Recent Tutorials
Who is online?
In total there are 6 users online :: 0 Registered, 0 Hidden and 6 Guests :: 1 Bot

None

[ View the whole list ]


Most users ever online was 172 on Fri 19 Feb 2016, 05:17

[TUTORIAL] [PHPBB3] SECURITY: Block and Redirect by Country or Region

View previous topic View next topic Go down

Guest
Guest
View all awards

PostGuest on Wed 20 Apr 2016, 23:46

Title: [TUTORIAL] SECURITY: Block and Redirect by Country or Region
By: Samantha (SamanthaMelissaS)
Date: Thu. 21th April 2016

Target platforms: All (as far as I know, didn't test it)

Hi all!

I found a funny script that 'll block your site to be viewed by visitors from certain countries or regions and I wanted to share it with you guys:

The jQuery script:

Name: Whatever you want, I called mine "SECURITY: Block and Redirect by Country or Region (Index) - ON".
Placement: Index (or all pages if you want to).

Code:
<script>
jQuery.ajax( {

  url: 'http://freegeoip.net/json/',
  type: 'POST',
  dataType: 'jsonp',
  success: function(location) {
    // If the visitor is browsing from the country XYcont.
    if (location.country_code === 'XY') {
      // Redirect him to the say google.
      window.location.href = 'http://www.google.com';;
    }
  }
} );
<script>

What it does, is it checks if http://freegeoip.net/json/ exists (causing a small delay), and if it does and it meets the country_code requirement, it will redirect the request to http://www.google.com . A funny way to get rid of unwanted lurkers Laughing

Country Codes:
You can find a list of country codes here: http://dev.maxmind.com/geoip/legacy/codes/iso3166/

Example:
This example will show you how to redirect Anonymous Proxies...

Code:
<script>
jQuery.ajax( {

  url: 'http://freegeoip.net/json/',
  type: 'POST',
  dataType: 'jsonp',
  success: function(location) {
    // If the visitor is browsing from the country XYcont.
    if (location.country_code === 'A1') {
      // Redirect him to the say google.
      window.location.href = 'http://www.google.com';;
    }
  }
} );
<script>

Multiple entries:
I didn't test it yet, but I think it's possible to create multiple country code entries if you 'd replace this bit

Code:
if (location.country_code === 'XY')

with something like this:

Code:
if (location.country_code === 'XY'||'XY'||'XY')

you could have multiple countries or regions within one script.


All in all a funny little script. And it may not be fail safe, but it's fool or n00b proof anyway Smile


Have fun! Razz

*** WARNING: BE CAREFUL NOT TO BLOCK YOUR OWN COUNTRY OR REGION !!! ***


Last edited by Samantha on Sun 31 Jul 2016, 05:06; edited 1 time in total
SLGray
Valued Member
Title :
Owner of 2 Forums
Gender : Male
Age : 43
Posts : 2172
Points : 4069
Reputation : 246
Location : United States
Language : English
Browser : Browser : Mozilla Firefox Forum Version : Forum Version : Forumactif Edge
Awards :
View all awards
View user profile http://www.fmthemes.forumotion.com https://www.facebook.com/FM-Themes-655055824604957 https://twitter.com/FMThemes https://pinterest.com/FMThemes

PostSLGray on Thu 21 Apr 2016, 14:43

Where did you found this script?
Guest
Guest
View all awards

PostGuest on Thu 21 Apr 2016, 14:44

I Googled it. That's why it hasn't got my stamp on it! And for the other stuff I shared on here: I paid for it.
Guest
Guest
View all awards

PostGuest on Mon 04 Jul 2016, 14:43

EDIT: In the same way you could handle and get a grip on traffic coming from certain countries by redirecting your registration page "/register" to a custom made HTML page that tells them why they cannot register. Wink

This will probably (not tested) fix the "/register?agreed=true&step=2" (once specified in the JS) loophole as well, since once detected and from certain specific countries it 'll bounce the newbie off to your custom made HTML page (or an URL of your choice). Seems logical, don't it? Smile
SLGray
Valued Member
Title :
Owner of 2 Forums
Gender : Male
Age : 43
Posts : 2172
Points : 4069
Reputation : 246
Location : United States
Language : English
Browser : Browser : Mozilla Firefox Forum Version : Forum Version : Forumactif Edge
Awards :
View all awards
View user profile http://www.fmthemes.forumotion.com https://www.facebook.com/FM-Themes-655055824604957 https://twitter.com/FMThemes https://pinterest.com/FMThemes

PostSLGray on Wed 06 Jul 2016, 04:00

I still do not see how this could be considered an security issue.  You are blocking everyone, not just troublemakers.
Guest
Guest
View all awards

PostGuest on Wed 06 Jul 2016, 04:57

@SLGray wrote:I still do not see how this could be considered an security issue.  You are blocking everyone, not just troublemakers.

