• StarkRDP is the best RDP Provider | Windows Server & Linux | Unlimited Bandwidth | Dedicated IP | Reliable Service

  • HOW TO EARN CREDITS , LOCK THREAD WITH CREDITS, HIDE THREAD!

PHP Script PHP script to block bot visitors, data scraping, or any malicious activities.

E

eadystec

New member
Register
LV
0
 
Joined
Jan 2, 2024
Reputation
0
Reaction score
0
Points
1
Credits
15
Hi everyone, i want to share a PHP script that can bot bot visitors and also can be used for anti-spam and web application firewall (WAF).
This source code use an API from Moonito (https://moonito.net). Moonito is a comprehensive platform designed to offer powerful website analytics while simultaneously providing robust protection against unwanted and malicious activities.

This is the source code, you can use this for protection your website or any PHP applications.
PHP: 
<?php

/**
 * Configuration
 */
$apiPublicKey = 'Your API Public Key'; // Replace with your API Public Key
$apiSecretKey = 'Your API Secret Key'; // Replace with your API Secret Key

/**
 * Client IP Address Retrieval
 * If Cloudflare header is present, use it as the client's IP address
 */
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}

$clientIp = filter_var($_SERVER['HTTP_CLIENT_IP'] ?? $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP) ?? '';

/**
 * Analytics API Request
 */

// Initialize cURL session
$curl = curl_init();

// Set cURL options
curl_setopt_array($curl, [
  CURLOPT_URL => 'https://moonito.net/api/v1/analytics?' . http_build_query([
    'ip' => $clientIp,
    'ua' => urlencode($_SERVER['HTTP_USER_AGENT']),
    'events' => urlencode($_SERVER['REQUEST_URI']),
    'domain' => strtolower($_SERVER['HTTP_HOST']),
  ]),
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'GET',
  CURLOPT_HTTPHEADER => [
    'User-Agent: Mozilla/5.0 (Linux; Android 13; SM-G991U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36',
    'X-Public-Key: ' . $apiPublicKey,
    'X-Secret-Key: ' . $apiSecretKey,
  ],
]);

// Execute cURL request
$response = curl_exec($curl);

// Close cURL session
curl_close($curl);

// Decode JSON response
$response = json_decode($response);

// Process $response as needed
if ($response['data']['status']['need_to_block'] ?? false) {
  // Perform an action when the visitor is detected as "need_to_block"
  // For example, return 403 Forbidden
  http_response_code(403);
  exit(); // Ensure script execution stops after sending the HTTP response
}
 
You must log in or register to reply here.
Top