Abusive User Violating Bans

Discussion in 'Members & Staff' started by hovercrafter, Mar 23, 2006.

  1. hovercrafter

    hovercrafter Participant

    60
    6
    +0
    We have had a problem on our forum lately and thought some of the knowledgeable input here might help us out. We banned a member last month for harassing members. On Monday, the user came back on with a new screen name and email and started up again. We banned them again. Today - same thing - they came back on and started up again.

    We are running PHPBB. The problem is this user is using AOL so we can not ban the IP as that would affect numerous users. I emailed tosgeneral@aol.com and tosreport@aol.com on Monday and again tonight (after they returned).

    Has anyone else had this problem (LOL OK I can bet they have) and if so how did you best handle it?

    TIA for any information.
     
    1
  2. Desert Dancer

    Desert Dancer Enthusiast

    176
    0
    +0
    Hello,

    I recently had this problem on my site worldandme.net too!
    All you can do is to activate email account activation and ban them patiently again tillĀ“the troll gives up...

    DD
     
  3. cj1973

    cj1973 Half Wit with Attitude

    232
    46
    +0
    We automatically put all new members into a mod queue, which means their first posts are read and manually approved by moderators for a period before they appear live. This isn't ideal obviously, especially on busier forums but the concept was forced on us by a minority of users, doing exactly the same thing as you are experiencing now!. We do point out the reason why this is done in an automatic PM welcoming new members, and most appreciate that we get less spam and trolls because of it.

    Eventually they figure out even when they re-register and that they have to start again from scratch and that their abusive messages never appear so they are wasting their time.

    But depending on how busy your forum is, it may not be practical.
     
  4. Leilani

    Leilani Fan

    746
    325
    +2
    We have the same problem with three "boomerang trolls" at one particular forum. All we can do is ban on sight and delete their posts. One of the trolls seems to have given up after creating about 30 accounts, and we're hoping the others will follow suit.
     
  5. PalePhoenix

    PalePhoenix Prince of Dorkness

    11,988
    650
    +29
    Because WordPress is more of an article system than a forum, I'm not sure if you have to do more server-side work than someone who has a traditional boardware version, with settings for IP and email bans. It sounds as if you've already got a handle on that, but can't block a dynamic IP. Do you already get so much traffic from AOHell that you can't--say, for two weeks--ban a partial netblock range with a wildcard?

    What I'm saying is, if you've got a list of the IPs this person has used, and tried to ban "172.160.* through 172.177.*" for a brief period, then he (or she) might be put off for enough time to go elsewhere. You might conceivably be catching what, one or two other users, if any? Emailing AOL seldom gets a response, and when it does, it's never their problem or their fault.

    Your other (or added) solution is to take the bull by the horns. What does this person want? Why is he or she plaguing your site? It couldn't be just because you've misspelled 'Halliburton,' could it?
     
  6. Sculli

    Sculli Custom User Title

    648
    0
    +0
    This happened a couple times on my board. I just banned the entire IP range and the well known anon proxy IPs I was aware of (such as anonymizer.com), and did not loose any sleep over it. Solved the problem instantly.

    Sure, banning an IP range, especially AOL, can lock out some current users, or prevent some new one's from registering. So what though. The current ones will contact you if there is a problem, and the new ones would likely as well just out of curiosity as to why they get an "IP banned" message even though they haven't done anything yet.

    About once a year I purge all banned IPs and start over. Works well for my board, might not work for others.
     
  7. cj1973

    cj1973 Half Wit with Attitude

    232
    46
    +0
    Most of our account validation emails get lost in AOL's over zealous spam filters, so there is a more than average chance that an AOL user wouldn't be able to complete our registration process anyway :dizzy:
     
  8. hovercrafter

    hovercrafter Participant

    60
    6
    +0
    Thanks for the advice. Actually the forum is operating on PHPBB. I did come up with a small solution today that anyone who joins with an AOL IP can not post until they are approved by an admin instead of the normal activate themselves via email.

    We are not that big of a forum so the ip ban was not an option. We didn't feel it fair to cause an inconvenience to members who are a great value to our community because of the actions of one person.

    I actually talked to someone else at AOL today and they are going to investigate. I also ran it through my attorney today who specializes in internet related stuff (since I own an IT business). He said to give AOL until next week and if the problem continues he will contact them. Actually what this user is doing is a violation of the new federal law that went into effect first of the year. You can not harass or even annoy (which is a very loose term in legal speak) people on the internet annonymously. It was an addition/alteration to the old phone harassment laws. If it continues we might go the legal route on it.

