Cless Posted July 19, 2007 Share Posted July 19, 2007 Hello, What would be the best way to make an IP ban system? I don't think I have to say anymore than this, as it is pretty straight forward. Thanks. Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted July 19, 2007 Share Posted July 19, 2007 The best way is not to make one because IP banning is pointless with DDNS, proxy and IP pool leasing that 99% of the residential ISP use Quote Link to comment Share on other sites More sharing options...
Richzilla Posted July 19, 2007 Share Posted July 19, 2007 Yes it does seem pointless as many residential internet users don't have fixed IP addreses Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted July 19, 2007 Share Posted July 19, 2007 I believe php 6 will have improvements on banning machines via more information than IP, but I'm not sure because its all about what the browser will send you, and MAC ids are not transmitted. Quote Link to comment Share on other sites More sharing options...
Cless Posted July 19, 2007 Author Share Posted July 19, 2007 Screw that. With IP bans, people will just use proxies... is there a better way to make it so the user can not access the site? Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted July 19, 2007 Share Posted July 19, 2007 3 best methods are Login methods Truning Numbers (an image of numbers to prevent bot spam) Email Confirmation (can't use account till you have confirmed email account) Also you can use ip as a temp thing like this site does to prevent over messaging Quote Link to comment Share on other sites More sharing options...
Cless Posted July 19, 2007 Author Share Posted July 19, 2007 Huh? I mean like, preventing someone from accessing the site if they are banned. Not preventing multiple registrations, lol. Quote Link to comment Share on other sites More sharing options...
Caesar Posted July 19, 2007 Share Posted July 19, 2007 But in some cases...it helps as a deterrent. I say do both username and IP bans....and store it in a cookie as an additional step...just an extra step to annoy them more. The method depends on how you're storing the banned users...MySQL database? Flat file? Quote Link to comment Share on other sites More sharing options...
Cless Posted July 19, 2007 Author Share Posted July 19, 2007 I use MySQL databases. ;P Ah, a Cookie. Nice one. Hehe. Joke: You're banned, so I'll give you a cookie! Lol. Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted July 19, 2007 Share Posted July 19, 2007 the cookie idea works because if their IP is in the cookie + its banned you know it came from that machine, but if someone can get around a proxy they will know how to kill your cookies, but you could say if they have the "bad cookie" set a session with them that says they are bad too Quote Link to comment Share on other sites More sharing options...
Caesar Posted July 19, 2007 Share Posted July 19, 2007 A simplification... <?php $usrip = $_SERVER['REMOTE_ADDR']; $usrname = $_SESSION['username']; $banlist = file_get_contents('banlist.txt'); if((preg_match('/'.$usrip.'/i', $banlist)) || (preg_match('/'.$usrname.'/i', $banlist)) || ($_COOKIE['banned'] == '1')) { header("Location: index.php?notice=banned"); exit; } ?> And in index.php you set your cookie. And sure...they can clear their cookies. But every time they get banned...they have to take extra steps to get to your site. At that point, they have to start wondering what the hell they're doing with their spare time. They've got issues. :-P Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.