News:

Wondering if this will always be free?  See why free is better.

Main Menu

IP Blocking Question

Started by 20abc22, March 21, 2023, 09:21:52 AM

Previous topic - Next topic

20abc22

Hi all,

Is there a way to block a guest IP address in SMF without having to go to .haccess?

Thank you.

Diego Andrés

Did you try restricting their access through the forum? Or did you want to do something more specific?

SMF Tricks - Free & Premium Responsive Themes for SMF.

Dave J

Check your host because some of them let you block IP's use an 'IP Manager'
If you want quizzes to add to the new SMF2.1 quiz mod go here . There are also walkthroughs in the forum to explain how to install them and other tips.

Kindred

you CAN use the SMF blocking.... but blocking an IP should really be done in htaccess.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Arantor

The reason for using htaccess, for the record, is that it consumes far fewer resources since you don't have to load SMF that page to decide if the user is banned.
Holder of controversial views, all of which my own.

20abc22

Thanks, everyone! To provide more details, these are not users, but only visitors. I would like them not to be able to access the forum.

Since they don't have accounts, I cannot ban them per se. And I can't figure out by myself how to add just an IP to some kind of a blacklist within SMF.

Kindred

if you don't want guests to view the forum, then either a) set all of your board permissions to remove the rights of Guests to view the board or b) turn off guest viewing entirely.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Arantor

You can add bans on just IP addresses but as noted it's a lot less efficient.
Holder of controversial views, all of which my own.

20abc22

Quote from: Kindred on March 21, 2023, 01:49:36 PMif you don't want guests to view the forum, then either a) set all of your board permissions to remove the rights of Guests to view the board or b) turn off guest viewing entirely.

I generally want all guests to view the forum, except for specific ones.

20abc22

Quote from: Arantor on March 21, 2023, 02:11:47 PMYou can add bans on just IP addresses but as noted it's a lot less efficient.

Is there a specific section in the SMF manual on this? I was looking for it and could not find it.

Arantor

https://wiki.simplemachines.org/smf/SMF2.0:Ban_list - create a new ban, triggered off IP address only. It's exactly the same in 2.1.
Holder of controversial views, all of which my own.

a10

^^^ https://wiki.simplemachines.org/smf/index.php?title=Special%3ASearch&search=ban+ip&fulltext=Search

In smf:
100.100.100.100
100.100.100.*
100.100.*.*
100.*.*.*
(* = 0 to 255)

In .htaccess:
100.100.100.100
100.100.100.
100.100.
100.
(empty entry = 0 to 255)

or cidr
100.100.100.100/30
100.100.100.104/29
100.100.100.112/28
100.100.100.128/27
100.100.100.160/28
(will block 100.100.100.100 to 100.100.100.175)

All that for ipv4. ipv6 may be more laborious...

Now, why exactly do you need to ban that\those ip(s) (what is their source, angry ex-member(s)? bot witth 100000's visits? login hack attempts? etc).
Telling exactly what the problem is will help in choosing which means to use,  which not to use, what may be effective.
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

20abc22

Quote from: Arantor on March 21, 2023, 05:18:47 PMhttps://wiki.simplemachines.org/smf/SMF2.0:Ban_list - create a new ban, triggered off IP address only. It's exactly the same in 2.1.

This appears to apply to banning a user, but these IPs are not users - just visitors.

20abc22

Quote from: a10 on March 21, 2023, 05:39:39 PM^^^ https://wiki.simplemachines.org/smf/index.php?title=Special%3ASearch&search=ban+ip&fulltext=Search

Now, why exactly do you need to ban that\those ip(s) (what is their source, angry ex-member(s)? bot witth 100000's visits? login hack attempts? etc).
Telling exactly what the problem is will help in choosing which means to use,  which not to use, what may be effective.

It is related to online bullying. I'd rather not share the specifics publicly, but am prepared to provide it via personal messaging, if you are interested in getting more information.

Arantor

It doesn't really matter. If you are receiving trouble from a bunch of IP addresses where they're consuming your resources, getting to SMF and banning in SMF just means you still let them consume a whole bunch of resources. It still has to load SMF, do the startup, load the settings, load the theme, load the ban details, then figure out if banned.

And this also impacts on actual users too since they'll be checked periodically for being banned so everyone gets a (slight) performance hit.

Which is mitigated almost in its entirety by using htaccess, which is why it's recommended in *every* scenario that is an IP ban. Or if you're not using Apache but nginx or something else, they all have firewalls that can do this more efficiently than letting it get to SMF. Or even if you're using something that doesn't have an IP filter, the operating system will. Every level you do this at before it gets to SMF benefits you and your actual non-trouble users.
Holder of controversial views, all of which my own.

a10

Quote from: 20abc22 on March 21, 2023, 05:47:48 PMIt is related to online bullying.
Asking again, what exactly is the problem, f.ex. banned\deleted members trying to re-register ? To bully, one will need to make posts, no? You write it's about -guest- ip in 1st post, guests allowed to post??

Anyway, blocking one ip or one range will not deter someone determined to access the forum, they can use another device on other network, tor browser, free wifi, vpn's offers 'endless' ip's etc
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

20abc22

Quote from: a10 on March 21, 2023, 06:17:17 PM
Quote from: 20abc22 on March 21, 2023, 05:47:48 PMIt is related to online bullying.
Asking again, what exactly is the problem, f.ex. banned\deleted members trying to re-register ? To bully, one will need to make posts, no? You write it's about -guest- ip in 1st post, guests allowed to post??

