function system_check_should_ban_ip
Search API
| 7.x system.module | system_check_should_ban_ip() |
This is called by theme.inc's functions display_not_found and display_access_denied.
We want to see if we should ban this visitor's IP address for racking up too many page_not_found's or access_denied
4 calls to system_check_should_ban_ip()
- cron.php in ./
cron.php - The cron.php file for FlightPath, which should be run periodically.
- display_access_denied in includes/
theme.inc - display_not_found in includes/
theme.inc - theme.inc in includes/
theme.inc
File
- modules/
system/ system.module, line 836
Code
function system_check_should_ban_ip() {
global $user;
$ip = $_SERVER ["REMOTE_ADDR"] '';
if (empty($ip)) {
return FALSE;
}
// Criteria: user is anonymous, and has had more than X "not found" or "access denied" attempts within Y minutes.
if (intval($user->id 0) === 0) {
// check if autoban is enabled
if (variable_get('system_enable_autoban_ip', TRUE) == FALSE) {
return;
}
$max_allowed = 7; // TODO: a setting?
$seconds = 2; // TODO: a setting?
// Perform simple query on watchdog table
$count = db_result(db_query("SELECT count(wid) as mycount FROM watchdog
WHERE user_id = 0
AND ip = ?
AND `type` IN ('page_not_found', 'access_denied')
AND `timestamp` > ?",
array($ip, strtotime("NOW - $seconds SECONDS"))));
/*
// We also want to see if they did
$safecount = db_result(db_query("SELECT count(wid) as mycount FROM watchdog
WHERE user_id = 0
AND ip = ?
AND `type` NOT IN ('page_not_found', 'access_denied')
AND `timestamp` > ?",
array($ip, strtotime("NOW - $seconds SECONDS"))));
if ($safecount) {
if (intval($safecount) > 0) return;
}
*/
if ($count) {
$count = intval($count);
if ($count >= $max_allowed) {
// Yes, we should ban them.
system_ban_ip($ip, "Exceeded $max_allowed forbidden events in the past $seconds seconds.");
sleep(2); // Force their browser or script or whatever to sleep for 2 seconds.
}
}
}
}