Menu
In some of our systems we have a blocklist of IP address which stops certain IP's viewing the website. Currently the PHP just issues text saying your ip address has been blocked blah blah blah.
HOWEVER
I have come across the HTTP Error Code 403 and to be more exact error code 403.6 (http://en.wikipedia.org/wiki/HTTP_403) which I think would be better than just text.
But i read somewhere that the .6 is only for windows or something along those lines??
Can I send a 403.6 header through PHP from my LAMP servers and would this be better practice than just sending "you've been blocked text"?
908
Send a simple 403 as it's the correct code for forbidden and then send a custom textual message so your users understand what's going on.
Sample php code bellow.
<?php
header("HTTP/1.0 403 Forbidden");
?>
<h1>Access Forbidden!</h1>
You have been banned from seeing our site because xx and you will
xx etc ...
If certain IP addresses have been blocked because they are blacklisted, then it is allright to return a simple 404 "Not Found" HTTP status, especially for addresses that have been marked as 'malicious'.
Don't give them any information they can use. Just say 'nothing to see here' instead of 'here is something you are not allowed to see'.
In any case, always try to provide information on a need-to-know basis.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
