Guides

How To Block Bots Using Udger (PHP Included)

By August 29, 2019 No Comments

I think it’s fair to see we have all seen our fair share of bot traffic. Constant scraping, hotlinking images and generally causing a nusense on our websites. Well today i wanted to share a way to block these pesky bots quickly and simply.

It comes in a form of an online service called Udger. Udger is a subscription based service that collects statistical data on traffic and has been operating since 2005.

Udger is relatively unknown but they have some of the best data online relating to bot statics.

Whats great about Udger is that they provide a local parser and a cloud parser along with plenty of documentation to integrate it into what ever system you are using. Today i’m going to share with you some PHP code that i developed in order to stop a large percentage of bots from visiting your website.

$accesskey = "YOUR API KEY";
$url = "https://api.udger.com/v3/parse";
$ip = getUserIpAddr(); $res = file_get_contents($url . "?accesskey=" . $accesskey . "&ip=" . urlencode($ip)); $character = json_decode($res); 
$checkip = $character->ip_address->ip_classification_code; 
if (strpos($checkip, 'unrecognized') !== false) { return; 
} else { $file = "badips.txt"; 
$f = fopen($file, 'a+'); 
fwrite($f, $_SERVER['REMOTE_ADDR'] . "\n"); 
fclose($f); 
$homepage = file_get_contents('file.html'); 
print_r($homepage); 
}
}
function getUserIpAddr(){ if(!empty($_SERVER['HTTP_CLIENT_IP'])){ $rip = $_SERVER['HTTP_CLIENT_IP']; 
}
elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){ $rip = $_SERVER['HTTP_X_FORWARDED_FOR']; 
}
else{ $rip = $_SERVER['REMOTE_ADDR']; 
}
return $rip; 
}

Let me break this down.

$accesskey = "YOUR API KEY";
$url = "https://api.udger.com/v3/parse";
$ip = getUserIpAddr();

Here you enter your unique API key once you sign up to a plan. This also includes the URL for thier cloud parser and a call to the function “getUserIpAddr” to obtain the real IP of the visitor.

$res = file_get_contents($url . "?accesskey=" . $accesskey . "&ip=" . urlencode($ip));
$character = json_decode($res);
$checkip = $character->ip_address->ip_classification_code;

This code parsers the access key and the IP to Udger servers to get a JSON response. Here we also decode the response to get a value for the visitor.

if (strpos($checkip, 'unrecognized') !== false) {
return; 

What we want is to check if the IP is known in which case it most likely be some traffic you don’t want on the site. By checking ” unrecognized ” we are focusing on traffic Udger has no recorded of IE human visitors. If ” unrecognized ” is detect it will return the normal page to the visitor.

} else {
$file = "badips.txt";
$f = fopen($file, 'a+');
fwrite($f, $_SERVER['REMOTE_ADDR'] . "\n");
fclose($f);
$homepage = file_get_contents('file.html');
print_r($homepage);
    }
}

This code will log any visitor that doesn’t have the IP classification as ” unrecognized ” for further analysis but the chances are pretty high that this is traffic you dont want on the site.

If you have any suggestions on how to improve this script please comment below, also if you try and use this script please let me know how to get on. I’d love to hear your finding.