Thread: Restricting Access to Site with CGI

  1. #1

    Restricting Access to Site with CGI

    You all know me, but I'd thought I better remain anonymous on this one.

    I have a problem with one individual accessing my website and I would like to stop him based on his IP address.

    Any ideas on how can improve what I've done:

    I have set up a dummy index.htm file, which does little except call the following script using:

    <META HTTP-EQUIV="refresh"

    where counter.cgi is a perl script which returns garbage for my foe and the address of the main page for everyone else.

    Ideally I would like to restrict every page without causing problems to any other user. Nor do I want to restrict search engine crawling.

    Any suggestions?

  2. #2
    Super Moderator
    Join Date
    Sep 2001
    I know there is an environment variable or something like that conatins the value of the IP address. I'll try find it and let you know, or it shouldn't be too hard to find. You just insert a line comparing that value to the value of the IP address of this person. If they are different, use whatever STDOUT function there is (depending on what language your script will be in), and print the correct page. If they match, print a page thats... you know... insulting. Using IP addresses would be the best option, but remember he can always just use a different computer. You could, of course, hire some sort of web design company... or a hitman. I have low rates for both.

  3. #3
    Super Moderator
    Join Date
    Sep 2001
    The environment variable, I believe, is REMOTE_ADDR. Be sure to have that section of your script on every page, as they could type in the full URL and bypass your main page(s). Hope this helps!

    P.S. (It's not me is it?)
    Last edited by sean; 07-04-2003 at 02:35 PM.

  4. #4
    Thanks for the repies.

    >The environment variable, I believe, is REMOTE_ADDR.

    Hi Sean. Thanks but I had got that far. My script works, but it's only effective on the index page & relies on auto refresh to return a dynamic link. I need a way for a web page to execute a CGI script, but act conditionally - then I could put it on every page.

    >P.S. (It's not me is it?)
    It's no one who posts here. May be a lurker though.

    >Just put the offending IP into the hosts.deny file?
    Sounds promising, but where do I find it? I have webspace, with a cgi-bin directory. Not aware of anything else. Also heard about a thing called htAccess, but again I don't know whether my web space supports it.

  5. #5
    Crazy Fool Perspective's Avatar
    Join Date
    Jan 2003
    many ISP's use dynamic IP addresses. do you know for sure that this person doesnt have a dynamic IP? (ie. blocking one IP will do no good)

  6. #6
    Super Moderator
    Join Date
    Sep 2001
    I'm still thinking hitman.

    Anyway, you could just make one script, then have every link run that script, but give it a parameter specifiying a certain page. The CGI script picks up that parameter and then uses conditionals to decide which page to print?

  7. #7
    You need to know what web server software your running under.

    Maybe you can use a .htaccess file (or deny file like already suggested).

  8. #8
    Registered User zahid's Avatar
    Join Date
    Aug 2001
    //A function to check if the accessing host have permission to access the page.
    struct IP_STAMP{
    char            address[16];
    long int        time_stamp;
    int             count;
    int allow_http_access(char *deny_hostfile, char *allow_hostfile,char *failed_hostfile, struct IP_STAMP *ip_stamp)
    char *lenstr;
    long len;
    char input[1024];
    char data[1024];
    char string[1024];
    char ipaddress[16];
    char hostaddress[1024];
    int i, j;
    lenstr = getenv("REMOTE_ADDR");                 /* OS GLOBAL Variable environment */
    if(lenstr == NULL || sscanf(lenstr,"%ld",&len)!=1 || len > 1024)
            return 0;
                    /* fgets(input, len+1, stdin); Getting error ?? BUG: Solved but not understood*/
                                            /* 19 January, 2003 */
    for(i=0; i < 16 && *lenstr!='\0'; i++, lenstr++)
    lenstr = getenv("REMOTE_HOST");                 /* Environment 4 REMOTE_HOST */
    if(lenstr != NULL && sscanf(lenstr,"%ld",&len)==1 && len < 1024)
    for(i=0; i < 1024 && *lenstr!='\0'; i++, lenstr++)
    printf("<center><font face=\"Verdana\" size=\"1\">IP Address Stamp: %s %s</font><br></center>", ipaddress, hostaddress);
            //return find_string_infile(hostfile, ipaddress);
    strcpy(ip_stamp->address, ipaddress);
    if(!find_ip_infile(deny_hostfile, ipaddress))
            return 1;
    if(find_ip_infile(allow_hostfile, ipaddress))
            return 2;
    if(find_ip_failedlist(failed_hostfile, ipaddress, ip_stamp))
            return 1;
    return 0;
    //Your CGI application
    int main()
    if(allow_http_access(DENY_HOSTIP_FILE, ALLOWED_HOSTIP_FILE,
    FAILED_HOSTIP_FILE, &ip_stamp) ) {
    printf("<center> <font color=\"#FF0000\"> Opps.. Sorry!!!! You don't have permission to access this page.</font><br>");
    return 1;
    I guess the above code will help you to understant more. Sorry.. did not put enough comments... If anything not clear, put your questions.
    [ Never code before desk work ]
    A man who fears Nothing is the man who Loves Nothing
    If you Love Nothing, what joy is there in your life.
    =------------------------------------------------------= - I may be wrong.

  9. #9
    >do you know for sure that this person doesnt have a dynamic IP?

    Mmm. That would be a problem. I'm beginning to suspect that it is dynamic.

    >Anyway, you could just make one script, then have every link run that script, but give it a parameter specifiying a certain page

    That was my original thought, but it would screw some other things up. And I don't really want to go to the effort of designing my website around one man. He's a pain, yes, but not catastrophic.

    Thanks for your help. It's been an interesting challenge in any case.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Getting HTTP status of a site in C under Linux
    By anti4kd in forum C++ Programming
    Replies: 3
    Last Post: 01-03-2009, 01:56 PM
  2. testing a cgi script on my computer
    By Bigbio2002 in forum C Programming
    Replies: 1
    Last Post: 12-14-2003, 07:26 PM
  3. CGI Mailing
    By sean in forum A Brief History of
    Replies: 2
    Last Post: 04-14-2003, 09:56 PM
  4. Replies: 0
    Last Post: 09-14-2001, 01:46 AM