    This person is actually one of those that has nothing better to do then sit back and try to cause problems. They have been spending their days researching everyone on the forum over the internet and trying to get personal information to post. I know Safe Searching has even had problems with the same person on one of the boards they manage.

    It was really fun the other night after we banned it because about 10 minutes later we got hit with 60 proxies constantly reloading pages, trying to kill our bandwidth. I had to quickly go in and do server bans on all the IP's.

    It is amazing how childish some people have to act. :p
     
  9. Archangel

    Archangel Aspirant

    42
    11
    +0
    For something like that, I would have forced Administrative validation of new registrations for a day or so... most trolls don't have that kind of patience and will leave pretty quickly.
     
  10. StarsDome

    StarsDome Participant

    52
    0
    +0
    Yeah, I have.

    You should ban IP address....any IP address that he or she comes from...keep banning...if problem keeps happening...you can report to their Internet provider...

    Make sure that people have to enable their account from their email...that way, if they keep making fake emails...they will not be able to activate his or her account.
     
  11. hovercrafter

    hovercrafter Participant

    60
    6
    +0
    Yeah. We got the email activation enabled. Actually we are doing something else also. We have about 10 of our members who also subscribe to AOL who are going to call them and tell them that they need something done or they will be going else where. It would be so much easier if AOL got rid of their stupid proxy connection for web sites.
     
  12. PalePhoenix

    PalePhoenix Prince of Dorkness

    11,988
    650
    +29
    You're welcome. Is it really? Why couldn't I find it easily?
     
  13. StarsDome

    StarsDome Participant

    52
    0
    +0
    Yeah, it's really aggrevating to have a user come back after you banned him...bans are done for a reason, you know?
     
  14. hovercrafter

    hovercrafter Participant

    60
    6
    +0
    You may have gone to the link in my signature which is actually my blog. The forum is at http://www.political-nutshell.com
     
  15. hovercrafter

    hovercrafter Participant

    60
    6
    +0
    Well until (and if) AOL does something, I came up with a small hack on PHPBB. What we did was enable the feature "Administrators must activate new accounts" (or something like that). I modified the usercp_register.php and the admin_activate.tpl files so that when the email is sent out to admins to activate a new user, it includes that user's Name, IP (including resolve to host) and Email.

    Our thinking is to do that for a few weeks. If after the attempts to join they don't get in they will most likely give up and go away. :lildevil:
     
  16. PalePhoenix

    PalePhoenix Prince of Dorkness

    11,988
    650
    +29
    Ah. I seem to keep doing that. Thanks.
     
  17. ghostfreak

    ghostfreak Participant

    58
    6
    +0
    We have this sort of problem at a local music forum I admin. We usually ban the e-mail and the IP. If they come back we do exactly the same thing. Users usually get sick of registering time and time again. That's not always the case so we sometimes go one step further and report their IP address.
     
  18. aboyd

    aboyd Adherent

    306
    0
    +1
    Since you're on phpBB, I know of a few options for you. It sounds like you're already doing email validation, so you are able to ban on email address. That at least makes the banned user go through a few more steps to get in. And you can do the admin validation that others have mentioned. That's yucky on a big forum, though.

    But there is also a "ban on cookie" mod I saw at one point while I was doing some phpBB mod spelunking. I don't recall it being an official mod, so you might have to track it down on phpbbhacks.com, or in the "unreleased mods" forum on phpbb.com. But what it does is allow you to set a cookie on the user's computer, and then ban on that. So no matter what email they use, no matter what IP address, they keep getting told they're banned. Don't tell them HOW you're doing it, of course. Once a person knows the cookies are allowing you to keep them banned, they'll quickly teach themselves how to delete cookies (it's easy). Still, it's another option for you to explore.

    -Tony
     
  19. Obvy

    Obvy Aspirant

    26
    6
    +0
    Another option is depending apon how much information you have. Putting an attorney on retainer to write up a letter is often the most effective way to do things, but that is also dependant apon your income to liabilities ratio and how much out of pocket you are willing to provide. This isn't for minor infractions, but when someone is so hostile that it turns your message board into a war zone.
     
  20. Ken

    Ken Aspirant

    12
    6
    +0
    Another aide and not a total solution is when you use Admin activation, send the prospective member an email, where it requires them to email you as to how they heard about your site or some other reason. 90% of the time they will email you from their actual location and you will have their actual IP when you show expanded headers or they will get skidish and bail. With that I also have the IP on registration mod. Do a comparison.