Simple URL Filtering Script
This php script will simply allow you to filter any request to your page by its Query String. You can even track people who has accessed that forbidden request. They usualy request it for finding out any sql injection or xss vulnerability on the page.
By adding the log script you can have their activity recorded on your host. You can also add more info to the log, just modify it if you want
Here’s the script…
-
<?php
/* Copyright (C) 2009 crazydavinci.net */
/* Simple URL Filter + Activity Logger */function jebak($url){
?>
<body bgcolor="black" text="red">
<h1 align="center">HEY DUDE, WHAT THE HELL ARE U DOING HERE ?!<br>
You Activity Has Been Logged !!! Thanks For Trying…</h1>
</body>
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$date=date("d/M/y g:i:s a");
$file= fopen('log.txt', 'a');
fwrite($file, "\r\nURI : $url – $date – IP : $ip\r\n");
fclose($file);
die();
}
$ref=strtolower($_SERVER['QUERY_STRING']);
$filter=array('http://','select','order','=-','null','%3c','%3e','from','–','/*','+','t;','');
for($i=0; $i<count($filter); $i++)
{
if(strstr($ref,$filter[$i]))jebak($ref);
}?>
Put it on the first line of your php so it will be evaluated first, before loading the real content of the page. Try out the sample page here…
You can see that the character open and close tag for the html is filtered by the script, you can add or remove the filter entries by modifying the array variable ($filter)
To have the log file, make sure you create the log.txt file on the same directory and make it writeable…
Here’s what you will see on the log file :
- URI : paged=%3chtml%3etest%3c/html%3e – 07/Apr/09 9:07:53 am – IP : xxx.xxx.xxx.xxx












January 19th, 2011 at 6:19 am
@R_Die
ini memang script php bro,
source code di atas save dulu misal filter.php
kemudian di bagian paling atas misal header.php atau index.php tergantung web aplikasinya masukan filter.phpnya pk include atau require ex : require(’./filter.php’);
June 22nd, 2011 at 10:38 am
om joy kalo misal buat di wordpress di taro dimana? di header.php apa index.php om..??? please om pencerahannya
June 30th, 2011 at 7:00 pm
@blackshell
di baris awal index.php atao d wp-blog-header.php bro..