Banning based on hostname (Page 1 of 2)

you can always ban host in .htaccess .....    host.net etc....

Banning hosts !  Well that feature is really not so needed since pubb is meant to be small and every byte is important   I do not support the feature because it is easily done in other ways. It is matter of couple of seconds to do that IMO

Smartys, wouldnt it be easyer to check host by log in and register? Doing it by page I can see your point but doing it by log in and register would be much less stressfull on the pages. Only issue would be sessions that havent expired yet (IE. Keep me logged in everytime I visit). Thats somthing I guess could be handled with the already made ban system that checks the username or IP or e-mail.

So in simple form. If I ban a user with the hostname  pool-*-*-*-*.sttlwa.dsl-w.verizon.net I ban his username "Noob" then I ban his IP 23.24.234.243 and finaly I ban his e-mail noob@verizon.net.

Then when the user visits the site again the forum goes by its default system "Username check, IP, e-mail" Since his name is banned and his IP is banned he gets the banned message. So now he disconnects his cable modem, gets a new IP from his host (assuming he can) and clicks on register. The forum now checks his host with banned hosts. It finds his host banned so it gives him the banned message screen.

Simple and effective. I know I could simple do this other ways but that kinda limits the audience of PunBB. Its just a request but I guess if its never added I or someone else could make a mod for it.

Whats wrong with having it on just 2 pages over all? You only log in or register once. If you did it on every page then every page would load slow. Giving up 2 pages isn't that much of a sacrifice I think since its only checking the host when they trigger the register button or the log in button and not checking before they click register or log in. This would load the page fine the only slow time would happen after they click register or log in because thats when it would look over there host info and output the sorry your banned message.

Integrating it would not be that hard. But this was just a request to the forum scripters. I didn't have any intent of doing this on my own. Much thanks for your fast replys.

Not to be rude but did you read my other posts fully? If a user has the "Remember my login" and I ban there IP, Username, e-mail and hostname. The next time they view the page the normal ban system would take effect (IE. IP, username, e-mail). They would then get the banned page message saying sorry you are banned. So assuming the person disconnects there cable modem, DSL router to obtain a new IP from there host they now have access to the board again. BUT since I also banned there host if they tryed to register a new account they would be pointed to a nice "You are Banned" page. Now that I think of it You wouldnt even need it on the log in page since the username would be banned anyway.

So to brake it down have the banning host code just on the register page. I honestly dont see why you dont like this feature. It wouldnt take long to add as a MOD or a feature. The load time wouldnt be that effected if you did it right heck its in the majority of the forum software on the internet already.

I guess what im trying to get at is, the host banning would only prevent users from registering but they could still view the pages.

What do you mean routinely? Like dialup? then they would still of course get the banned page because there username is banned along with their last used ip and e-mail address. So assuming they think there smart and try to register a new account their host is then checked before their register forum is processed and then get confronted with a nice banned page.

Ya I can see how this would be a better MOD but I don't understand why PunBB is being limited just to the audience of "small community's". I find it to be a very nice script and with some new features such as host banning it would work out for major community's. I suppose its something that will have to wait untill more users request it I guess.

Thanks for your input I hope to see a mod someday. If not then maby Ill look into making one.

Ya proxys and stuff. But then you can just ban that whole proxy's range and not deal with it again since if a user is gonna use a proxy chances are its only to post back to something someone said as the final word. So if that happends then ban the range and be done with it.

Its funny you say that since PunBB wont let me ban anyother way without first giving a username. Also if the forum is set up for registerd users to post only then the host banning would work fine. If your letting guests post then theres no need for a ban system to begin with since your opening your self up for spam, flaming and junk.

Well a few people on here have plainly said that Pun is for small communitys and I find that sad how its being labled as that.

Host banning is a major feature! The forums I run for a number of major sites need the host banning in order to filter the rif raf. IP banning dosnt work and by banning a range I basicly kill my whole fan base. Username and e-mail banning is usless since users just go to hotmail or yahoo and make a new account and then register. Also I dont see how you think host banning will effect the load time alot. I just wrote up a small host banning script for one of my sites and didnt notice a thing on a cable line. It worked so I guess ill expand it and make a mod since this is probably not going to be added as a feature anytime soon.

