[PHP]/////////////////////////////////////////////////////////////////
// R00TSECURITY.ORG - YOUR SECURITY COMMUNITY
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
// [2008-07-15] PHP Based DoS Blocker
// https://r00tsecurity.org/db/code/135
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
// GENERATED ON: 2008-08-18 | 19:34:43
/////////////////////////////////////////////////////////////////


CODE INFO
Save this as any file name, require_once() this script into every page. Add blacklisted IP's to a file called 'black.list'. Now DoS attacks don't take up the bandwidth to display each page, only the text to display they have been blocked.

SOURCE CODE
<?php
define ('BLACKLIST','black.list');

$list=file(BLACKLIST);

foreach ($list as $addr) {
$addr=trim($addr);
$host_addr=$_SERVER['REMOTE_ADDR'];

// Semplice indirizzo IP
if ($host_addr==$addr)
die ("Your IP is {$addr} and you're not allowed to view this page\n");

// Subnet di classe C
else if (preg_match('/(\d+\.\d+\.\d+)\.0\/24/',$addr,$sub)) {
$subnet=trim($sub[1]);

if (preg_match("/^{$subnet}/",$host_addr))
die ("Your IP is {$host_addr} and you're not allowed to view this page\n");
}

// Subnet di classe B
else if (preg_match('/(\d+\.\d+)\.0\.0\/16/',$addr,$sub)) {
$subnet=trim($sub[1]);

if (preg_match("/^{$subnet}/",$host_addr))
die ("Your IP is {$host_addr} and you're not allowed to view this page\n");
}

// Subnet di classe A
else if (preg_match('/(\d+)\.0\.0\.0\/8/',$addr,$sub)) {
$subnet=trim($sub[1]);

if (preg_match("/^{$subnet}/",$host_addr))
die ("Your IP is {$host_addr} and you're not allowed to view this page\n");
}
}
?>

// https://r00tsecurity.org/db/code/135[/PHP]