HoneyPot using JavaScript

<form ... >
<noscript>
<input type="hidden" name="nojs" id="nojs" />
</noscript>
...
</form>
<?php
if (isset($_REQUEST['nojs'])) {
// It is a BOT
}
?>
Advertisements

Upgrade PHP 5.6 to PHP 7 on CentOS7 (VestaCP)

https://rpms.remirepo.net/wizard/

CentOS 7:
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm

yum install yum-utils
For PHP 7.2: yum-config-manager –enable remi-php72
For PHP 7.3: yum-config-manager –enable remi-php73
yum update -y

PHP getRealIpAddress Function

HTTP_X_FORWARDED_FOR can have multiple IPs like 1.1.1.1, 2.2.2.2

function getRealIpAddr()  
{  
    if (!empty($_SERVER['HTTP_CLIENT_IP']))  
    {  
        $ip=$_SERVER['HTTP_CLIENT_IP'];  
    }  
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
     
    {  
        $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];  
    }  
    else  
    {  
        $ip=$_SERVER['REMOTE_ADDR'];  
    }  
    return $ip;  
}

Get User IP using PHP

 $client  = $_SERVER['HTTP_CLIENT_IP'];
 $forward = $_SERVER['HTTP_X_FORWARDED_FOR'];
 $remote  = $_SERVER['REMOTE_ADDR'];

What is the difference between HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR? – it is impossible to say. Different proxies may implement these, or may not. The implementations may vary from one proxy to the next, and they may not. A lack of a standard breeds question marks.
If more than one proxy was involved – the X-Forwarded-For: header might then contain a complete track of the forwarding chain, whereas the Client-IP: header would contain the actual client IP. This is pure speculation, however.