Distant_storm Posted December 3, 2007 Share Posted December 3, 2007 Hey im looking to ban some Ips, But I know effectivly just banning 192.168.1.1. or whatever will not work that well. Does anyone know what changes within an Ip address so I can effectivly ban the same person but not accidently ban any other users by breaking up the ip address and using a range for some items. for example 192 168 1 - 68 1 - 68 or something ? any ideas? Quote Link to comment Share on other sites More sharing options...
PHP_PhREEEk Posted December 3, 2007 Share Posted December 3, 2007 You need to Google and study IP formats. There are 4 octets, XX.XX.XX.XX Starting from the right side, you can start locking out ranges by omitting that octet. So banning 188.24.150. will effectively ban 188.24.150.0 through 188.24.150.255 Banning 188.24. will cut a decidedly larger range... etc... read up on it. PhREEEk Quote Link to comment Share on other sites More sharing options...
therealwesfoster Posted December 3, 2007 Share Posted December 3, 2007 The SQL statement for that would be something like this: mysql_query("SELECT * FROM your_ip_table WHERE ip LIKE '192.168.1.%'"); or mysql_query("SELECT * FROM your_ip_table WHERE ip LIKE '192.168.%'"); The % stands for anything Quote Link to comment Share on other sites More sharing options...
revraz Posted December 3, 2007 Share Posted December 3, 2007 There is no answer for this. Depending on the ISP, the IP can change just on the last octet or the whole IP can change. All depends on what ranges the ISP owns. Hey im looking to ban some Ips, But I know effectivly just banning 192.168.1.1. or whatever will not work that well. Does anyone know what changes within an Ip address so I can effectivly ban the same person but not accidently ban any other users by breaking up the ip address and using a range for some items. for example 192 168 1 - 68 1 - 68 or something ? any ideas? Quote Link to comment Share on other sites More sharing options...
PHP_PhREEEk Posted December 3, 2007 Share Posted December 3, 2007 Leaving out the last octet will usually nail them.. as to what revraz stated, AOL is notorious for sharing IP's for individual page calls! It's rediculous... so if you ban one AOL user (and I mean using all 4 octets), you have banned probably 50 people, 49 of them who are innocent of anything. If you were to ban an AOL IP and leave off the last octet, you'd wipe out hundreds of users. PhREEEk Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted December 3, 2007 Share Posted December 3, 2007 I'll get a little more basic. Banning IP addresses only causes the person, who you want to keep off your site, to go get another IP address or go through a different web proxy. What you can and should do with IP addresses is log them with the time of the access and then notify the ISP or web host that the IP address belongs to. If the ISP/host acts responsibly, they will investigate and match up the IP and time you give them with their access records and cancel the account of the abuser. Because banning IP addresses only has short term effectiveness, specifically what type of problem are you having? Someone here can probably give you a long term solution that will solve it. Quote Link to comment Share on other sites More sharing options...
Distant_storm Posted December 3, 2007 Author Share Posted December 3, 2007 I am not having any current problems but im always tight on security and have always found ip banning a little redundant as I see when i log on my site who visits my own ip address changes in pretty much all octlets apart from the first one. In my basic electronics I know that ip address represent network and such things but if its changing all the time there is really no reason on banning it is their? Quote Link to comment Share on other sites More sharing options...
revraz Posted December 3, 2007 Share Posted December 3, 2007 Not really, very few people have static IPs, and the people that cause trouble, they know how to change their IP to get around the IP Ban. When I worked for IGN, the only way we could really ban someone was with a hardware ban, but I won't get into that method. Quote Link to comment Share on other sites More sharing options...
Distant_storm Posted December 3, 2007 Author Share Posted December 3, 2007 Sorry not totaly on subject but im a little rusty when it comes to this. but when people refer to accessing the site through a proxy does that mean going to another server and using that server to get to the site ? Quote Link to comment Share on other sites More sharing options...
revraz Posted December 3, 2007 Share Posted December 3, 2007 Yeah, more or less. It routes the traffic, but can also be used to spoof their IP. Quote Link to comment Share on other sites More sharing options...
Distant_storm Posted December 3, 2007 Author Share Posted December 3, 2007 So to summerise the best thing to do it ban any uses causing havock and log all their details to take further actions, but effectivly banning by ip is usless. Quote Link to comment Share on other sites More sharing options...
revraz Posted December 3, 2007 Share Posted December 3, 2007 First, find out what problems you are anticipating. Do you think you'll get human spammers or bots? If bots, you can implement some sort of verification routine that most bots cant handle. If human, then its difficult until they actually do something wrong. Ban their account, then they have to open a new one with a new email address. Eventually they get tired and go away. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.