Well, as Stefan mentioned, banned IP addresses are checked in global.php so they should always be blocked.
// Check banned ip addresses
if(is_banned_ip($session->ipaddress, true))
{
if($mybb->user['uid'])
{
$db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip)." OR uid='{$mybb->user['uid']}'");
}
else
{
$db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip));
}
error($lang->error_banned);
}
@bignslow, go to ACP -> Tools & Maintenance -> Cache Manager -> bannedips. Do the IPs look correctly there? If yes, make sure that the suspicious registered people have IP which exactly matches one of them.
(2014-10-11, 01:55 PM)bignslow Wrote: [ -> ]I just got a new user registration from an IP address that is in my blocked list. Also last known IP is also in the blocked list. I am using wild cards to block both IPs such as 103.230.105.*. Yet it still allowed registration to go through. Is 1.6 block list not working with 1.8?
I have the exact same problem, which started after the upgrade from 1.6 to 1.8. I have narrowed down the problem somewhat. If the banned IP is listed in your banned list without using a wildcard, (like 103.230.105.123) then it is banned from registering. If it is within a range that is banned with a wildcard (like 103.230.105.*) then it is not being banned from registering.
(2014-10-22, 10:41 PM)Phulano Wrote: [ -> ] (2014-10-11, 01:55 PM)bignslow Wrote: [ -> ]I just got a new user registration from an IP address that is in my blocked list. Also last known IP is also in the blocked list. I am using wild cards to block both IPs such as 103.230.105.*. Yet it still allowed registration to go through. Is 1.6 block list not working with 1.8?
I have the exact same problem, which started after the upgrade from 1.6 to 1.8. I have narrowed down the problem somewhat. If the banned IP is listed in your banned list without using a wildcard, (like 103.230.105.123) then it is banned from registering. If it is within a range that is banned with a wildcard (like 103.230.105.*) then it is not being banned from registering.
is using wildcards the correct way to block IPs though? you could potentially block off someone who is 100% innocent, I suppose, no?
Sometimes it is the only way. If the troublesome user always has an ip that starts with the same in the first three octets, but the last one is always different, it is the easiest way to ban them.
(2014-10-22, 07:30 PM)Destroy666 Wrote: [ -> ]@bignslow, go to ACP -> Tools & Maintenance -> Cache Manager -> bannedips. Do the IPs look correctly there? If yes, make sure that the suspicious registered people have IP which exactly matches one of them.
They look correct there. Like someone mentioned above the wildcard IPs aren't being blocked though.
(2014-10-24, 12:36 AM)bignslow Wrote: [ -> ]Like someone mentioned above the wildcard IPs aren't being blocked though.
confirmed; wildcard IPs aren't being blocked.
This is an important broken functionality which should be fixed in 1.8.4 in my opinion, so pushing and setting as high priority.
Hi,
Thank you for your report. We have pushed this issue to our Github repository for further analysis where you can track our commits and progress with fixing this bug. Discussions regarding this bug may also take place there too.
Follow this link to visit the issue on Github:
https://github.com/mybb/mybb/issues/1704
Thanks for contributing to MyBB!
Regards,
The MyBB Group
To follow up.
I applied the 1704 fix(s) to me working 1.8.3 BB
Quote:Fixed it partially, but not fully.
Exemplary IP: 1.1.1.1
Ban range 1: 1.1.1.*
Ban range 2: 1.1.*
Ban range 3: 1.*
Function returns before applying fix:
Ban range 1: false
Ban range 2: false
Ban range 3: false
After applying fix:
Ban range 1: true
Ban range 2: false
Ban range 3: false
I would like to add that 1.1.*.* does work now. (using 2 place holders)