Disallow specific IP address from viewing without logging in

[bosswhite]

Is it possible to allow guests to browse the forum
Administration Center » Features and Options » General

but be able to detect a specific IP address and redirect them to the login page?

Currently using SMF 2.0.9 | SimplePortal 2.3.6

[Kindred]

in short no....

you can BAN by IP address -- but there is no way to automatically send a specific IP to the login page while still allowing everyone else to browser.

[margarett]

Oh, why not do a small code cheat?

index.php, find:

code removed, answer below

[Bruce the Shark]

Correct me of i am wrong here Kindred
but
Most forum here have this mod installed, called
Bad Behavior mod
http://custom.simplemachines.org/mods/index.php?mod=2502
it allows an ip to be redirected away from your site.
But i am not sure if it is possible to redirect it away to another site.
I would think its possible
If it does then I suppose  you could just copy your login of your url and do it that way.

[Kindred]

bruce --   in short. no. afaik, that is not actually the way that mod works.

However it is possible that margarett has a code hack that would do it.

[bosswhite]

Oh, why not do a small code cheat?

Unfortunately, Margarett, this does not work as intended with Simple Portal. It still displays the Portal Index Page and merely replaces the Articles section of that page with the Login prompt.

[margarett]

Oh, bugger

Well, I have to install SP then. Someday it would have to happen, hey?

[Illori]

Oh, why not do a small code cheat?

Unfortunately, Margarett, this does not work as intended with Simple Portal. It still displays the Portal Index Page and merely replaces the Articles section of that page with the Login prompt.

i have not used simple portal, but i think this may be the default behavior if the forum does not allow guest access. maybe asking in the SP support thread or on their forum may get you further.

[margarett]

Yeah with SP it's different because the portal is already initialized.

It works if you add:

Code Select Expand

//Our own specific guest needs to login and do nothing else?
if ($user_info['is_guest'] && ((!empty($user_info['ip']) && $user_info['ip'] == '127.0.0.1') || (!empty($user_info['ip2']) && $user_info['ip2'] == '127.0.0.1')) &&
(!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('login', 'login2'))))
{
require_once($sourcedir . '/Subs-Auth.php');
return 'KickGuest';
}

Before

Code Select Expand

// Load SimplePortal.
sportal_init();


Do note: the previous trick is messed I'll remove it from my previous post

[bosswhite]

Yeah with SP it's different because the portal is already initialized.

Thank you Margarett, the revised code works perfectly.

One final question (only if you have the time, I know you are busy), what would I enter in the code if I wanted to include two or even three IP addresses to redirect?

e.g.
if IP address = 1.1.1.1 or 2.2.2.2 or 3.3.3.3 etc.

[Chas Large]

I love the code margarett but sadly it'll only work temporarily if the intended victim visitor has a fixed IP. If they have a dynamic IP or are using a proxy then...

@bosswhite, why not just ban them and put a link in the ban that they will see and click. Assuming it's a human you want to redirect. If it's a spammer, then there is an excellent stop forum spam mod that works very well. If it's a bot or a spider then ignore it. Perhaps if you explained more as to why you need this, an easier solution might be available.

[margarett]

You either extend that OR operation with IP and IP2 or you create an array of undesired IPs and use a "in_array" to check if the current IP matches one of those.

I'll compose an example later

[bosswhite]

I love the code margarett but sadly it'll only work temporarily if the intended victim visitor has a fixed IP. If they have a dynamic IP or are using a proxy then...

@bosswhite, why not just ban them and put a link in the ban that they will see and click. Assuming it's a human you want to redirect. If it's a spammer, then there is an excellent stop forum spam mod that works very well. If it's a bot or a spider then ignore it. Perhaps if you explained more as to why you need this, an easier solution might be available.

I run a technical support website for specific software users. The member concerned is associated with a company offering similar support via a helpdesk.
I added him as a spider using his IP address so that I can log what he is browsing when not logged in (most of the time he doesn't log in but I can monitor him this way because he does have a fixed IP). He is not aware of this.

The reason I do this is because solutions on my site are appearing swiftly on his support helpdesk (albeit worded slightly differently).

All I was trying to do was force him to login if he wanted to see content. He acts differently when he knows that we are aware that he is logged in and tends not to steal copy content.

[Chas Large]

Do you have a rule about copyright? if so, enforce it and give him a warning. Treat him like an ordinary member who breaks house rules.

If you don't have a rule or copyright policy, set one up and announce it so that everyone knows you mean business.

If you really don't want him there, set up a redirect in your .htaccess site pointing to Google but if your site is open to the public then you're on a hiding to nothing.

[bosswhite]

You either extend that OR operation with IP and IP2 or you create an array of undesired IPs and use a "in_array" to check if the current IP matches one of those.

I have been trying to implement this but not sure if I fully understand. I don't know much about coding.
Could anyone please give me some guidance?

[margarett]

Ha! Of course I forgot this
I won't be on the computer till tomorrow at least but feel free to pm me if I forget it again

[waris]

The BAD BEHAVIOR MOD to me is sufficient for any SMF forum.

Be careful when removing IP addresses as Bots & Spiders are constantly indexing all the new entries to your forum. If They are not allowed to do this then your forum can be very difficult to find when others do a search in Google, Yahoo, etc.

There are millions of annonymous IP addresses on the internet that visit web sites everyday.

It just like your personal health; there are good cholestrol and there are bad cholestrol.

Live with it!

[margarett]

This should work

Code Select Expand

//Our own specific guest needs to login and do nothing else?
$disallowed_guests = array('127.0.0.1', '127.0.0.2', '127.0.0.3');
if ($user_info['is_guest'] && ((!empty($user_info['ip']) && in_array($user_info['ip'], $disallowed_guests)) || (!empty($user_info['ip2']) && in_array($user_info['ip'], $disallowed_guests))) &&
(!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('login', 'login2'))))
{
require_once($sourcedir . '/Subs-Auth.php');
return 'KickGuest';
}

Just extend that array as far as you need it

[bosswhite]

Perfect Margarett. Thank you for giving up your time to help.