Web Wiz - Green Windows Web Hosting - Celebrating 25 Years!
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - IP Banning issues
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

IP Banning issues
 Post Reply Post Reply Page  12>
Author
  Topic Search Topic Search  Topic Options Topic Options
jonahex2099 View Drop Down
Newbie
Newbie
Avatar

Joined: 09 April 2004
Location: United States
Status: Offline
Points: 24 		Post Options Post Options   Thanks (0) Thanks(0)   Quote jonahex2099 Quote  Post ReplyReply Direct Link To This Post Topic: IP Banning issues
    Posted: 31 October 2004 at 12:26pm

I have banned an IP in my list yet the individual behind this IP address has not only came back *3* times, (with different email addresses) but been allowed to post AFTER creating the accounts under the same IP. 

Is there something I'm doing wrong or does this functionality not really work?
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 01 November 2004 at 4:04am
It does work, but banning by IP address isn't 100% reliable as things like IP masking, proxy servers, etc. can hide the real IP address of a user.

Also make sure the IP addresses is entered exactly, placing spaces, *, or other characters in the address may prevent it working correctly.

A (*) can be placed at the end, if not using the full IP address for a wild card eg:-

111.111.111.111

could be done as:-

111.111.111.*

This would then ban all users in the range:-

111.111.111.0 through to 111.111.111.255
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
jonahex2099 View Drop Down
Newbie
Newbie
Avatar

Joined: 09 April 2004
Location: United States
Status: Offline
Points: 24 		Post Options Post Options   Thanks (0) Thanks(0)   Quote jonahex2099 Quote  Post ReplyReply Direct Link To This Post Posted: 09 November 2004 at 11:23am

Originally posted by -boRg- -boRg- wrote:

It does work, but banning by IP address isn't 100% reliable as things like IP masking, proxy servers, etc. can hide the real IP address of a user.

Also make sure the IP addresses is entered exactly, placing spaces, *, or other characters in the address may prevent it working correctly.

A (*) can be placed at the end, if not using the full IP address for a wild card eg:-

111.111.111.111

could be done as:-

111.111.111.*

This would then ban all users in the range:-

111.111.111.0 through to 111.111.111.255

Thanks boRg!

The odd thing is that I have explicity defined a single users IP address, twice now (two different users) and they've simply come back in with different email address and successfully created new accounts AND posted, with the blocked IP address showing in the post!!!  I caught them because I keep a list of banned IP's taped to the monitor by the web server and by their posting methodolgy.  [:)]  

I've since went a step further and blocked them at the firewall and IIS level which has the side effect of keeping them off the main site as well.  (In the case of the individuals in question, it's no big loss).

Thanks for the reply!
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 09 November 2004 at 12:29pm
Starnge, could be a corrupted file, or a space or some other slight variation may course the address to somehow not match up when the check is made.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
Ice Man View Drop Down
Newbie
Newbie


Joined: 06 December 2004
Status: Offline
Points: 2 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Ice Man Quote  Post ReplyReply Direct Link To This Post Posted: 06 December 2004 at 10:26pm
I am using version 7.8 (access version) and have been unsuccessful with the IP banning function of the forum.  We've tried just about everything.  Email activation is off and just have a few mods, nothing too extensive.
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 07 December 2004 at 4:09am
IP masking is nver going to be 100% acurate as IP masking is very simple, even just changing to a different proxy server will hide a users IP.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
Ice Man View Drop Down
Newbie
Newbie


Joined: 06 December 2004
Status: Offline
Points: 2 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Ice Man Quote  Post ReplyReply Direct Link To This Post Posted: 17 January 2005 at 1:01am
I found the problem.  Its in \functions\functions_common.asp
 
Private Function bannedIP()
 'Declare variables
 Dim rsIPAddr
 Dim strCheckIPAddress
 Dim strUserIPAddress
 Dim blnIPMatched
 'Intilise variable
 blnIPMatched = False
 'Get the users IP
 strUserIPAddress = getIP()
 
 'Intialise the ADO recordset object
 Set rsIPAddr = Server.CreateObject("ADODB.Recordset")
  'Get any banned IP address from the database
  'Initalise the strSQL variable with an SQL statement to query the database to count the
number of topics in the forums
 If strDatabaseType = "SQLServer" Then
  strSQL = "EXECUTE " & strDbProc & "BannedIPs"
 Else
  strSQL = "SELECT " & strDbTable & "BanList.IP FROM " & strDbTable & "BanList
WHERE " & strDbTable & "BanList.IP Is Not Null;"
 End If
   'Query the database
   rsIPAddr.Open strSQL, adoCon
 
     'Loop through the IP address and check 'em out
      Do while NOT rsIPAddr.EOF
      'Get the IP address to check from the recordset
      strCheckIPAddress = rsIPAddr("IP")

      'See if we need to check the IP range or just one IP address
      'If the last character is a * then this is a wildcard range to be checked
      If Right(strCheckIPAddress, 1) = "*" Then
        'Remove the wildcard charcter form the IP
        strCheckIPAddress = Replace(strCheckIPAddress, "*", "", 1, -1, 1)
        'Trim the users IP to the same length as the IP range to check
        strUserIPAddress = Mid(strUserIPAddress, 1, Len(strCheckIPAddress))
       'See if whats left of the IP matches
       If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
        'Else check the IP address metches
        Else
         'Else check to see if the IP address match
        If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
        End If
  'Move to the next record
  rsIPAddr.MoveNext
 Loop
 
 'Clean up
 rsIPAddr.Close
 Set rsIPAddr = Nothing
 'Return the function
 bannedIP = blnIPMatched
End Function
 
Prior to the loop is when the users IP address is obtained.  Within the loop, if the users IP is going to be compared to an IP that has an * in it, the users IP (strUserIPAddress) is trimmed to match the length of the banned IP minus the *.  In the loop the users IP is not restored to its proper length, so it remains trimmed as it is compared to the rest of the banned IPs.
 
One solution would be to add the line strUserIPAddress = getIP() after the lines:
 
      'See if whats left of the IP matches
       If strCheckIPAddress = strUserIPAddress Then blnIPMatched = True
 
We've tested this out and IP banning is now working excellent for us. Thumbs Up
Back to Top
paulhg View Drop Down
Newbie
Newbie


Joined: 07 January 2004
Status: Offline
Points: 6 		Post Options Post Options   Thanks (0) Thanks(0)   Quote paulhg Quote  Post ReplyReply Direct Link To This Post Posted: 21 January 2005 at 7:26pm
Excellent, this worked for me! I had this one individual registering multiple times and posting lots of spam with the same ip address . Using http://www.arin.net/ told me Sprint in Ghana is providing this particular ip address.
 
Is there anything else we can do with these pathetic individuals? Any other tools other there? Nothing would make me feel better than a little revenge...

<-- edit ----->
IP Address removed by Moderator
<-- edit ----->


Edited by dj air - 21 January 2005 at 7:29pm
Back to Top
 Post Reply Post Reply Page  12>

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.