|
PHP - My Webhostingpad Server Is Blocking Me
I have found that when I go to a page on my website, it can cause my IP to get blocked for 1/2 hour by their servers. I have confirmed this by using a proxy to see the site is still up and running. I contacted tech support for the server and after hours and hours of not being able to identify the issue, their tech support accused me of writing bad PHP code. The code has not changed, and this has been a recent issue with the server (last few months).
The web page queries a SQL database and displays many small thumbnails. So I took the code from that page, trimmed it down to just get the contents of the image directory and display the thumbnails. Very basic, whereas before it queried the database for specific images, and created thumbnails on the fly. And so the very basic page (link below) without all that extra stuff STILL causes my IP to be blocked from the site when I access the page. http://www.1966-67chargerregistry.com/gallery/indexTest.php Can you guys confirm that it's not a coding issue? Sure I could split up the images onto multiple pages, but there should be nothing here that a decent server can't handle, right? All thumbnails are 2-3 kb and there's typically maybe 1000 of them. Thanks!!! Re-factored PHP code below: <html> <head><title></title></head> <body> <table align="center" width="1000"> <?php //get contents of image directory so we can look for existing images later in loop $filePath = '../66pics/seppics'; $imageFiles = scandir($filePath); $output = ''; $added = 0; //walk through each of the directory image results for($i = 0; $i < count($imageFiles); $i++) { //only display thumbnail images if(substr($imageFiles[$i], 0, 1) == 'T' && strlen($imageFiles[$i]) > 10) { //save each image in a table cell to write out later $output .= chr(13).'<td><center><img src="'.$filePath.'/'.$imageFiles[$i].'"></center></td>'; $added++; //write out 7 pictures on each table row if($added%7 == 0) { echo chr(13).'<tr>'.$output.chr(13).'</tr>'; $output = ''; } } } //end for loop //output final incomplete line if(strlen($output) > 0) { echo chr(13).'<tr>'.$output.chr(13).'</tr>'; } ?> </table></body></html> Similar TutorialsCode: [Select] i have this to vlock bots out why is the pregmatch part receiving inserts of "http" ???? [cdoe] if (empty($_POST['Main']) && !empty($_POST['CustomerEmail']) && !preg_match("/http/i","$RequestText")) { mail($to, $subject, $message, $headers); $url_success = "confirmation.php"; echo("<meta http-equiv = refresh content=0;url=".$url_success.">"); } elseif (empty($email)) { exit(); } else { exit(); } How can I block a text that contains only spaces? Right now I have done if ($body == "") { die("<font color='red'><font size='15'><strong><center>Your post did not contain any text!"); } But that's extremely insufficient, as any user can easily post " " Any ideas? Well people who hate my site have been coming on and making a site with my site maker . And instead of filling in proper info they put <script> which redirects. And when they finish it saves into mysql and when i view the list of sites it redirects me to another site, Anyone know what can solve this? im sure i am missing something simple. but this is killing me. i get this to work: Code: [Select] $url = (isset($_POST['url'])) ? $_POST['url'] : ''; $BlockedNames = array('nepwk', 'teleworm'); $BlockedDomains = array('nepwk.com', 'teleworm.com', 'yopmail.com', 'adf.ly', 'www.nepwk.com'); @list($name, $domain) = explode("http://", $url); else if(in_array($name, $BlockedNames) || in_array($domain, $BlockedDomains)) { $mesaj = "<div class=\"msg\"<div class=\"error\">Your URL has been blocked by our system!</div></div>"; } now the above works if i type the whole domain for every single url i want to block but i want to know is how would i add a catch all of sorts to the domain so say the domain is: http://www.google.com i want to block everything google so all of the following would be blocked as well http://www.google.com/whatever http://www.google.com/anything http://www.google.com/something i want all of those to be blocked automatically without having to add each individual one im trying to block adf.ly links which change for each person and each url they mask and i want to take proactive measure to just block them from being added into my form instead of having them added to my database then having to go and manually delete them. any questions or if this doesn't make sense let me know. thanks in advance (and maybe this is bad code im a noob so go easy ) Could somebody please point me in the right direction.... I want to block the US, AUS, NZ, CAN, IRE from the index.php of my site. But not the rest of the site. The following site (like many others) provides a pretty neat list for the htaccess http://www.ipinfodb.com/ip_country_block.php I did a test. I got the list for blocking the UK. After copying the UK list to my htaccess i couldn't view my site. The thing i don't get is... my ip address was not in the list but i was still blocked, The 1st 2 sets from my ip are '2.100' The only ip's in the list starting with 2 a deny from 2.24.0.0/13 deny from 2.96.0.0/13 deny from 2.120.0.0/12 deny from 2.136.0.0/13 How exactly is this all working? And what's the best way of blocking the above countries from just my index.php? Any links to manuals or anything here would be great... Thank You. John Im not sure if this is the correct section so sorry for that in advance, i have this URL on my website inside an iframe: http://gorillavid.com/cna/zwzcpyvcfi7j What im wanting to do is somehow either remove all the ads that are shown, or make sure all of the ads are muted and cant make any noise. is this possible? Seany This topic has been moved to Apache HTTP Server. http://www.phpfreaks.com/forums/index.php?topic=359622.0 I have around 14 script files for an admin page.