Anyway, blocking one ip or one range will not deter someone determined to access the forum, they can use another device on other network, tor browser, free wifi, vpn's offers 'endless' ip's etc

They steal and use my content elsewhere. Though I agree that it is probably a futile exercise anyway, as they may use one IP now and once banned, switch to a different one.

However I still would like to know if I can ban an IP address from within SMF as Admin without this being an account of a registered user - just a visitor/guest.

Arantor

Yes, yes you can. You just set the ban up to only work off an IP address.

Or you can use htaccess where it doesn't matter anyway.
Holder of controversial views, all of which my own.

Steve

@20abc22 - This has been recommended 4 times now in this topic:

Quote from: Arantor on March 22, 2023, 04:27:30 AMOr you can use htaccess

Is there a specific reason you're against using .htaccess?
DO NOT pm me for support!

20abc22

Quote from: Arantor on March 22, 2023, 04:27:30 AMYes, yes you can. You just set the ban up to only work off an IP address.


But how exactly? If it is an account, I can do it easily, but for an IP itself I cannot figure it out.

20abc22

Quote from: Steve on March 22, 2023, 08:16:10 AM@20abc22 - This has been recommended 4 times now in this topic:

Quote from: Arantor on March 22, 2023, 04:27:30 AMOr you can use htaccess

Is there a specific reason you're against using .htaccess?

I am not that savvy :) afraid to mess things up.

a10

https://www.google.com/search?q=ip+ban+htaccess
Works great. & no danger, simply edit (or delete) it if something goes overboard :O)
htaccess saves resources, as explained.
 
SMF: Ban List > tick Ban on IP > enter an IP > enter a Ban name > save (add).
Expiration 'never' & 'full ban'. Check the ban log periodically, with no hits after a period > 'Expired / disabled' or delete the ban.
Banning in smf has one small advantage, one can monitor (hits, ban log) connection attempts.

But... anyone can easily use a new ip and be back 1 minute after seeing some ban or a 403 forbidden (htaccess).
The effective way to stop anyone form copying content is to delete the whole website\forum, or put a "deny from all" in htaccess :O)
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

Kindred

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

20abc22

Quote from: a10 on March 22, 2023, 08:27:46 PMhttps://www.google.com/search?q=ip+ban+htaccess
Works great. & no danger, simply edit (or delete) it if something goes overboard :O)
htaccess saves resources, as explained.
 
SMF: Ban List > tick Ban on IP > enter an IP > enter a Ban name > save (add).
Expiration 'never' & 'full ban'. Check the ban log periodically, with no hits after a period > 'Expired / disabled' or delete the ban.
Banning in smf has one small advantage, one can monitor (hits, ban log) connection attempts.

But... anyone can easily use a new ip and be back 1 minute after seeing some ban or a 403 forbidden (htaccess).
The effective way to stop anyone form copying content is to delete the whole website\forum, or put a "deny from all" in htaccess :O)

Perfect! I will look into it.

Thanks for your help, everyone!

20abc22

I am sorry - where are 'Bans' or 'Ban list' in SMF 2.1.3? I only can see the 'Moderation Journal" or whatever it is called.

Thanks!

Shades.

Quote from: 20abc22 on March 23, 2023, 08:32:58 PMI am sorry - where are 'Bans' or 'Ban list' in SMF 2.1.3? I only can see the 'Moderation Journal" or whatever it is called.

Thanks!
Administration Center>Members>Ban List
ShadesWeb.com - Custom Logos - My Themes on SMF | My Themes on ShadesWeb
https://shadesweb.com

BikerHound.com - Sniffing out the road ahead
https://bikerhound.com

Dream as if you'll live forever; Live as if you'll die today. - James Dean

20abc22

Quote from: Shades. on March 23, 2023, 08:55:26 PM
Quote from: 20abc22 on March 23, 2023, 08:32:58 PMI am sorry - where are 'Bans' or 'Ban list' in SMF 2.1.3? I only can see the 'Moderation Journal" or whatever it is called.

Thanks!
Administration Center>Members>Ban List

Thank you so much! For the life of me, I could not find it (perhaps because my SMF version is in another language :)).

20abc22

I've just added a ban, but it does not seem to have worked, as I am seeing same IPs accessing the site right now.

This is not related to my original issue, but I still want to ban the subnet 51.222.253., as this is some Canadian bot and I don't want it. Here are the IPs currently on my site:

(51.222.253.3)   
(51.222.253.2)   
(51.222.253.19)   
(51.222.253.18)   
(51.222.253.15)   
(51.222.253.13)   
(51.222.253.12)   

If I choose 'block by IP", what would be the correct syntax for this subnet - 51.222.253.* ?

Thank you.


Kindred

Putting a bunch in smf does not prevent the target from hitting the site.  It does, however,  prevent the site from displaying content.

Seriously,  we told you to use htaccess
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

20abc22

Quote from: Kindred on March 23, 2023, 11:17:14 PMPutting a bunch in smf does not prevent the target from hitting the site.  It does, however,  prevent the site from displaying content.

Seriously,  we told you to use htaccess

ОК, I will give it a shot during the weekend :)

Advertisement: