I am trying to implement a bruteforce check on a loginpage. It logs the logins from a certain ip. If there are more than 10 it will stop saving the logins in the database and will set the $nopage variable to 1.

$res_check_bruteforce=$teste->query("select count(id),max(time) from bruteforce where ip='$ip'");
echo $teste->error;

Then, before echoing the login page code, i put a check:

if($nopage)header("HTTP/1.1 503 Service Temporarily Unavailable");
else .... output login page

The redirect works but the page is blank. The source of the page is blank too. What I am doing wrong?

Since "header()" doesn't provide any output (at least not to my knowledge), the only way I can see this working for you is to use cookies.

Redirect with a variable in the URL, for example:

$cname = "nopage";
$cvalue = "";
$cexpire = time()+3600; // 1 hour
$cpath = "";
$cdomain = "yourdomain.com";
$csecure = "false";
$chttponly = "true";

if(isset($_GET['$cname']) {
    //Check for existing cookie...
    if(!isset($_COOKIE['$cname']) {
        setcookie($cname, $cvalue, $cexpire, $cpath, $cdomain, $csecure, $chttponly);
    else {
        $cvalue = $_COOKIE['$cname'] + 1
        setcookie($cname, $cvalue, $cexpire, $cpath, $cdomain, $csecure, $chttponly);

if($_COOKIE['$cname'] >= 10) {
    header("Location: /503.php");

// Else: display the page

Something like that should do what you need.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.20 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.