I am looking to block the access to 10 of them with .htaccess, so they can not get called up through the URL with the web browser, by for example guessing the name.
<Files index.php>
Order Allow,Deny
Allow from all
</Files>
How to set up, so I can have "those" 10 files in there?
Also, when comes to having an admin page and blocking the access to "those" script files is this the proper way to do it?
I would appreciate the suggestions a lot!
Edited by glassfish, 25 October 2014 - 11:06 AM. has anyone here ever seen these 2 sites?
IP DENY
TOR EXIT NODES with regard to the former, the domain has one page per country I believe. so, you can get listings for like say, China and Russia on these 2 pages: China: https://www.ipdeny.com/ipblocks/data/countries/cn.zone Russia: https://www.ipdeny.com/ipblocks/data/countries/ru.zone my question to folks here is, would this information be useful to me? I am putting together some website content that I do not want everyone in the world to see. And, it is possible that by some miracle, the sophisticated hacker world outside the USA will want to take it down and/or disrupt the service offerings of it if they find out that it exists. Anyone got any advice on whether these resources are even worth the effort to use? and if they are, what is the best way to leverage them? e.g. - when pulling info from the server DB to display content on the page, check this IP data first to see who they are and whether I will allow them or block them? thanks. Adam @requinix, I know we've talked about blocking illegitimate traffic before. and I know you said I can't ever get rid of all of it. but this is new info that I've run across. Just wondering what you guys think of this. =) I have a PHP web system that store in a windows server. In the system, there is a function for user to upload files to another server (Shared server in Unix). When i try to upload a file, it gives warning: Warning: move_uploaded_file(\\unixserver/sharedfolder/upload/test.txt) [function.move-uploaded-file]: failed to open stream: Permission denied in C:\wamp\www\upload\index.php on line 40 For your information, my username has been assigned in xxx's group that has access to read and write on that folder. Besides, i'm able to open,create and delete files on that folder's server manually (samba). The safe mode setting is off. Does anybody has any idea why this thing happen? Hi, I am not a PHP programmer. I took on a new client with a simple PHP site, without any databases. The site is up and running on the web. I would like to get it running on my local machine for further development. I have latest version of WAMP installed, running Apache version 2.2.11 and PHP version 5.3.0 I created a directory in the WAMP "www" project directory and it shows up there like it's supposed to when I browse to "localhost" Problem: The home page of website displays text but no, images, styles, footer, header, nav links, etc. Here is the code for the home page: <? define("NAV","home"); require_once('local/local.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>TITLE</title> <meta name="keywords" content=""> <meta name="Description" content=""> <? include("common/dochead.php"); ?> </head> <body onLoad="<? include('common/preloads.php'); ?>"> <!-- ============================ main ============================= --> <div id="main-frame"><div id="main" class="noCollapse"> <? include("common/sign.php"); ?> <div id="right-frame"> <? include("common/navigation.php"); ?> <div id="content-frame"> <div id="content"> <h1>Welcome</h1> <p>This is the content area. This is the content area. This is the content area. </p> </div><!-- end content --> </div><!-- end content-frame --> </div><!-- end right-frame --> <div class="clearFloats"></div> </div><!-- end main --></div><!-- end main-frame --> <? include("common/footer.php"); ?> </body> </html> Any help would be greatly appreciated. I have spent many hours on this. Regards I'm trying to make a simple website where people register to my website. When the user doesn't fill anything inside the boxes they get a message "Please fill all required fields" on the register.php page On my local host require_once works good. It shows up.