I'm not blocking everyone. How silly of you to think I'm blocking everyone. In what way do you think I'm blocking just everyone? You should be able to see the site alright (if not banned, connected from Hungary or using an anonymous proxy). People from The Netherlands, Belgium and Luxemburg are still able to sign up freely, able to log in and read & write. So tell me how. How I'm blocking 'everyone' because I'm not!

I've got a couple of scripts running alright to make it more of a challenge to register or read stuff but I'm certainly not blocking everyone, I'm sure. I could if I wanted though for instance via the ACP but I'd be shooting myself in my own foot if I did. My board's main language is Dutch and I'd like to keep it that way for most of it. And I don't like guests to be able to read the whole thread, just the last post. I know there will be talk elsewhere if they (the bad guys, former friendcodes.nl members who were causing a lot of trouble for years) were able to.

I think you don't know a thing about the history of what friendcodes.nl once was. It was hell to most of the members. That's why I agreed with the former admin upon purchasing the domain for 200 Euros, snatching it away before the others could, started my own free site on FM, relayed traffic to it and raised security making it a safe haven again to good members. I'm no monster. I'm not stupid. I just want to keep the bad guys away to protect the (former) members. And... I've been successful for over 2 years now doing so.

I'm glad I didn't sell the soul of friendcodes.nl to GoDaddy or any other of your providers because it would be very hard and costly to retrieve it again. I've been through a lot designing the current site (with help of Ange and LGforum for instance and that's why I'm here so much, to thank them still by keeping their sites alive!), but if needed I could just close my board and start another one somewhere else and send traffic to that one using the same domain name in a matter of minutes.

I've seen what can happen. I've been there before. And it will happen again if nobody is taking care of Friendcodes. Friendcodes is MY kitchen. I'M in charge and I'M in control.

So I guess we're done here and now, @SLgray . Ask your 'friends' about my scripts, not me. I never liked you and I prolly never will. I really tried but you're not my kind. That's why you got banned on my site weeks ago. You're ESF staff and that spells T.R.O.U.B.L.E. in my book (except for @BlackScorpion and @APE that is). You've been on my foes list litteraly for months on end already. I sometimes read your silly messages I admit, when it gets personal like now, but don't count on my feedback and 'affection' next time. I'm no fool yk. I carefully pick my friends and for good reasons. Please remember: 'He who controls the past controls the future. He who controls the present controls the past'. And regarding what you did to my friends on ESF... take this in account: 'All animals are equal but some animals are more equal than others', the reason I don't like FM no more.... NEPOTISM. You discarded of @Leah7 in the worst possible way. Such a shame, such a big loss, I hate you for it doing that to her. You all should be very much ashamed of yourselves @ FM. At least she's in good hands now, the poor soul. I bet @APE and / or @BlackScorpion will be next. I'll hate you guys for it 4ever if you do. So... Byes now! Hello
SLGray
Valued Member
Title :
Owner of 2 Forums
Gender : Male
Age : 43
Posts : 2172
Points : 4069
Reputation : 246
Location : United States
Language : English
Browser : Browser : Mozilla Firefox Forum Version : Forum Version : Forumactif Edge
Awards :
View all awards
View user profile http://www.fmthemes.forumotion.com https://www.facebook.com/FM-Themes-655055824604957 https://twitter.com/FMThemes https://pinterest.com/FMThemes

PostSLGray on Thu 07 Jul 2016, 02:57

But you say in your first post block a whole country or region, is that not everyone in that country and region?
Guest
Guest
View all awards

PostGuest on Fri 15 Jul 2016, 01:23

@SLGray wrote:But you say in your first post block a whole country or region, is that not everyone in that country and region?

All the IPs that originate from them would be redirected, yeah. Including your own, if you're not careful Razz

View previous topic View next topic Back to top

Create an account or log in to leave a reply

You need to be a member in order to leave a reply.

Create an account

Join our community by creating a new account. It's easy!


Create a new account

Log in

Already have an account? No problem, log in here.


Log in

 
Permissions in this forum:
You cannot reply to topics in this forum