Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Proper Format of Wildcard IP Bans

Could you please clarify the correct format of a wildcard IP ban for Vanilla Forums? Searching through the various threads on the subject there is inconsistency in what others are stating is the correct format. So far I've seen the following formats referenced:

123.456.789%
123.456.789.%
123.456.789*
123.456.789.*

My guess is the second one but would like confirmation.

Thanks!

Answers

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    Please try using the RegistrationRestricLogger plugin

    A FEW IMPORTANT THINGS YOU NEED TO KNOW before running the plugin.

    You must ensure that plugins/RegistrationRestrictLogger/list/registrationrestrictlog.php is writeable.

    You may need to change the permissions on
    plugins/RegistrationRestrictLogger/list folder and/or registrationrestrictlog.php file itself.

    Leave the <?php exit(); at the top of the file to prevent dowloading or anyone else reading it.

    You can view log through cpanel or ftp - registrationrestrictlog.php

    What this plugin does:

    It logs attempted registrations in a file and suggests possible Bots.
    It prevents anybody who puts a web address in the "Why do you want to join box" from registering

    It is suggested that you change the definition in your terms of service - Do not enter any web sites in the "Why do you want to join box".

    Also you should keep an eye on the log size.

    If you want to save old logs you could copy registrationrestrictlog.php to MD-registrationrestrictlog.php

    and then

    If you want to make a new log copy orig-registrationrestrictlog.php to registrationrestrictlog.php

    Some preset known spambots have been added and filtered out of log as well as prevented from registering.

    The patterns searched for are in spampatterns.php

    The ips searched for are in spamips.php

    To use - let's say a spammer always enters the phrase "I needs your site" as shown in your log in registration

    Then you just edit and add the words: I needs your site to the spampatterns.php

    To use - let's say a spammer always comes from 218.86.50.58 as shown in your log in registration, then you just edit and add the Ip number example: 218.86.50.58
    to the spamips.php file.

    To use - let's say a spammer always comes from 218.86.50.58 or 218.86.50.59 or 218.86.50.60 as shown in your log in registration, then you just edit and add the first few numbers that are the same example 218.86.50

    To the spamips.php and will block addresses ranged from 218.86.50.0 = 218.86.50.255

    Any patterns matched from spampatterns.php or spamips.php will be exited from registration and presented with this message.

    AND given a message 404 - and send http response header not implemented

    The email they use to spam contains the IP number, so just go the the site where the email came from and get the IP http://www.getip.com then add it to the filter.

Sign In or Register to comment.