Suppose I wanted to ban a specific IP address from accessing the whole domain name (+ all included subdomains). At first I began with the following snippet to add the following lines to the .htaccess file:
$info = 'Order Deny,Allow
Deny from' . IPtoBlock();
if (getIP()){
$htaccess = fopen('.htaccess', 'r+');
fwrite($htaccess, $info);
fclose($htaccess);
}
But is it more relevant to redirect the user to something else? After all, he is still capable of making a request towards the server despite the immediate redirect.
$deny = array('192.168.1.0', '192.168.1.1', '192.168.1.2');
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
header("location: http://www.google.com/");
}
or simply kill the page?
$deny = array('192.168.1.0', '192.168.1.1', '192.168.1.2');
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
die('Access restricted');
}
What is the best approach towards this issue?