一、最常用的方法(代码中限制)
1、如何限制IP
function get_new_ip(){
if(getenv('HTTP_CLIENT_IP')) {
$onlineip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR')) {
$onlineip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR')) {
$onlineip = getenv('REMOTE_ADDR');
} else {
$onlineip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
}
return $onlineip;
}
$onlineip = get_new_ip();
$wip = ['127.0.0.1'];
if(!in_array($onlineip, $wip)){
header("HTTP/1.1 404 Not Found");
header("Status: 404 Not Found");
exit;
}
2、进行密码验证
///////////////// Password protect ////////////////////////////////////////////////////////////////
define('ADMIN_USERNAME','test'); // Admin Username
define('ADMIN_PASSWORD','test'); // Admin Password
if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) ||
$_SERVER['PHP_AUTH_USER'] != ADMIN_USERNAME || $_SERVER['PHP_AUTH_PW'] != ADMIN_PASSWORD) {
Header("WWW-Authenticate: Basic realm=\"discuz Login\"");
Header("HTTP/1.0 401 Unauthorized");
echo <<
Rejected!
Wrong Username or Password!
