oops - not an IP address
  50.             IPToNum = -2
  51.             Exit Function
  52.         End If
  53.  
  54.         If numOctetsArray(i) > 254 Then
  55.             'oops - octet out of range
  56.             IPToNum = -3
  57.             Exit Function
  58.         End If
  59.     Next
  60.  
  61.     'now compile a number
  62.     IPToNum = numOctetsArray(0) * (2^24)
  63.     IPToNum = IPToNum + numOctetsArray(1) * (2^16)
  64.     IPToNum = IPToNum + numOctetsArray(2) * (2^8)
  65.     IPToNum = IPToNum + numOctetsArray(3)
  66. End Function
  67.  
  68. Function Num2Ip(ByVal Num)
  69.     'Presets the return of function
  70.     Num2Ip = Null
  71.     Num=clng(num)
  72.     'Evaluates the parameter
  73.     If Len(Num) = 0 Then Exit Function
  74.     If Not IsNumeric(Num) Then Exit Function
  75.     Num = CDbl(Num)
  76.     If Num < 0 Or Num > 4294967295 Then Exit Function
  77.  
  78.     'Starts the calc
  79.     Num = Num / 16777216
  80.     Num2Ip = Fix(Num) & "."
  81.     Num = ((Num - Fix(Num)) * 16777216) / 65536
  82.     Num2Ip = Num2Ip & Fix(Num) & "."
  83.     Num = ((Num - Fix(Num)) * 65536) / 256
  84.     Num2Ip = Num2Ip & Fix(Num) & "."
  85.     Num = (Num - Fix(Num)) * 256
  86.  
  87.     'Returns the sum
  88.     Num2Ip = Num2Ip & Fix(Num)
  89. End Function
  90.  
  91. %>


You will want to update your database occasionally.
Reply
Reply
Not the answer you were looking for? Post your question . . .
173,515 Experts ready to help you find a solution.
Sign up for a free account, or Login (if you're already a member).

Top ASP Forum Contributors
Quick Browse:
Communities / Archives
XML / CSS | HTML | Javascript | PHP | Perl | Visual Basic | Python | C++ / C | Java | .NET / C# / VB / XML / ASP.net | ASP
PostgreSQL | MS SQL | Oracle | IBM DB2 | MS Access | MySQL

About Bytes | Sitemap | Privacy Policy | Terms of Use
Copyright 1995-2008 Bytes.com. All rights Reserved