Web Wiz Support and Community Forums : IP Banning issues https://forums.webwiz.net/ Copyright (c) 2006-2013 Web Wiz Forums - All Rights Reserved. Sun, 12 Apr 2026 04:12:17 +0000 Tue, 15 Feb 2005 14:23:29 +0000 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 12.08 360 https://forums.webwiz.net/RSS_post_feed.asp?TID=12385 <![CDATA[Web Wiz Support and Community Forums]]> https://forums.webwiz.net/forum_images/web_wiz_forums.png https://forums.webwiz.net/ <![CDATA[IP Banning issues : well theres an easier way make...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post76369.html#76369 Author: arthurk
Subject: 12385
Posted: 15 February 2005 at 2:23pm

well theres an easier way
make a global.asa file like below in your web root
 
use the code below
 
edit Sub Session_OnStart()
put the ip addy(s) in place of the ones shown
redirect him to where you want him to go
remove the rest of the gubbins you dont want or leave it as is :P
 
<object runat="Server" scope="Application"
id="rstActiveUsers" progid="ADODB.Recordset">
</object>
<script language="VBScript" runat="Server">
' The first thing you should notice is the top line.
' It creates an application scoped recordset object
' named rstActiveUsers that I'll use to store all
' our user information.
'
' Note: I've wrapped it for readability
Sub Application_OnStart()
 ' Selected constants from adovbs.inc
 Const adInteger = 3
 Const adVarChar = 200
 Const adDate = 7
 
 ' Here I set up in memory active user recordset
 ' by adding the fields I want to it and defining
 ' their data types.
 
 rstActiveUsers.Fields.Append "id", adInteger
 rstActiveUsers.Fields.Append "ip", adVarChar, 15
 rstActiveUsers.Fields.Append "browser", adVarChar, 255
rstActiveUsers.Fields.Append "user", adVarChar, 50
 rstActiveUsers.Fields.Append "started", adDate
 ' Next I open our recordset so that we can use it.
 ' That basically gets everything ready for our
 ' first user.
 rstActiveUsers.Open
End Sub
Sub Session_OnStart()
 ' Set session timeout to 20 minutes
 Session.Timeout = 20
 if Request.ServerVariables("REMOTE_HOST") = "65.214.38.211" then 
 response.redirect "robot.html"
 end if
 if Request.ServerVariables("REMOTE_HOST") = "207.46.98.139" then 
 response.redirect "robot.html"
 end if
 if Request.ServerVariables("REMOTE_HOST") = "64.124.85.194" then 
 response.redirect "robot.html"
 end if
 if Request.ServerVariables("REMOTE_HOST") = "64.124.85.97" then 
 response.redirect "robot.html"
 end if
 
 
 ' Set a session start time.  This is pretty pointless,
 ' but it does ensure that we start a session and
 ' assign the user a session id and it can help
 ' troubleshooting if we ever need it.
 Session("Start") = Now()
 
 ' Move to the end so records are added in order.
 ' Again not of any real importance, but it keeps our
 ' user table nice and orderly.
 If Not rstActiveUsers.EOF Then rstActiveUsers.MoveLast
 ' Add a record and insert users data.  I'm just
 ' storing some basic info, but naturally you're free
 ' to store whatever you want.
 rstActiveUsers.AddNew
 
 rstActiveUsers.Fields("id").Value = _
  Session.SessionID
 
 rstActiveUsers.Fields("ip").Value = _
  Request.ServerVariables("REMOTE_HOST")
 
 rstActiveUsers.Fields("browser").Value = _
  Request.ServerVariables("HTTP_USER_AGENT")
username = Request.Cookies("user")("mynameis")
if username = "" then username = "Guest"
rstActiveUsers.Fields("user").Value = username
 
 rstActiveUsers.Fields("started").Value = _
  Now()
 
 rstActiveUsers.Update
 
 ' Now that we've got the information, all that's
 ' left is to display it.  See test_page.asp for a
 ' demo.  It includes the pages show_count.asp and
 ' show_users.asp which can also be used
 ' individually if desired.
End Sub
Sub Session_OnEnd()
 ' Selected constants from adovbs.inc
 Const adSearchForward = 1
 Const adBookmarkFirst = 1
 Const adAffectCurrent = 1
 ' Find the appropriate record.  Using session id is the
 ' easiest way since I use this as the primary key.
 ' This line positions us on the appropriate record.
 rstActiveUsers.Find "id = " & Session.SessionID, _
  0, adSearchForward, adBookmarkFirst
 