Ok ?.then you didn?t read one of my earlier posts?..where going around and around and talking about the same things but either miss understanding each other or just not connecting thoughts. Bla Im not gonna bother explaining again its to much work. Lets just say use wild cards to ban the host names and that would solve the issue of changing ips.

Well I cant get past the username ban page without banning a username. Not that, that?s a bad thing just saying I cant get past it.

Now that?s silly. Allowing guests to post is like saying hey spam me now! At least with register users you can keep tabs on them and see what there doing. Guests there free to do anything banning them would do nothing by IP.

Yes Iv seen large communities use the forum but like I said when I visit here reading comments and arguments there?s also a point where someone explains that punBB is for small communities and not large. Maby its because I read the forums over the site I don?t know.

Ill agree with you but still security is security. Saying that you wouldn?t like an extra method of keeping your forums safe from spammers, scammers, and jerks is your opinion I guess. I just find it weird that you don?t want any extra-added security. This is like saying hey lets have sex without a condom because I took the birth control pill! But wait its not 100% protective just like IP banning. Id take security over any other feature that people suggest anyday.

Im not banning the whole host. A host name is made up of different parts and can be different depending on the ISP. For example some have ip, state or country, isp router, isp host name (ex. A-12-23-12-23-lund-nh-comcast.com). By banning the correct parts you will not effect the rest of the users that use that host.

Its one thing to read then it is to do. Since PunBB is already small and lightweight you wouldn?t notice any slow load times at all. At the most an extra 2 seconds.

Lets just agree that there?s nothing more to say. Since college is done and the sites I?m using punBB on are now open. I?m sure I will be forced to make my own MOD to ban hostnames. When and if I do; ill be sure to post it on here for you to see.

It was nice talking to you

Theres more you can do with hosts banning its not made just for banning an ISP or ip. Read a bit on it since I dont have time right now to post fully all the things you can do with it.

And btw by dafault would be 10 seconds but by putting a timeout time to override it you could set it to 1 and it would still sucessfully work. but Iv tested without putting in a timeout time and it seems to work in 1 or 2 seconds. So if it was to be added im sure putting in a time out time to override the default would make it less of a hastle for people like you.

The slowness you talk about is only if you code it wrong. Theres endless ways of doing it to speed up the process. Dont just read somthing and assume thats what it is and thats the only way you can do it.

Well I can?t really search for stuff on google right now but I can give you an example of a few ways of banning a host different ways then talked about already. It?s not so effective but still can slow down people you do not wish to view the site.

A host is made up of other things not just your ISP and IP as you can tell from the host you pasted before. As said it sometimes has your country, state, town or city letters in it each ISP does there host diffrently thus making host banning more effective if you really read up on it. It also sometimes has your ISPs router that you go through in order to view pages. Now lets say it has your state and you know the ISP is a world wide ISP or is known to be in other states within the US. You also know that no other members are from the state of the spammer. So you simple just put wild cards in for the state or town. (ex. pool-71-247-100-161.*.east.verizon.net). Its not as effective but certainly another option in the banning process. Now for routers, most ISPs have more then one router that forwards its users to the web. You can ban his ISP router from the host string and that will prevent him or her from posting on the forums at least until he or she resets his or her router and gets re-routed to another router owned by their ISP. But it?s unlikely that it will happen quickly it takes longer then getting a new IP. I know my ISP, Adelphia, takes hours to route me to a new router if I try disconnecting my cable modem to obtain a new IP. So even if someone did it, you could always ban their town, router and full ip. This would stop them from viewing your forums. Now there are more tricks but like I said I don?t really have time to find references on google. But you get the idea, host banning isn?t meant to be 1 thing. You use it in conjunction with other banning methods to help strengthen your security.

