Hello, I have a general question about ban. I have 2 codes that are PHP and it’s for banning. One is automatic, this ban will ban bots. When they enter into my website. They signup and use all the fields even the hidden ones. One of the hidden field is honey pot and in PHP, I check the honey pot field if it was entered, if so then automatically add that IP Address to the banned records and redirect them to an unknown website. Also, it sends me an email saying that there has been a bot detected.
The second one is manually, when the user breaks a rule in my Terms Of Service, I go to their profile and ban their account plus I add an IP Ban.
These 2 codes work fine, but as you all may know, banning IP Address has no use for a person. They can simply change their IP Address by using a VPN or by turning off their modem for 6 hours and turning it back on or by changing ISP.
My real general question is, is there a way to ban someone’s computer using PHP rather than banning their IP Address?
Afraid there is not much you can do.
You could set a cookie but they can easily be deleted.
All you have to work with are server variables.
put this in a PHP file and that is pretty much all you have to work with.
echo'<pre>'; print_r($_SERVER); echo '</pre>';
Thanks for letting me know. It’s sad that I thought PHP could do such a thing. I’ve seen several websites that don’t allow access via device.
I’ve signed up 3 times and they limit only 3 signups per day. So I took my laptop to my school and tried their wifi. When I tried to sign up, it said that the laptop had already signed up 3 times in one day already. So I thought they limit IP Address and devices.
I was going to implement this in my website if it was actually possible.
Have you tried creating accounts at school using a different browser? I’m guess they are using a cookie to track you.
This is not really a PHP specific thing.
I guess thats why so many websites require email authentication these days. Sure a bot can check an email address but it is often less intelligent about entering codes on to another form to verify. I mean if the verification isn’t simply a matter of visiting an url