MyBB Community Forums 1.8 Support Security Management and Support v
How to ban a range of IP addresses?

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Thread Modes
How to ban a range of IP addresses?
Mike QS Offline
Junior Member
**
Posts: 45
Threads: 19
Joined: Jun 2018
Reputation: 0
#1
01-07-2019, 04:49 PM
I have identified a particular group of spammers who appear to be coming from the same range of IP addresses. I would like to block these addresses.

I have gone to Admin CP -> Configuration -> Banning -> Banned IPs. I can see how to enter a single address to be banned, but I can't see how to enter an entire range. The instructions say


Quote:use * (Ex: 127.0.0.*) or CIDR notation (Ex: 127.0.0.0/8)


Does the star in the example indicate a wildcard? If so, what format should this be in?

For example, suppose I wanted to ban IP addresses in the range 59.200.0.0 to 59.207.255.255 (this is just an example that I made up myself), what would I enter in the box? 

Thanks in advance.

Mike
Find
Reply
effone Offline
MyBB Team

Development
Posts: 3,640
Threads: 107
Joined: May 2012
Reputation: 404
#2
01-07-2019, 05:52 PM (This post was last modified: 01-07-2019, 05:54 PM by effone.)
Both works if you set those through MyBB ACP.
* represents 0 to 255 all.
If you are still not convinced use .htaccess
[Image: logo.svg.svg]
Website Find
Reply
Mike QS Offline
Junior Member
**
Posts: 45
Threads: 19
Joined: Jun 2018
Reputation: 0
#3
01-07-2019, 06:08 PM
Thanks for your reply. I'm not contesting that "they both work". I simply want to know what format the wild card takes.

For example, to ban addresses in the range 59.200.0.0 to 59.207.255.255, do I enter 59.2*.*.*? Or do I enter 59.200.*.*, adn then 59.201.*.*, and so on, as separate entries? Or what?

MIke
Find
Reply
Devilshakerz Offline
‌‌‌‌

Security

Devops

Web
Posts: 1,638
Threads: 154
Joined: Jun 2011
Reputation: 147
#4
01-07-2019, 07:28 PM
It looks like the wildcard can only be substituted for whole 8-bit groups (x.x.*.x, without digits before or after); https://www.ipaddressguide.com/cidr may help with converting arbitrary ranges to CIDR blocks.
devilshakerz.com/pgp (DF3A 34D9 A627 42E5 BC6A 6750 1F2F B8AA 28FF E1BC) ▪ keybase.io/devilshakerz
Find
Reply
labrocca Offline
Gone
*****
Posts: 9,794
Threads: 587
Joined: Jan 2006
Reputation: 232
#5
01-08-2019, 12:28 AM
imho you should use htaccess for banning CIDR blocks
Website Find
Reply
Mike QS Offline
Junior Member
**
Posts: 45
Threads: 19
Joined: Jun 2018
Reputation: 0
#6
01-08-2019, 09:00 AM
Thanks for all your replies. It's a lot clearer now. I'll try your various suggestions.

A supplementary question:

Assuming I use the Admin CP to ban the relevant addresses (as opposed to .htaccess), what exactly will a banned visitor see? If someone tries to register or log in from a banned address, do they see a message telling them their address or banned? Or what?

(This is not something I can test for myself, for obvious reasons.)

Mike
Find
Reply
effone Offline
MyBB Team

Development
Posts: 3,640
Threads: 107
Joined: May 2012
Reputation: 404
#7
01-08-2019, 12:00 PM
You can test this opening the ACP in separate window. Ban your own IP and refresh main site. You will see:

Quote:I'm sorry, but you are banned. You may not post, read threads, or access the forum. Please contact your forum administrator should you have any questions.

Unban the IP from ACP.
[Image: logo.svg.svg]
Website Find
Reply
Mike QS Offline
Junior Member
**
Posts: 45
Threads: 19
Joined: Jun 2018
Reputation: 0
#8
01-08-2019, 05:46 PM
Thanks, Effone. Very helpful.

And I see that message is defined in global.lang.php. I should have thought to look there first.

Mike
Find
Reply
gimbal Offline
Junior Member
**
Posts: 42
Threads: 11
Joined: Dec 2017
Reputation: 2
#9
07-20-2019, 02:39 PM
We have a similar problem on our forum, every now and then we get a bunch of spam, all coming from a relatively narrow groups of IP addresses. But because most spammers will use a VPN, TOR, or a proxy, it's almost impossible to block anyone by IP alone.

Instead, the strategy we use is the MyBB "group promotion" system. The default behaviour of MyBB is that when a visitor registers, and validates their email address, they are put in the "Registered" Group, which has permission to post at will... We wanted to moderate the first few posts by any new user before they "earn" the privilege of posting normally... so:

1. In ACP, we first duplicated the default "Registered" group and called it "Registered Approved" - that way we know it has the normal settings.

2. Then, we modified the Registered group to require moderation - any post from a person in the Registered group is held for moderation (approval) before it appears. In ACP > Users & Groups > Groups > Edit Group > Forums & Posts > Moderate new posts, and Moderate new threads, and attachments.

3. Then, In the ACP > Users & Groups > Group Promotions > you can create a "promotion" where, for example, if a user in the Registered group has 1, or 2, or 3 approved posts, then they are promoted automatically to the "Registered Approved" group, where they can post normally. The promotion system runs every 20 minutes I believe, with a setting in the Tools > Tasks section.

4. We also created a group called "Probation" where a difficult user can be put if their posts require constant moderation.

This has essentially cut down most of the spam for us.
Find
Reply
KuJoe Offline
n3rd
*****
Posts: 3,755
Threads: 208
Joined: Mar 2007
Reputation: 37
#10
07-20-2019, 07:30 PM
If you're having a problem with VPN/TOR check out my plugin, I use it for my company site and its a godsend.

https://community.mybb.com/mods.php?acti...w&pid=1280
-Joe
AFreeCloud - Free Cloud-Based Web Hosting!
Website Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)