But when i upload the files to my sever the require_once does not show up on the register.php It just refreshes and i dont get the message "Please fill all required fields"
This is the code that works in local host but not in a live server <?php require_once 'messages.php'; ?>
Here is my full code
Register page: <html> <?php require_once 'messages.php'; ?> <br><br> <form action="register-clicked.php" method="POST"> Username:<br> <input type="text" name="usernamebox" placeholder="Enter Username Here"> <br><br> Email:<br> <input type="text" name="emailbox" placeholder="Enter email here"> <br><br> Password:<br> <input type="password" name="passwordbox" placeholder="Enter password here"> <br><br> Confirm Password:<br> <input type="password" name="passwordconfirmbox" placeholder="Re-enter password here"> <br><br> <input type="submit" name="submitbox" value="Press to submit"> <br><br> </form> </html>
Register clicked <?php
session_start();
$data = $_POST;
if( empty($data['usernamebox']) ||
empty($data['emailbox']) ||
empty($data['passwordbox']) ||
empty($data['passwordconfirmbox'])) {
$_SESSION['messages'][] = 'Please fill all required fields';
header('Location: register.php');
exit;
}
if ($data['passwordbox'] !== $data['passwordconfirmbox']) {
$_SESSION['messages'][] = 'Passwords do not match';
header('Location: register.php');
exit;
}
$dsn = 'mysql:dbname=mydatabase;host=localhost';
$dbUser='myuser';
$dbPassword= 'password';
try{
$connection = new PDO($dsn, $dbUser, $dbPassword);
} catch (PDOException $exception){
$_SESSION['messages'][] = 'Connection failed: ' . $exception->getMessage();
header('Location: register.php');
exit;
}
messages.php <?php
session_start();
if (empty($_SESSION['messages'])){
return;
}
$messages = $_SESSION['messages'];
unset($_SESSION['messages']);
?>
<ul>
<?php foreach ($messages as $message): ?>
<li><?php echo $message; ?></li>
<?php endforeach; ?>
</ul>
Edited Wednesday at 12:49 AM by bee65 Hi folks, I'm curious if I can for example, save a file from my server and it will save to all other servers - obviously if they accepted the connection first. It's for a software I developed and is almost complete and know there will be frequent updates to it. Instead of users downloading upates, I want the update files from my server to somehow synchronize to their server automatically? Anything called this?? Thanks for info. I am using the ReactPHP event loop with periodic timer. The code works but the browser always shows that the activity is going on (the circle on the chrome tab is always running, refer the link to image below) and it runs only once. Is it possible to get rid of the running circle and still the periodic loop should run in loop at given intervals to execute the code within the loop. Please advise. Circle on the tab Below is my code, Note: **getAll($temp) is a function with parameter in another .php file. I have got the file as include in my current .php file.
$Loop=React\EventLoop\Factory::create(); $Loop->addPeriodicTimer(5, function(React\EventLoop\TimerInterface $timer) use(&$temp, $Loop, &$Total) { try{ $Total = getAll($temp); echo"<script>document.getElementById('Overall').innerText=".$Total."</script>"; }catch (Exception $e){ echo "Error in Loop"; throw $e; } }); Following a tutorial on udemy, i tried to learn the very basics of mvc structure. I built the same project on my local server and it worked without giving me any error. but when i tried it on live server. its not working as it should. not showing any error. I tried to figure out the problem and found that for every page loading, it stops at the same line in my main.php file. <?php require($view); ?> starting from the above line. it stops. i came here to share my problem but i am unable to upload my files here. if there is a way to upload and share my files, please guide. zip file size of the whole project is 31.6 kb This isn't exactly an application design question, but rather a system design one.
I am about to install an Inventory Control System inside this store I work in.
The store itself also owns a Linode VPS running Centos 6.4 which hosts our website.
This new Inventory System will come built in with a Microsoft SQL Server, and supposedly it is a SQL Anywhere database, but I'm not too sure what that means.
I need to make this database publicly accessible, but only via the Linode VPS. Surely, setting restrictions is easy enough to address that issue. That isn't my question.
My first idea is to put this server into the DMZ, easy. But it doesn't exactly sound safe. So my next idea was to put a middleman server in the DMZ, this way the Linode can send queries to that middleman server and it will send that data to the SQL Server and back. This is very vaguely described I know, but I don't want to get too much into details, but rather, understand how I can create that middleman server, and what could Install onto it that would allow me to securely process queries?
My first thought was to install a webservice, that accepts an XML/JSON request and returns an XML/JSON response.
Then, I realized directly afterwards that I don't have any experience setting up a webservice like that.