 ' Now that we're on the record, delete it.
 ' I use the EOF to make sure we've got one.
 If Not rstActiveUsers.EOF Then
  rstActiveUsers.Delete adAffectCurrent
 End If
End Sub
Sub Application_OnEnd()
 ' Not like it really matters, but for the sake of
 ' good coding practice I close the recordset when
 ' our application is shutting down.
 rstActiveUsers.Close
End Sub
</script>
]]> Tue, 15 Feb 2005 14:23:29 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post76369.html#76369 <![CDATA[IP Banning issues : I&#039;ve taken to blocking them...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post74735.html#74735 Author: jonahex2099
Subject: 12385
Posted: 25 January 2005 at 1:35pm

I've taken to blocking them at the website level AND at the firewall.  Little more work, AND it keeps them from accessing our main site, but at least they're not causing me forum problems anymore.  I'll try the fix above tho....]]> Tue, 25 Jan 2005 13:35:35 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post74735.html#74735 <![CDATA[IP Banning issues : You can also change these lines: &#039;Trim...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post74540.html#74540 Author: sfd19
Subject: 12385
Posted: 22 January 2005 at 9:33am

You can also change these lines:
 
'Trim the users IP to the same length as the IP range to check
        strUserIPAddress = Mid(strUserIPAddress, 1, Len(strCheckIPAddress))
       'See if whats left of the IP matches
       If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
 
to:
 
If strCheckIPAddress = Mid(strUserIPAddress, 1, Len(strCheckIPAddress)) Then blnIPMatched = True
 
then you do not have to call the getIP() function each time.
 
 
Also, changing
 
Do while NOT rsIPAddr.EOF
 
to
 
Do while NOT rsIPAddr.EOF AND blnIPMatched = False
 
will exit the loop as soon as the IP matches a banned one.
]]> Sat, 22 Jan 2005 09:33:08 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post74540.html#74540 <![CDATA[IP Banning issues : Excellent, this worked for me!...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post74512.html#74512 Author: paulhg
Subject: 12385
Posted: 21 January 2005 at 7:26pm

Excellent, this worked for me! I had this one individual registeringmultiple times and posting lots of spam with the same ip address .Using http://www.arin.net/ told me Sprint in Ghana is providing this particular ip address.
 
Is there anything else we can do with these pathetic individuals?Any other tools other there? Nothing would make me feel better than alittle revenge...

<-- edit ----->
IP Address removed by Moderator
<-- edit ----->


Edited by dj air - 21 January 2005 at 7:29pm]]> Fri, 21 Jan 2005 19:26:59 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post74512.html#74512 <![CDATA[IP Banning issues : I found the problem. Its in \f...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post74047.html#74047 Author: Ice Man
Subject: 12385
Posted: 17 January 2005 at 1:01am

I found the problem.  Its in \functions\functions_common.asp
 
Private Function bannedIP()
 'Declare variables
 Dim rsIPAddr
 Dim strCheckIPAddress
 Dim strUserIPAddress
 Dim blnIPMatched
 'Intilise variable
 blnIPMatched = False
 'Get the users IP
 strUserIPAddress = getIP()
 
 'Intialise the ADO recordset object
 Set rsIPAddr = Server.CreateObject("ADODB.Recordset")
  'Get any banned IP address from the database
  'Initalise the strSQL variable with an SQL statement to query the database to count the
number of topics in the forums
 If strDatabaseType = "SQLServer" Then
  strSQL = "EXECUTE " & strDbProc & "BannedIPs"
 Else
  strSQL = "SELECT " & strDbTable & "BanList.IP FROM " & strDbTable & "BanList
WHERE " & strDbTable & "BanList.IP Is Not Null;"
 End If
   'Query the database
   rsIPAddr.Open strSQL, adoCon
 
     'Loop through the IP address and check 'em out
      Do while NOT rsIPAddr.EOF
      'Get the IP address to check from the recordset
      strCheckIPAddress = rsIPAddr("IP")

      'See if we need to check the IP range or just one IP address
      'If the last character is a * then this is a wildcard range to be checked
      If Right(strCheckIPAddress, 1) = "*" Then
        'Remove the wildcard charcter form the IP
        strCheckIPAddress = Replace(strCheckIPAddress, "*", "", 1, -1, 1)
        'Trim the users IP to the same length as the IP range to check
        strUserIPAddress = Mid(strUserIPAddress, 1, Len(strCheckIPAddress))
       'See if whats left of the IP matches
       If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
        'Else check the IP address metches
        Else
         'Else check to see if the IP address match
        If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
        End If
  'Move to the next record
  rsIPAddr.MoveNext
 Loop
 
