Home/ Questions/Q 5954339
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T17:57:25+00:00

<?php if($_SERVER[‘REMOTE_ADDR’] != ‘xx.xx.xx.xx’) { header(Location: http://google.com); } ?> Is this a good way

  • 0
<?php if($_SERVER['REMOTE_ADDR'] != 'xx.xx.xx.xx') { 
header("Location: http://google.com");
} ?>

Is this a good way to block certain IP addresses from accessing some folders on my windows server ?

Or it can be intercepted with proxy softwares like webscarab and the originating IP address could be modified to bypass this ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It can bypassed with any proxy with has a different IP address to the one you are blocking. You could check X-Forwarded-For (dig it out with apache_request_headers() if you are using Apache), but this is much easier to spoof if you give it precedence over $_SERVER['REMOTE_ADDR'].

    Also, I could ignore your Location header. Put an exit after it as well.

    • 0