toucheatout 2008-02-29 04:23 Web
This code is designed to prevent execution of some script ('say /maintenance.php), that has to be run from a remote host or from the host itself. The snippet is to be put at the beginning of the script.
if ($_SERVER['REMOTE_ADDR'] != '1.2.3.4' || $_SERVER['REMOTE_ADDR'] != '127.0.0.1') { header('Location: /');exit(); }
Note:
- The exit() is not necessary, it is just paranoia :)
- To avoid letting know the script is protected, optionnally replace the location() by a sleep() with a value suiting your expected time (and including random to be a self-respecting parano).
- Alternatively, use a
system('echo security violation: ' . $_SERVER['REMOTE_ADDR'] . ', ' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . ' >> /tmp/bofh_file') ;
exit('This is very a very serious security offense. You have been logged and be sued to your socks :) - friendly yours - bofh');
not forgetting to add on top
if($_SERVER['REMOTE_ADDR'] == 'bo.s.s.IP') {exit();}