Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 12 of 12

Thread: Can I IP Ban?

  1. #1
    New to the CF scene
    Join Date
    Mar 2003
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Can I IP Ban?

    Hi there,

    I was wondering if someone could tell me if it's possible to ban certain IP's from viewing my website and then how I could go about that?

    To be honest, when I go past HTML or basic JavaScript, I'm pretty clueless, but it's IMPERITIVE that I ban a handful of IPs from viewing my site...and I'm desperately trying to find a way to do that.
    If anyone could offer any help, I'd VERY MUCH appreciate it!

    Thank you,

    - Tammy

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,278
    Thanks
    4
    Thanked 83 Times in 82 Posts
    I know you won't like this answer but....

    Honestly it's pointless to try and ban someone from viewing your site by banning their IP address. If they are using a dialup connection their IP address changes each time they connect and the IP address you ban will be given to someone else. Same thing goes with Cable/DSL users however their IP's don't change as often as dialup, maybe once a day or anytime they reboot their modem or machine.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    Regular Coder
    Join Date
    Jan 2003
    Posts
    867
    Thanks
    4
    Thanked 8 Times in 8 Posts
    Most DSL and cable modem users pick up a DHCP address and keep their leases for a really long time. I've only had two IP addresses with my comcast cable internet and it only changed when the company went from @home to comcast.

  • #4
    New to the CF scene
    Join Date
    Mar 2003
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You could make a .htaccess file, if you have permission to do so. Its an ordinary text-file, only with no name and .htaccess as extension. In that file you write

    order allow,deny
    deny from 10.45.6.7
    deny from 192.168.5.
    allow from all

    This will deny access from IP-adress 10.45.6.7 and from all users coming from the scope 192.168.5.X

    Of course these are examples. You can write as many lines as you wish. Just remember that NOONE from a banned scope can gain access to your site.

    Regardz
    PLN

  • #5
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,278
    Thanks
    4
    Thanked 83 Times in 82 Posts
    Originally posted by arnyinc
    Most DSL and cable modem users pick up a DHCP address and keep their leases for a really long time.
    And please do explain how you arrived at that conclusion.

    BroadBand through RoadRunner/Earthlink sets their leases at 24 hours.

    It would not be a good idea as far as security goes for a broadband service to give you the same IP for a lengthy period of time.
    Last edited by Spookster; 03-13-2003 at 04:19 PM.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #6
    New to the CF scene
    Join Date
    Feb 2003
    Location
    C:\
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It all depends on the setup, at home I run a roadrunner-->linksys firewall/router-->Server and user comps

    Unless you spicifically ask it to do so, the firewall keeps the same external IP, however, it is farly easy to change it if it is your own equipment.

  • #7
    Regular Coder
    Join Date
    Jan 2003
    Posts
    867
    Thanks
    4
    Thanked 8 Times in 8 Posts
    Originally posted by Spookster
    And please do explain how you arrived at that conclusion.
    Because I've had the same IP address for months now.

  • #8
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,278
    Thanks
    4
    Thanked 83 Times in 82 Posts
    Originally posted by arnyinc
    Because I've had the same IP address for months now.
    Just because you personally have had the same IP for months doesn't mean most DSL/Cable companies use the same policy.

    Check your connection information and you can see when the lease was issued and expires and that will give you an idea of what your current provider's lease length is.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #9
    Regular Coder
    Join Date
    Jan 2003
    Posts
    867
    Thanks
    4
    Thanked 8 Times in 8 Posts
    Originally posted by Spookster
    Just because you personally have had the same IP for months doesn't mean most DSL/Cable companies use the same policy.

    Check your connection information and you can see when the lease was issued and expires and that will give you an idea of what your current provider's lease length is.
    It expires every three days. With DHCP you don't lose your address every time it expires though. If the device remains attached to the same network and uses the IP then the client will automatically attempt to renew its lease from the DHCP server. That's how Comcast and my employer (150,000 employees) do it, so I know I'm not being completely ridiculous in assuming that a good deal of other companies do as well.
    Last edited by arnyinc; 03-14-2003 at 01:53 PM.

  • #10
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,278
    Thanks
    4
    Thanked 83 Times in 82 Posts
    But if you are not on the network when your lease expires then that IP address will go to someone else. Many people don't leave their computers on all the time so they will get new IP's often.

    The policy of keeping the same IP for lengthy periods of time as I said before is not a good policy. Leaves you more vulnerable to being hacked.

    And it is almost never a good idea to assume.

    If a network is crowded then lease lengths will be short because those IPs are in more demand. If a network is not crowded then lease lengths will probably be longer as those IP pool will be greater.

    Back to the original topic..... Banning people by IP is still about pointless. Most people are still on dialup and their IP addresses do change often. Cable/DSL users IP's change as well (you do agree that at some point their IP will change) so by banning an IP address you ban not only the person that was causing trouble but you also ban anyone else that will be using that IP address.

    Also if the user is using a laptop (this was one of the prime reasons for having DHCP) then their IP will change often since people typically don't leave laptops on all the time and the leases will expire and that IP will go to someone else.

    Plus consider this fact....you ban an IP address, but what if the person was using a computer at a public library or cyber cafe. Odds are when they go back they won't be using the same computer again.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #11
    Regular Coder
    Join Date
    Jan 2003
    Posts
    867
    Thanks
    4
    Thanked 8 Times in 8 Posts
    I never said IP banning was a good idea, just pointing out that in certain specific circumstances it works. Anyone can get around any forum protection without even being relatively persistent.

    All I'm saying is that IP banning is the best you can do without requiring people to register with a valid email, etc. Maybe you can send a cookie to them and hope they don't realize it and clear them.

  • #12
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,278
    Thanks
    4
    Thanked 83 Times in 82 Posts

    Lightbulb

    Originally posted by arnyinc
    Maybe you can send a cookie to them and hope they don't realize it and clear them.
    Well actually that just made a lightbulb come on.

    What one might be able to do is store in a banned users file on the server not only the IP address of the user but also any other uniquely identifiable information about the user like maybe browser, browser version, O/S, etc. Can't think of what else could uniquely identify a user (kind of like a composite key in a database). In this way when someone else gets that IP if their information doesn't match the banned information then it possibly means that IP is being used by someone new now and that IP can be removed from the banned list.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •