Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts

    Need quick help with ip ban

    I have a major problem with a user creating many accounts spamming everything, they are traced to the same ip. Does anyone know a simple and easy ip ban script I can put in to stop it? Thanks

  • #2
    Regular Coder
    Join Date
    May 2006
    Location
    Wales
    Posts
    820
    Thanks
    1
    Thanked 82 Times in 79 Posts
    Just a simple one:

    PHP Code:
    <?php
    $ips 
    file('banlist.txt');

    if 
    in_array($_SERVER['REMOTE_ADDR'], $ips) die ('You are banned');
    ?>
    In banlist.txt put the ips you want to ban, one line for each IP and put that code at the top of your pages.

  • #3
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    It isn't stopping him. I put down 3 IP's and he keeps changing them. Is there another way of stopping him?

  • #4
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,049
    Thanks
    2
    Thanked 317 Times in 309 Posts
    As you have found, getting a different IP address is easy and banning them provides no protection.

    1) If you are not already doing so, use email opt-in registration, where your registration script sends an email to the email address they entered, and they must click on a link in the email to activate their account. This will require that they have an email address that they have access to. You can than ban that email address when you disable the account of any spammer to prevent them from using it again to create another account. Throw-a-way/free email address are also easy to get, but this might slow them down enough so that they will go elsewhere.

    2) Close the loop holes in your code that is providing the benefit to the spammer. If he is posting content/links, add filters to detect that content and prevent those posts... If he is using email header injection to send out spam email, add filters to detect that content and prevent those emails from getting sent...

    3) If you believe the content is being automatically posted, add some tricks to your from processing code to detect and prevent automated posts. Typically a good image CAPTCHA or a random set of human only questions/answers...
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • Users who have thanked CFMaBiSmAd for this post:

    MHaris (08-24-2007)

  • #5
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    He said he is using a dynamic IP and that I can never stop him.

    For your helpful tips

    1). I have that feature coded, but I am wondering if it's enabled? I will check that.

    2). He is mainly just sending emails from within the website.

    3). None of it is automation. I have some captcha security on the website in different places.

  • #6
    New Coder
    Join Date
    Jun 2007
    Posts
    60
    Thanks
    7
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by masterofollies View Post
    He said he is using a dynamic IP and that I can never stop him.

    For your helpful tips

    1). I have that feature coded, but I am wondering if it's enabled? I will check that.

    2). He is mainly just sending emails from within the website.

    3). None of it is automation. I have some captcha security on the website in different places.
    What does he post? Spamming his website? A particular word?

    Are you using a particular script?

  • #7
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Sending mail to people, some people he sent over 150 messages filling up their inbox. Just random useless crap like (Haha I can never be banned, ever)

  • #8
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,049
    Thanks
    2
    Thanked 317 Times in 309 Posts
    In addition to disabling any accounts he is creating and banning any registration email address he has used, if the abuse is of an email system, you would need to put limits on how often an email can be sent, how many recipients each one can have, and limit the total number in any period of time.

    For example, limit emails to no more than one in a 60 second interval, a maximum of one or two TO: recipients and one or two CC: recipients, and a maximum of 10 per hour/30 per 24 hours... Use whatever values would be appropriate for normal usage of your system.

    If the email feature is not critical to your application, temporarily disable it while you put safeguards in place. Maybe he will go elsewhere if he thinks the email system does not exist anymore.

    Edit: It sounds like the benefit he is receiving by doing this is just a boost to his ego. Takeaway this benefit and he will go elsewhere.
    Last edited by CFMaBiSmAd; 08-24-2007 at 10:51 PM.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #9
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    CFMaBiSmAd, that is a excellent idea, about putting a time limit on game mails. I will do that. I think I fixed the problem, I had my host tech support help out. All but his original account starts with 172 and no other users start with that. So I did a 172.* which any IP that starts with 172 will be blocked from the site. I really hope this work and that it won't stop normal people. Thanks to all of you.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •