Jump to content

Recommended Posts

Website Information:

Powered by vBadvanced CMPS 3.0 RC1

Forums: vBulletin 3.6.7 PL1

 

Problem:

Recently we had to ban a few users, these users however continue to plague us with repeated account recreations and destructive/abusive posting on our boards. I've researched a few different ways in which we could take care of the situation including creating the .htaccess file and putting in a partial or full IP/dns denial of service variable, but I really don't want to go to that extreme if I can help it.

 

My first thought on this would be to find someone who could write up code that had the following functionality:

 

Upon submitting registration on the website do the following:

 

- Check flat file <path/banned.txt

- If results of check for banned.txt return true, check path/allowed.txt

- If allowed, continue registration, else redirect to blocked.php

 

Is this even possible or are there any other ways to handle the situation that we find ourselves in at this point? I'm running out of options and the last option on my list is to ban a complete service area of the offending member's ISP(s).

 

 

Link to comment
https://forums.phpfreaks.com/topic/64243-solved-website-forums-being-attacked/
Share on other sites

i'm assuming you are probably referring to using the .htaccess method I had mentioned earlier.  I'm aware of that method but then again, it doesn't necessarily help me much.  The user in question is using a dynamic IP address and is able to get around the standard IP ban.  This is what has prompted me to look into alternative methods of dealing with him.

 

I've probably IP banned 30 of his accounts so far in the last 4 days, and while I don't want to block his whole area off from our website, I'm running out of options.

 

you can use the .htaccess method but in the admin center of vBulletin their an option to ban via IP, this is the same as writting a flatfile and storing the IP their..

 

as for his IP, does he also have unlimited emails (yes i know you can setup hotmail etc) but if your forum requires the users to activate their membership via email and you just keep banning the email's and IP's he should get bored and move on, as for the posts you can filter the message, i had a problem where a member was posting links to his own forum.. over and over.. while he got banned for spamming his post was in vain as the filter changed his link from http://www.hisforum.com to http://#spam#.com..

 

the fact is you don't really know its him until he starts to post.. keep carm and don't respone just filter delete and ban.. nothing more he get bored..

 

also as a side note he could just use a proxy to get past the IP lockout

 

Against my better judgement, the owner of the boards wanted registration to be a seamless venture, thus he made it so when you create your account your automatically registered. Honestly though, the email would just be another step this malicious attacker would care less about, he has been attacking us for almost 2 weeks now. There are ways in which you could essentially filter out dynamic users in this situation, you can partial ban by their localization IP address, for example, if you had a user from 123.123.123.mi.comcast.net you could simply ban mi.comcast.net and it would ban him and anyone else from that area of service from connecting.

 

The idea however is to put up a filtration wall that the users must get through before they are allowed to register on the website forums. Ideally, we'd want to do something like:

 

// Written by Jeremy M. 8/10/07 (Riodan@comcast.net)
// Purpose:
// Check to see if a username is allowed to register then do so. 
// Else, check to see if the address is in the banned array and send banned message.

<?php
$banned[0] = "IP Address 1";
$banned[1] = "IP Address 2";
$banned[2] = "IP Address 3";
$banned[3] = "IP Address 4";

$Accepted[0] = "Username 1";
$Accepted[1] = "Username 2";
$Accepted[2] = "Username 3";
$Accepted[3] = "Username 4";

if (in_array($_SERVER['USERNAME'], $Accepted))
// Continue on with the registration process. (not sure what goes here yet)

else if (in_array($_SERVER['REMOTE_ADDR'], $banned))
{
echo "You have been banned from this website.";
echo "If you believe you have received this in error contact us.";
echo "admin@blah.net";
}
?>

 

This code is concept only, I'm a dabbler and may have messed things up in it, but it should atleast illustrate what I'm seeking to accomplish.  Instead of echoing the warnings, we could even go so far as to redirect them to a url with that message, either way would work fine.  I just need a way to stop the user from getting into the site unless we specifically allow him/her to register with a predesignated registration name.

 

Well personall your he adding to that list forever.. but whats wrong with that script ?

 

I'm not sure that would be the case tho, because I can do a partial ban of his IP address, ie instead of the whole numeric address, I can simply find his provider information at the end of his IP address:

 

123.123.123.mi.comcast.net

 

And add that to the banned array, thus banning the entire Michigan Comcast service area.  Then I would simply need to have users wishing to register on our website from that area contact me via email first with the username they wish to use so I could add it to the $Accepted array.

 

As for the script itself, I don't know what the code is for validating and processing the registration atm, but other than that, does the code look pretty sound?

 

// Written by Jeremy M. 8/10/07 (Riodan@comcast.net)
// Purpose:
// Check to see if a username is allowed to register then do so. 
// Else, check to see if the address is in the banned array and send banned message.

<?php
$banned[0] = "IP Address 1";
$banned[1] = "IP Address 2";
$banned[2] = "IP Address 3";
$banned[3] = "IP Address 4";

$Accepted[0] = "Username 1";
$Accepted[1] = "Username 2";
$Accepted[2] = "Username 3";
$Accepted[3] = "Username 4";

if (in_array($_SERVER['USERNAME'], $Accepted))
// Continue on with the registration process. (not sure what goes here yet)

else if (in_array($_SERVER['REMOTE_ADDR'], $banned))
{
echo "You have been banned from this website.";
echo "If you believe you have received this in error contact us.";
echo "admin@blah.net";
}
else 
// Continue on with the registration process. (Not sure what goes here yet.)
?>

Well personall your he adding to that list forever.. but whats wrong with that script ?

I'm not sure that would be the case tho, because I can do a partial ban of his IP address, ie instead of the whole numeric address, I can simply find his provider information at the end of his IP address:

 

well....

also as a side note he could just use a proxy to get past the IP lockout

 

while you could ban the proxies as well it will go on for a long time.. (if you lucky, they don't know how to connect to a proxy server or have software to do it for them)

 

the code is okay.. it doesn't need to be too complex but i have delt with these types of people before and i think your need to rethink the auto-activation part.

 

 

i would probably code it like this

<?php
$banned[0] = "IP Address 1";
$banned[1] = "IP Address 2";
$banned[2] = "IP Address 3";
$banned[3] = "IP Address 4";

$Accepted[0] = "Username 1";
$Accepted[1] = "Username 2";
$Accepted[2] = "Username 3";
$Accepted[3] = "Username 4";

$ban = false;

$ban = in_array($_SERVER['USERNAME'], $Accepted);
$ban = (in_array($_SERVER['REMOTE_ADDR'], $banned))?true:$ban;


if ($ban)
{
echo "You have been banned from this website.";
echo "If you believe you have received this in error contact us.";
echo "admin@blah.net";
}

?>

 

edit: oops on the code (forgot to remove some lol)

Hmmm.. that looks like it may work, I'll talk to the site owner about reimplementing the mail registration as well as an added annoyance to deter users from being malicious.  I appreciate the help on this, I'm not overly good with php, mostly spend my time plugging away in C/C++, Java and Perl heh.

 

Anyhow thanks :)

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.