(2015-01-01, 02:50 PM)rtm516 Wrote: [ -> ]And second you need to block vpn's by default.
But you do realise that there are admins who don't want to block VPNs or don't care about them? You can add the bans yourself...
Quote:First of all you need to make it so banned users cannot do anything on the forums (inc logout).
Why? The user can just clear their cookies and they'd be logged out...
Quote:And second you need to block vpn's by default.
This won't be happening. There's no reason for a software development team to decide who can and who cannot visit and person's forum.
(2015-01-01, 02:50 PM)rtm516 Wrote: [ -> ]you need to block vpn's by default.
I am using vpn a lot just becuase there is no other way. It is like blocking ip by country - crazy shi
t that happens sometimes.
But I think there can be option or plugin for this. Sometime it worth turning on for short period of time (trolls attack).
Trust me (as I made the list to begin with and have over 600m blocked ips), you can't do it in PHP.
Checking that many subnets against it even if using strpos... It just kills the performance by about 800x.
Thus you need to use nginx or something that can have it loaded at any time.
If you really want to block millions of IPs, you should look to your OS's firewall instead of doing matches in PHP. One possible setup in Linux is to grab a list of IPs from StopForumSpam on a daily basis and put them into an ipset, and block that ipset via iptable. If you do it right, you can even clear out that ipset so it only contains addresses which have recently been used.