[Home]SelfBan

MeatballWiki | RecentChanges | Random Page | Indices | Categories

A self-ban is a tool that will HardBan your own IP address. While this may seem like a backwards idea, it is useful to ban mechanized attacks. On the Web, this is done with a CGI script with its own URL. For instance, in conjunction with a SpiderTrap or as a URL to send a potential OpenProxy. If you're afraid of banning normal people, you can let banned addresses unban themselves with HumanVerification.

To simply hard-ban any IP requesting this URL, add the REMOTE_ADDR to .htaccess. The following script is active on usemod.com.

#!/usr/bin/perl

print "Content-type: text/plain\n\nCongratulations, you have banned your own IP!";

undef $/;
open FILE, "</home/usemod/www/cgi-bin/.htaccess";
$contents = <FILE>;
close FILE;

$date = `date`;
$date =~ s/\s*$//;
$contents =~ s/allow from all/\n# self-banned on $date\ndeny from $ENV{REMOTE_ADDR}\nallow from all/s;

open FILE, ">/home/usemod/www/cgi-bin/.htaccess";
print FILE $contents;
close FILE;

Warning!

Do not publish the URL. Not only will people click on it, thereby banning themselves 'by accident', but it can be used as part of an attack strategy by other people. Attackers can link to the SelfBan script and try to convince victims to click on it using any technique.

Instead, use an ObscureLocation?. You may have to change this location every so often, just as you rotate your password.


CategoryHardSecurity CategoryWikiTechnology CategorySpam

Discussion

MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions
Search: