Blog Documentation Book a Demo
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

IP Blocker?

BenBen
edited September 2005 in Vanilla 1.0 Help
Can anyone write an extension that will look at a list of IP's and stop all logins from that IP?
I don't want it to just stop them, It would be fantastic if it could display a message on the login page whenever it is accessed from one of the denied IP. It needs to be quite obvious that the IP is blocked before they actually try and sign-in.

Comments

  • lechlech
    edited August 2005
    here's a start... I don't condone this method, but it works if needed

    /* grab the IP */ $ip = $_SERVER['REMOTE_ADDR']; 
    /* block only the computer on 192.168.1.104 */
if ($ip == '192.168.1.104') {
	echo '<h1>B4NZ0R!</h1>';
	exit();
}
    /* Blocks out the entire IP range for 192.168.xxx.xxx */
if (ereg ("(192).(168).([0-9]{1,3}).([0-9]{1,3})", $ip, $regs)) {
	/* Anyone on the range will receive this message */
	echo '<h1>B4NZ0R!</h1>';
	exit();
}
    a stupidly simple method, but it works :D
  • BenBen
    ahh, fantastic. thankyou
  • MarkMark Vanilla Staff
    The sad thing is that IP blocks are very easy to get around by proxy. Firefox even has extensions to easily accomplish this. If you are trying to block someone with even the smallest amount of web-knowledge, you may just piss them off by implementing an IP block, and they'll come at you even stronger than before. Your best bet is to just lock down the forum with administrative approval of new applicants (like I do on here) and use your ban feature when necessary.
  • BenBen
    edited August 2005
    stupid question, but how would i go about making that into an extension, to run at the top of every page?
  • lechlech
    I agree with mark though, getting around this wouldn't be much of an issue especialy when proxies are involved. Spoofing is still pretty easy and like mark said, ben, you're not going to get far by blocking their IP especially if they're on a dynamic connection. However, if you REALLy want to make this into an extension, you can R.T.F.M. ? :D and figure things out. I'm still strugling with some things.
  • BenBen
    edited August 2005
    It doesnt have to be proof against IT-savvy web addicts, just your average student.
    ...How odd, two v's look just like a w.
  • lechlech
    Well, if it's on a lan box, blocking it would be much much easier, however, on a wider net connection, you'll soon learn it's not worth the effort. Students are fairly smart, trust me.
  • nathannathan
    also, if it is a student, they could be on a shared connection, and you might actauly block a school or something. You never know. (Well you do, but you would have to look first. You know what I mean)
  • BenBen
    edited September 2005
    I'm trying to block a school. We're on a shared connection and everything goes through this one school server. And being a student myself, most wouldn't know how to go about bypasssing it.
  • nathannathan
    if you use one of those phpProxy scripts, you will get around it in no time.
This discussion has been closed.