Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to ban a range of IP addresses?
#1
I have identified a particular group of spammers who appear to be coming from the same range of IP addresses. I would like to block these addresses.

I have gone to Admin CP -> Configuration -> Banning -> Banned IPs. I can see how to enter a single address to be banned, but I can't see how to enter an entire range. The instructions say


Quote:use * (Ex: 127.0.0.*) or CIDR notation (Ex: 127.0.0.0/8)


Does the star in the example indicate a wildcard? If so, what format should this be in?

For example, suppose I wanted to ban IP addresses in the range 59.200.0.0 to 59.207.255.255 (this is just an example that I made up myself), what would I enter in the box? 

Thanks in advance.

Mike
Reply
#2
Both works if you set those through MyBB ACP.
* represents 0 to 255 all.
If you are still not convinced use .htaccess
[Image: logo.svg.svg]
Reply
#3
Thanks for your reply. I'm not contesting that "they both work". I simply want to know what format the wild card takes.

For example, to ban addresses in the range 59.200.0.0 to 59.207.255.255, do I enter 59.2*.*.*? Or do I enter 59.200.*.*, adn then 59.201.*.*, and so on, as separate entries? Or what?

MIke
Reply
#4
It looks like the wildcard can only be substituted for whole 8-bit groups (x.x.*.x, without digits before or after); https://www.ipaddressguide.com/cidr may help with converting arbitrary ranges to CIDR blocks.
devilshakerz.com/pgp (DF3A 34D9 A627 42E5 BC6A 6750 1F2F B8AA 28FF E1BC) ▪ keybase.io/devilshakerz
Reply
#5
imho you should use htaccess for banning CIDR blocks
Reply
#6
Thanks for all your replies. It's a lot clearer now. I'll try your various suggestions.

A supplementary question:

Assuming I use the Admin CP to ban the relevant addresses (as opposed to .htaccess), what exactly will a banned visitor see? If someone tries to register or log in from a banned address, do they see a message telling them their address or banned? Or what?

(This is not something I can test for myself, for obvious reasons.)

Mike
Reply
#7
You can test this opening the ACP in separate window. Ban your own IP and refresh main site. You will see:

Quote:I'm sorry, but you are banned. You may not post, read threads, or access the forum. Please contact your forum administrator should you have any questions.

Unban the IP from ACP.
[Image: logo.svg.svg]
Reply
#8
Thanks, Effone. Very helpful.

And I see that message is defined in global.lang.php. I should have thought to look there first.

Mike
Reply
#9
We have a similar problem on our forum, every now and then we get a bunch of spam, all coming from a relatively narrow groups of IP addresses. But because most spammers will use a VPN, TOR, or a proxy, it's almost impossible to block anyone by IP alone.

Instead, the strategy we use is the MyBB "group promotion" system. The default behaviour of MyBB is that when a visitor registers, and validates their email address, they are put in the "Registered" Group, which has permission to post at will... We wanted to moderate the first few posts by any new user before they "earn" the privilege of posting normally... so:

1. In ACP, we first duplicated the default "Registered" group and called it "Registered Approved" - that way we know it has the normal settings.

2. Then, we modified the Registered group to require moderation - any post from a person in the Registered group is held for moderation (approval) before it appears. In ACP > Users & Groups > Groups > Edit Group > Forums & Posts > Moderate new posts, and Moderate new threads, and attachments.

3. Then, In the ACP > Users & Groups > Group Promotions > you can create a "promotion" where, for example, if a user in the Registered group has 1, or 2, or 3 approved posts, then they are promoted automatically to the "Registered Approved" group, where they can post normally. The promotion system runs every 20 minutes I believe, with a setting in the Tools > Tasks section.

4. We also created a group called "Probation" where a difficult user can be put if their posts require constant moderation.

This has essentially cut down most of the spam for us.
Reply
#10
If you're having a problem with VPN/TOR check out my plugin, I use it for my company site and its a godsend.

https://community.mybb.com/mods.php?acti...w&pid=1280
-Joe
AFreeCloud - Free Cloud-Based Web Hosting!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)