I tried to block the firefox users on my faucet (faucetbox) and well, no success..
only blocking a laarge number of ASN worked against bots..
is it working for you?
ASN blocking is much better than blocking the browser or using .htaccess, but we need to find a codes or scripts that will fit in to Gifted's Xapo faucet script.
Steal the php code from the faucetinabox script
Send a PM to the FaucetBox owner asking if you can do it.. however I think it's free for all
http://nastyhosts.com/I think that's the php code and you'll need to create 3,4 sql tables
$security_settings = array();
$nastyhosts_enabled = $sql->query("SELECT `value` FROM `Faucetinabox_Settings` WHERE `name` = 'nastyhosts_enabled' ")->fetch();
if ($nastyhosts_enabled && $nastyhosts_enabled[0]) {
$security_settings["ip_check_server"] = getNastyHostsServer();
} else {
$security_settings["ip_check_server"] = "";
}
$q = $sql->query("SELECT `name`, `value` FROM `Faucetinabox_Settings` WHERE `name` in ('ip_ban_list', 'hostname_ban_list', 'address_ban_list', 'asn_ban_list', 'country_ban_list')");
while($row = $q->fetch()) {
if(stripos($row["name"], "_list") !== false) {
$security_settings[$row["name"]] = array();
if(preg_match_all("/[^,;\s]+/", $row["value"], $matches)) {
foreach($matches[0] as $m) {
$security_settings[$row["name"]][] = $m;
}
}
} else {
$security_settings[$row["name"]] = $row["value"];
}
}
if($_SERVER["REQUEST_METHOD"] == "POST") {
if($security_settings["ip_check_server"]) {
if(!preg_match("#/$#", $security_settings["ip_check_server"])) {
$security_settings["ip_check_server"] .= "/";
}
}
// banning
$ip = ip2long(getIP());
if($ip) { // only ipv4 supported here
foreach($security_settings["ip_ban_list"] as $ban) {
if(ipSubnetCheck($ip, $ban)) {
banned();
}
}
}
if($security_settings["ip_check_server"]) {
$hostnames = @file_get_contents($security_settings["ip_check_server"].getIP());
$hostnames = json_decode($hostnames);
if($hostnames && property_exists($hostnames, "status") && $hostnames->status == 200) {
if(property_exists($hostnames, 'suggestion') && $hostnames->suggestion == "deny") {
banned();
}
if (property_exists($hostnames, "asn") && property_exists($hostnames->asn, "asn")) {
foreach ($security_settings["asn_ban_list"] as $ban) {
if ($ban == $hostnames->asn->asn) {
banned();
}
}
}
if (property_exists($hostnames, "country") && property_exists($hostnames->country, "code")) {
foreach ($security_settings["country_ban_list"] as $ban) {
if ($ban == $hostnames->country->code) {
banned();
}
}
}
if(property_exists($hostnames, 'hostnames')) {
foreach($security_settings["hostname_ban_list"] as $ban) {
foreach($hostnames->hostnames as $hostname) {
if(stripos($hostname, $ban) !== false) {
banned();
}
}
}
}
}
}
$fake_address_input_used = false;
if(!empty($_POST["address"])) {
$fake_address_input_used = true;
}
}
}
For example if you ban the ASN of QuadraNet, you will block this big list of IP ranges..
https://www.enjen.net/asn-blocklist/index.php?asn=8100&type=iplisteasy to block
