Often times in the web development world we need to detect a users IP address and in some cases block them from performing a particular action over a certain duration. For example I built an online donation application a while back and after it had been live for only a matter of days we noticed a huge spike in activity/submissions and after doing a bit of digging we discovered that people were using the form as a method for validating stolen credit card numbers. They would attempt to donate $1.00 using a variety of credit card numbers they had available to them and if the transaction was processed successfully the hacker knew that they had a valid credit card number and CCV. Obviously this was a problem so I figured the least intrusive way to solve it would be to add some IP filtering so that if a user tried to submit multiple donations in less than 8 hours we would block them. I have had this in place for about a year now and after implementing it hack attempts ceased almost entirely. The attempts that were made got blocked and the hacker(s) presumably moved on. The snippet below can be used in a number of ways ranging from every time a user accesses a page to (the more likely case) when a user submits a form and $_POST data hits the server. Again it is fairly generic and can be used in a large variety of ways. In this example the script just die()'s (w/ an error message) when the block condition is satisfied but in production you would obviously want to catch and handle this error a bit more gracefully.