- Posts: 56
- Thank you received: 0
Ban may require multiple IP addresses in config.php
17 years 8 months ago #503
by Norman
Ban may require multiple IP addresses in config.php was created by Norman
Hi, As I have just mentioned in another thread, I am testing version 1.7.1. I would like this to go live in two days.
I was half suspecting this potential issue and with some testers I have established what I see as a problem.
I asked someone to write to the Guestbook (test only version) and they did so successfully. I then banned that person based on the IP address from his earlier message. When I asked him to attempt a write again, it was successful :!: I noted that on the write after the ban, it was coming from a different IP address. The first two groups of figures are the same for both IP addresses but the last two are different.
I have now banned both IP addresses and I am waiting for him to attempt a write again.
Assuming it now works (it bans that person), it begs the question, how many IP addresses will I need to put into config.php to ban one user.
My main reason for updating the site from 1.6 to 1.7.1 was because of the 'Ban' feature.
Thanks, Norman
I was half suspecting this potential issue and with some testers I have established what I see as a problem.
I asked someone to write to the Guestbook (test only version) and they did so successfully. I then banned that person based on the IP address from his earlier message. When I asked him to attempt a write again, it was successful :!: I noted that on the write after the ban, it was coming from a different IP address. The first two groups of figures are the same for both IP addresses but the last two are different.
I have now banned both IP addresses and I am waiting for him to attempt a write again.
Assuming it now works (it bans that person), it begs the question, how many IP addresses will I need to put into config.php to ban one user.
My main reason for updating the site from 1.6 to 1.7.1 was because of the 'Ban' feature.
Thanks, Norman
Please Log in or Create an account to join the conversation.
17 years 8 months ago #504
by Norman
Replied by Norman on topic Ban may require multiple IP addresses in config.php
Thought I should provide some server information before it gets requested
Server O/S - Linux
PHP version - 4.4.2
Server API - Apache
If you need any further information then please ask.
Thanks, Norman
Server O/S - Linux
PHP version - 4.4.2
Server API - Apache
If you need any further information then please ask.
Thanks, Norman
Please Log in or Create an account to join the conversation.
17 years 8 months ago #505
by Norman
Replied by Norman on topic Ban may require multiple IP addresses in config.php
Another tester has proven that his IP address can be different from the last time he accessed the Guestbook (1.7.1).
With this last example and trying to be intuitive, I would have to enter 55 IP numbers in config.php to ban this particular user. The reason is that the IP Address as opposed to the IP number, contains the words 'range 86 to 140'. My intuition suggests that his IP number could be anywhere in the range aaa.bbb.ccc.86 - aaa.bbb.ccc.140.
Have I got this totally wrong or will I really have to potentially enter a mass of addresses to simply ban one user.
Help.
Thanks, Norman
With this last example and trying to be intuitive, I would have to enter 55 IP numbers in config.php to ban this particular user. The reason is that the IP Address as opposed to the IP number, contains the words 'range 86 to 140'. My intuition suggests that his IP number could be anywhere in the range aaa.bbb.ccc.86 - aaa.bbb.ccc.140.
Have I got this totally wrong or will I really have to potentially enter a mass of addresses to simply ban one user.
Help.
Thanks, Norman
Please Log in or Create an account to join the conversation.
17 years 8 months ago #506
by Norman
Replied by Norman on topic Ban may require multiple IP addresses in config.php
I believe the issue is that many ISPs use DHCP and therefore user's IP addresses will be potentially different each time they connect to their ISP.
Some other means of banning is required unless I have got my facts completely wrong.
The problem as I see it, is that if you place a range of IP addresses on the 'Ban List' (config.php), then you may ban someone you do not want to. I see this issue as one of chasing your tail.
I would appreciate comments from anyone regarding this post.
Thanks,
Norman
Some other means of banning is required unless I have got my facts completely wrong.
The problem as I see it, is that if you place a range of IP addresses on the 'Ban List' (config.php), then you may ban someone you do not want to. I see this issue as one of chasing your tail.
I would appreciate comments from anyone regarding this post.
Thanks,
Norman
Please Log in or Create an account to join the conversation.
17 years 8 months ago #510
by Pete
DigiOz Webmaster
www.digioz.com
Replied by Pete on topic Ban may require multiple IP addresses in config.php
This problem usually only occurs with a hand full of ISPs, who change the user's IP even while they are in the same session (AOL is a good example of this). I don't have a solution to offer you against this as of right now. Let me think about it for a few days to see if I can come up with something for you.
DigiOz Webmaster
www.digioz.com
Please Log in or Create an account to join the conversation.
17 years 8 months ago #512
by Pete
DigiOz Webmaster
www.digioz.com
Replied by Pete on topic Ban may require multiple IP addresses in config.php
One possible alternative is to ban by Host Address using a function like this:
This will return the following:
Where the first one is the IP address and the second one is the Host address. But as you can see, the problem is that the host address contains the IP in its subdomain (first part), so using this is no better then banning the IP. You could ban *.host.dyn.aol.com for example, but then you would be banning every AOL user that has a dynamic IP Address! :shock:
Code:
function getRemoteInfo () {
$proxy="";
$IP = "";
if (isSet($_SERVER)) {
if (isSet($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$IP = $_SERVER["HTTP_X_FORWARDED_FOR"];
$proxy = $_SERVER["REMOTE_ADDR"];
} elseif (isSet($_SERVER["HTTP_CLIENT_IP"])) {
$IP = $_SERVER["HTTP_CLIENT_IP"];
} else {
$IP = $_SERVER["REMOTE_ADDR"];
}
} else {
if ( getenv( 'HTTP_X_FORWARDED_FOR' ) ) {
$IP = getenv( 'HTTP_X_FORWARDED_FOR' );
$proxy = getenv( 'REMOTE_ADDR' );
} elseif ( getenv( 'HTTP_CLIENT_IP' ) ) {
$IP = getenv( 'HTTP_CLIENT_IP' );
} else {
$IP = getenv( 'REMOTE_ADDR' );
}
}
if (strstr($IP, ',')) {
$ips = explode(',', $IP);
$IP = $ips[0];
}
$RemoteInfo[0]=$IP;
$RemoteInfo[1]=@GetHostByAddr($IP);
$RemoteInfo[2]=$proxy;
return $RemoteInfo;
}
$arr1 = getRemoteInfo();
echo $arr1[0] . "<br>" . $arr1[1]. "<br>" ;
This will return the following:
Code:
111.222.333.444
111-222-333-444.host.dyn.aol.com
Where the first one is the IP address and the second one is the Host address. But as you can see, the problem is that the host address contains the IP in its subdomain (first part), so using this is no better then banning the IP. You could ban *.host.dyn.aol.com for example, but then you would be banning every AOL user that has a dynamic IP Address! :shock:
DigiOz Webmaster
www.digioz.com
Please Log in or Create an account to join the conversation.
Time to create page: 0.126 seconds