 'Clean up
 rsIPAddr.Close
 Set rsIPAddr = Nothing
 'Return the function
 bannedIP = blnIPMatched
End Function
 
Prior to the loop is when the users IP address is obtained.  Within the loop, if the users IP is going to be compared to an IP that has an * in it, the users IP (strUserIPAddress) is trimmed to match the length of the banned IP minus the *.  In the loop the users IP is not restored to its proper length, so it remains trimmed as it is compared to the rest of the banned IPs.
 
One solution would be to add the line strUserIPAddress = getIP() after the lines:
 
      'See if whats left of the IP matches
       If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
 
We've tested this out and IP banning is now working excellent for us. Thumbs Up
]]> Mon, 17 Jan 2005 01:01:10 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post74047.html#74047 <![CDATA[IP Banning issues : IP masking is nver going to be...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post71223.html#71223 Author: WebWiz-Bruce
Subject: 12385
Posted: 07 December 2004 at 4:09am

IP masking is nver going to be 100% acurate as IP masking is verysimple, even just changing to a different proxy server will hide ausers IP.]]> Tue, 07 Dec 2004 04:09:54 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post71223.html#71223 <![CDATA[IP Banning issues : I am using version 7.8 (access...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post71211.html#71211 Author: Ice Man
Subject: 12385
Posted: 06 December 2004 at 10:26pm

I am using version 7.8 (access version) and have been unsuccessful with the IP banning function of the forum.  We've tried just about everything.  Email activation is off and just have a few mods, nothing too extensive.]]> Mon, 06 Dec 2004 22:26:09 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post71211.html#71211 <![CDATA[IP Banning issues : Starnge, could be a corrupted...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post69187.html#69187 Author: WebWiz-Bruce
Subject: 12385
Posted: 09 November 2004 at 12:29pm

Starnge, could be a corrupted file, or a space or some other slightvariation may course the address to somehow not match up when the checkis made.]]> Tue, 09 Nov 2004 12:29:14 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post69187.html#69187 <![CDATA[IP Banning issues : -boRg- wrote:It does work,...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post69177.html#69177 Author: jonahex2099
Subject: 12385
Posted: 09 November 2004 at 11:23am

Originally posted by -boRg- -boRg- wrote:

It does work, but banning by IP address isn't 100% reliable as things like IP masking, proxy servers, etc. can hide the real IP address of a user.

Also make sure the IP addresses is entered exactly, placing spaces, *, or other characters in the address may prevent it working correctly.

A (*) can be placed at the end, if not using the full IP address for a wild card eg:-

111.111.111.111

could be done as:-

111.111.111.*

This would then ban all users in the range:-

111.111.111.0 through to 111.111.111.255

Thanks boRg!

The odd thing is that I have explicity defined a single users IP address, twice now (two different users) and they've simply come back in with different email address and successfully created new accounts AND posted, with the blocked IP address showing in the post!!!  I caught them because I keep a list of banned IP's taped to the monitor by the web server and by their posting methodolgy.  [:)]  

I've since went a step further and blocked them at the firewall and IIS level which has the side effect of keeping them off the main site as well.  (In the case of the individuals in question, it's no big loss).

Thanks for the reply!

]]> Tue, 09 Nov 2004 11:23:07 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post69177.html#69177 <![CDATA[IP Banning issues : It does work, but banning by IP...]]> https://forums.webwiz.net/ip-banning-issues_topic12385_post68734.html#68734 Author: WebWiz-Bruce
Subject: 12385
Posted: 01 November 2004 at 4:04am

It does work, but banning by IP address isn't 100% reliable as thingslike IP masking, proxy servers, etc. can hide the real IP address of auser.

Also make sure the IP addresses is entered exactly, placing spaces, *,or other characters in the address may prevent it working correctly.

A (*) can be placed at the end, if not using the full IP address for a wild card eg:-

111.111.111.111

could be done as:-

111.111.111.*

This would then ban all users in the range:-

111.111.111.0 through to 111.111.111.255
]]> Mon, 01 Nov 2004 04:04:53 +0000 https://forums.webwiz.net/ip-banning-issues_topic12385_post68734.html#68734