1

Topic: getting hacked/pestered

someone keeps on logging in under different names and is abusive on my board, I can ban him for a bit - but because his ips dynamic I cant stop him altogether, he does however seem to be operating within a certain range of IP addresses, is there anyway I can ban a range of addresses?

2

Re: getting hacked/pestered

I am sure someone will answer this very shortly. Just a suggestion though. I think you had better do a trace against the IP before banning a large range which is dynamically assisgned. If it turns out to belong to one of the mega ISP's or even your local ISP you could find yourself accidentally banning a whole load of members.

3

Re: getting hacked/pestered

it does look like its one of the mega ISPs - looks like they have lots of class A address blocks.

Re: getting hacked/pestered

send proof of the pestering (logs, ips, time, messages, etc.) ... look though the licence agreement from that ISP, and copy the affected paragraphs to your email... and explain how that user has broken against them ...  if you're really lucky they will take action ... smile

5 (edited by ps21 2003-09-25 16:46)

Re: getting hacked/pestered

Have you checked whether this persons registered email addresses are genuine. If he is using fake email addresses then you might cure the problem by enabling email validation at registration time.

Re: getting hacked/pestered

I think Email validation is a pretty good sollution, I mean if this guy is willing to get a new email just to spam a couple of messages... well then he probably has ducks on his head.

-

Re: getting hacked/pestered

You can ban a range of IP addresses, but at least one whole octet. Ex. 150.11.110. This will ban 150.11.110.1 through 150.11.110.255.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

8

Re: getting hacked/pestered

If somebody really does want to ban a narrower range of IP addresses isn't there a way to do it with .htaccess?

9

Re: getting hacked/pestered

yes, it is a denyfrom thing.....i cant rmember how to do it but it denies all access from one IP onlyi think.

10 (edited by Scriptweaver 2003-09-26 07:09)

Re: getting hacked/pestered

Place something like this in your .htaccess file:

order allow,deny
deny from 123.456.789.000
deny from 012.345.678.
allow from all

In these lines you tell .htaccess to make differences between allow and deny in the first line, you tell it to deny access from ip 123.456.789.000 in the second line, to deny access from all ip-adresses starting with 012.345.678. in the third line, and finally don't forget to grant access to everyone else :-) in the fourth line.

You can also use domain names instead of ip adresses, but that ain't useful here.

Re: getting hacked/pestered

Shouldn't that be

order allow,deny
allow from all
deny from 123.456(and so on)

?

-

12

Re: getting hacked/pestered

thanks guys - lots of great advice there, I'll try it out.