What kind of options are there out there? Ultimately, my question is, should I just put the Server in the DMZ or should I create the middleman, and if so, can someone point me in the right direction as to getting a webservice set up? Edited by Zane, 15 July 2014 - 11:28 PM. (This might be the wrong forum; it might be server-side configuration, but alas it is the code that *calls* fwrite, so I'll start here.) I have written a script, and one thing it does is generate a file to disk using fwrite. No big deal. Here's what interests me: On most servers, the file is written successfully when the folder's permissions are 755 with recursive permissions. On some servers, 755 fails. Only 777 works. How could this be? Are permissions=permissions=permissions? Why will 755 work on one machine but not another? I'm just a logic guy; I know very little of server-side configuration and/or why there would be a difference here. Just trying to learn. Hey. I am wanting to move a couple of files from my current server to another. If i am uploading the file this is fine but if it is already on the server then im not sure how to move it. When uploading I can just use ftp_put($conn_id, $destination_file, $myFile, FTP_BINARY); What i need to do is figure out how to get a hold of the file and store it in $myFile then this would work fine. Is this possible? Cheers What I'm trying to do is copy all files from one server to another folder on another server. Here is what I have have so far.. <?PHP //connection settings $ftp_server = "server"; $ftp_user_name = "user"; $ftp_user_pass = "pass"; $dir = "/var/test/"; $destination_file = "/test/"; // set up basic connection $conn_id = ftp_connect($ftp_server); // login with username and password $login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass); // check connection if ((!$conn_id) || (!$login_result)) { echo "FTP connection has failed!"; echo "Attempted to connect to $ftp_server for user $ftp_user_name"; exit; } else { echo "Connected to $ftp_server, for user $ftp_user_name"; } if (ftp_chdir($conn_id, $dir)) { echo " <br/>Current directory is now: " . ftp_pwd($conn_id) . "\n<p/>"; } else { echo "Couldn't change directory\n<p/>"; } $buff = ftp_rawlist($conn_id, $dir); foreach($buff as $files) { echo $files. "<br/>"; if (ftp_get($conn_id, $destination_file."test.file", $dir."test.txt", FTP_BINARY)) { echo "<br/>Successfully written to $destination_file\n"; } else { echo "There was a problem\n"; } ?> That doesn't work. Any ideas? Thanks, Sean I have two servers: WebServer and FaxServer. WebServer needs to send a fax. Is my approach shown below fairly secure? Before sending a fax, ServerWeb needs to store a record in a table representing the message, and I am using a pseudo random value for the PK which is generated as 2147483648+mt_rand(-2147483647,2147483647). WebServer then generates a hash equal to hash('sha256',$pk.'secretCodeWhichOnlyWebServerAndFaxServerKnow'). WebServer then sends curl request to FaxServer using POST which includes $pk, the hash, the fax number, some text to include in the fax, and an optional array of document to include (array(array('id'=>321,'name')=>'fileName.pdf')). FaxServer verifies that the hash is correct given $pk, that the minimum information has been received, and that the fax number is a valid phone number, and quickly responds to WebServer by echoing 0 or 1 so the code in the WebServer could continue and inform the user. If all looks okay, a new instance of PHP is started.
if(missingInformation) {echo(0);}
else {
session_start();
$_SESSION['_xfr']=$_POST;
exec('/usr/bin/php -q /path/to/send_fax.php '.session_id().' >/dev/null &');
echo(1);
}
New instance of PHP send_fax.php then does the following:
session_id($argv[1]);//Set by parent
session_start();
$data=$_SESSION['_xfr'];
$doc_list=null;
foreach ($data['documents'] AS $doc)
{
if(ctype_alnum($doc['id']))
{
$file='/some/tmp/directory/'.$doc['id'];
if(!file_exists($file))
{
$url='http://machine.WebServer.com/index.php?task=displayDocument&id='.$doc['id'].'&x='.hash('sha256','displayDocument'.$doc['id'].'secretCodeWhichOnlyWebServerAndFaxServerKnow');
$cmd='wget -O '.$file.' '.escapeshellarg($url);
exec($cmd);
}
$doc_list.=' '.$file;
}
exit('invalid document');
}
//Send the fax...
//Send another CURL request to the WebServer similar to the wget giving the fax status.
exit;
When WebServer receives the wget request for a document, it confirms the hash and sends the document to the FaxServer using X-Sendfile.When WebServer receives the CURL request regarding status, it updates the database for the applicable message. Seem reasonably secure? |
|||||||