IP Ban

Discussion in 'Members & Staff' started by Safir, Dec 24, 2006.

  1. Safir

    Safir Neophyte

    You can access your account from several PCs (stations.) Do you automatically get the IP from these PCs?

    In a nowadays closed forums there was a problem with banned members returning and continuing their rampage after they got kicked, but under a new name and from a different internet connection.

    Always wondered about it.:help:
  2. PalePhoenix

    PalePhoenix Prince of Dorkness

    If you mean to ask, "Are station IPs [within a corporate or institutional intranet] logged and therefore ban-able?" then the answer is yes, but it depends on the type of forum and server software you are using and how well you understand whois data and wildcards.

    You can often look up a netblock range, the assignment of a sequence of possible IP addresses a company, school, or library might use. You still need to be careful that you're not overdoing the ban and blocking, say, an entire country or ISP (unless that is your intention). Additionally, users can deploy masks or route their Internet connections through proxies, of varying degrees of complexity and/or anonymity. Some boardware is incapable of detecting proxy usage. Thus, you can ban all day and it's like playing Whack-A-Mole.

    Require email validation and/or manually moderate new joins. People will eventually tire of creating whole new email addresses just to log back in and cause pointless mayhem. Block the registration of anonymous mail servers such as those listed here, or similar to Sneakemail and Mailinator. Other than this, there's not a whole lot you can do. Subnet masks and dynamic IPs make a lot of bans fruitless, but if you've determined that a particular user is deliberately rotating his or her IP within a particular range SOLELY to deface your website, then you may have cause to ask their ISP to bar their usage.
  3. Learnin

    Learnin Aspirant

    I have worked with a VBulletin Forum where we put the problem returners on "Miserable User or Tachey Coventry". Miserble Users could sometimes post and sometimes not. Tachey (with listing the ISP) would show posted but be invisible to everyone else.
  4. grepper

    grepper Fan

    IP information,Banning

    The answer is yes and no. When you connect to your ISP, your ISP needs to keep track of you, so it gives you a number (this may or may not be your IP address). Your ISP then connects to the website you requested and gets the information, then finds you and hands the data back.

    Sometimes the ISP has a lot of numbers (IP addresses) that it can allocate to connect to the internet. Sometimes it only has a few numbers but many customers, so it SHARES the connection it has between them.

    When there is a SHARED connection to the internet, the server (or you running the forum) cannot know specifically WHO connected to your site, you may only know that it is a connection from the High School downtown.
    So if you ban that IP address, you ban everyone from that school.

    Since there is only one IP address shared between many people, the ISP may forward to the server it is requesting data from, the internal IP address that it used to keep track of you.

    This allows the server administrator (you) to be able to report back to the ISP any misconduct because you have that additional information that was FORWARDED to you or in other words came VIA that ISP.

    Not surprisingly this information is reported in the browser headers X_FORWARDED_FOR, HTTP_VIA (there are more, sometimes but these are the main ones).

    You can use this information to report a troublesome user to his ISP.

    The problem with these additional variables is: They are not required for the connection to your site and are SUPPLIED by the client! The primary rule of web input is: Anything supplied can be faked and many headers like these are no exception. You are familiar of course with the REFERRER header, which tells you which website the client came from before they came to yours. Many people use this to restrict access to content on their site to people that are ACTUALLY ON THEIR SITE and not just linking it from another location.

    (but since the referrer heading can be provided, if I am linking to say, an MP3 or video file on your site, I can provide a header to make it look ( in your logs, anyway) that I am a legitimate visitor/member of your site and not a thief! )
Draft saved Draft deleted