For example say you where spamming on my forum the first thing I would do is ban your username and e-mail. Then I would work my way to your IP and then add in your host mask and add a wild card for nycmny assuming NycmNY is from New York and since I have no one from NY that goes to my site I have little care about who else I?m banning using verizon in NY (pool-71-247-100-161.*.east.verizon.net) I can of course add in wild cards on your IP in conjunction with your state but then this would possibly ban other users (pool-71-247-*-*.*.east.verizon.net). Now this was just an example, id give it more thought before I ban anyone from a site or forum I run. I like to see what people do when there banned so I don?t always IP or host ban first. I mainly username and e-mail ban and keep an eye on new register users. Then if its the same person I IP ban them and fool with there host file banning.

Also yes setting default in the function is one way and it does not involve any other programs. It also wouldn?t be all that hard to implement into all or 1 page hell you could toss the variable in the config file to let the hosters change it to whatever they wish or disable it all together. But keep in mind the time it takes to resolve the host to IP doesn?t take as long as you think. At the most it would possibly take 10 seconds Iv never seen it go longer then that and Iv run 2 major sites using host banning. You could take a look at the forum software Simple Machines Forum for how they do the host banning and how much of a delay it pays on the forums. It?s not a whole lot but there software is cluttered with other things that cause it to be slow loading thus why I?m here lol.

Wrong, by banning every octet (*.*.*.*) your banning the whole ISP not just their state. That?s a no no if you want to still receive users from Verizon. Banning the nycmny is banning your ISPs state/town/city tag like you said your self, that doesn?t change no matter how many times you reset your cable/dsl modem So by wild carding it your stopping any IP given from the state of NY with the ISP Verizon, but still allowing other Verizon users to view the forum from other states. Banning every octet is banning their ISP, host, address and range. That?s not what where trying to do here. Lets say we do ban every octet like you sugested and I use Verizon in the state of Maine. If I try to browse the forum id be banned also since you banned the ISP octet.

Also on your second question d51A599E8.access.telenet.be is weird I wouldn?t just ban it without keeping watch on the user to see how many different host strings come from telenet.be. If there was more such as d4d493d3.access2.telenet.be and the user was using them to spam then id wild card the access part d51A599E8.*.telenet.be of course that?s not very safe if your just guessing but you get the idea. Host banning is a more refined banning method. But like you already noticed most ISPs have different strings not all are plain as day.

Plain and simple, IP banning is nice and all but there?s just some things that host banning is more refined about or more up front about.

Wrong
pool-*-*-*-*.nycmny.east.verizon.net does not ban the whole ISP
Why?
Notice the nycmny part.
Now, look at pool-71-248-10-87.bltmmd.east.verizon.net (another valid IP range)
Now, tell me: how does banning pool-*-*-*-*.nycmny.east.verizon.net do that?
All it does is ban any IPs from Verizon in NYC, which is NOT what your thing does
Now, if I banned *.verizon.net, I would be banning all of Verizon

And yet it isn't
How about toronto-HSE-ppp3959157.sympatico.ca?
Or 154.85-200-22.bkkb.no?
Or ACA90D41.ipt.aol.com?
Or CPE000f3d36f1bb-CM0011ae8d72e8.cpe.net.cable.rogers.com?
Or 203-217-95-78.dyn.iinet.net.au?
Or fl-71-3-115-202.dyn.sprint-hsd.net? (This one can be done relatively easily)
Or ip173-168-59-62.adsl.versatel.nl?
Or ip173-180-59-62.dialup.versatel.nl?
Or host86-137-247-148.range86-137.btcentralplus.com?
Or 64.178.114.65.dynamic.dejazzd.com?
Or 12-219-18-153.client.mchsi.com?
Or dpc6747129199.direcpc.com?
(OK, I'm getting bored coming up with examples, although I do love IRC )

My point is that "odd" hostnames are not uncommon, and thus are not all that odd
These are all real hostnames. Now, tell me how you can use these other than banning ISPs or IP ranges or a specific IP?
Host banning is useful in a very small number of cases and in those cases it relies on the hope that ISPs don't route their customers through routers outside of the area in the hostname for whatever reason (like, say, enough of their hardware goes down that they have to route people to other routers).
It's useful and works on a bunch of ISPs in the US and I'm sure some internationally but I believe the vast majority don't list the location of IPs in the hostnames and thus it's useless on them except to ban the ISP