I want to create a php script which blocks a user and not a whole network(modem). I know i can get the IP from the modem, but how can my server differentiate the user behind the modem? Is there a possible solution?
Asked
Active
Viewed 1,106 times
4
-
2There is no way just to block one user. You could block the combination of user agent and ip, but the user could change the browser. A hacker could cange his user agent as well so far almost not possible. – rekire Feb 27 '13 at 16:05
-
Maybe you are looking for something like 'Mac Address', [Check this out](http://stackoverflow.com/questions/1420381/how-can-i-get-the-mac-and-the-ip-address-of-a-connected-client-in-php) – Silent Byte Feb 27 '13 at 16:05
-
5@Silent Except that the MAC address is typically not usable, as the answer you link to states. – deceze Feb 27 '13 at 16:06
-
1Permanent, per-user block *are* possible, but you have to know how to hide a body. – Sammitch Feb 27 '13 at 16:09
2 Answers
5
There is no way just to block one user: You could block the combination of user agent and IP address, but the user could change the browser. A hacker could change his user agent as well so far almost not possible.
Things you could try (but they may fail):
- Block the combination of User-Agent and IP
- Set a block cookie
- Set a block entry in the local storage
- Create a fingerprint based e.g. on the installed plugins or fonts
rekire
- 45,039
- 29
- 149
- 249
-
See for an example of fingerprinting https://panopticlick.eff.org/ – Marcel Korpel Feb 27 '13 at 16:14
1
When user is clever enough to know how to clean cookies, it's not possible to do what you want without blocking IP.
Serge Kuharev
- 1,012
- 6
- 15
-
There are more ways to track a user, but you are right that tracks can be errased. – rekire Feb 27 '13 at 16:07
-
Yes, I understand that there is a clever ways like browser+ip, but the idea was that users can overcome all that. – Serge Kuharev Feb 27 '13 at 16:08