Forum Moderators: phranque
Thanks in advance.
Can the IP be collected in a form when they reply to the ad and then banned somehow?
Sure. The exact method would depend on your environment, but the process would go something like this:
1. Read REMOTE_ADDR, store it in a seperate field in the row containing the rest of the form variables
2. Build an administration that reads those REMOTE_ADDR correlating it to their related entries (do it with an entry ID)
3. Have someone manually scan entry IDs, then go in and disable the entries
4. Program your form to ensure that IP addresses on the banned list can't post. You could even use that banned list to prohibit them from accessing the site.
I'm not that technical so bare with me…the application is written in perl and the form source looks like:
<form method="POST" action="$script_name">
<input type="hidden" name="request" value="submit_reply">
<input type="hidden" name="session" value="$session">
<input type="hidden" name="website" value="$as{'website'}">
<input type="hidden" name="ad_id" value="$as{'ad_id'}">
<input type="hidden" name="x" value="$as{'x'}">
<input type="hidden" name="headline" value="$user_ad_fields[2]">
<input type="hidden" name="referrer" value="$ENV{'HTTP_REFERER'}">
plus the others like name, email...etc.
Where would REMOTE_ADDR go? If I can get the IP to display in the email reply I can manually add it to a list to block – which leads me to where & how does the list get referenced?
Thanks
Where would REMOTE_ADDR go?
Again, I'm not sure what parameters your script takes. If it just cycles through the variables you feed it, and spits them out to an email, you could use:
<input type="hidden" name="IP" value="$ENV{'REMOTE_ADDR'}">
If I can get the IP to display in the email reply I can manually add it to a list to block – which leads me to where & how does the list get referenced?
The script that is used to process the form submission would have to do the check. You'd need to update the script that you are using. It wouldn't be hard; just a simple "if this IP address in on this list, then disallow use of the post feature".
Thanks.
sometimes we have to stop and look at the larger picture...
can you show me an example of the code to use to call the list of IPs… javascript?
Well, I wouldn't do it in JavaScript. I would do it in:
a) The form script (perl) that you use. That would have the added advantage of letting users view the site, but not use the form. When the form finds a bad IP address, it wouldn't post the entry, but you could have it email to you the entries that they submitted, and submit them manually if it is a valid user.
b) Do it in .htaccess (or similar for your webserver). This would just outright block all users.
Without seeing the script that your form users, it would be hard to write proper code that you could simply cut and paste and have work.
I know some IPs are ranges and it might block/disable many users not just a single scammer… is that true?
Sure, especially if they're dynamic IPs. More so if they're using a big ISP (such as Earthlink or AOL) that has a mega-proxy. So option A I presented above would probably be more desirable to you.
yes, that is true but the real question is do you get any real users from those ip ranges? if not, then block them all and be done with it...
You'll never know if you outright block them without proper research. That helps further the argument for option A. If you repeatedly see an offending IP, just filter it in your mail client to a BAD folder. Then review once a month or so.
sometimes we have to stop and look at the larger picture...
True, but while looking at the bigger picture is important, but it's just as important not to kill a fly with a nuclear bomb.
sometimes we have to stop and look at the larger picture...True, but while looking at the bigger picture is important, but it's just as important not to kill a fly with a nuclear bomb.
besides, nuking flys is such fun! i especially love the way the bits glow in the dark :):o:)
I guess there is a way to look up IPs to find out if it is a big ISP (such as Earthlink or AOL) that has a mega-proxy or just a small range in a questionable area?
Thanks.
Use .htaccess - if they're from a known 'bad' IP then send them to a seperate page that doesn't include the form controls. It they're not on that list - send them to the fully functional form.
Thanks.
Is there a way to just add some code that says if a specified “bad IP” submits the form they get an error message or set it so they just can’t access that reply to ad page at all?
Yes, and yes. The answer to your questions are my options A and B respectively, above.
The easiest is just to block (or redirect) the reply to ad page in .htaccess, as lorax suggested (This is option B). The other method is to update your form script to check a list of IPs when accessed to see if the IP is on the bad list (this is option A).
What’s the best to look up IPs
Start at ARIN's lookup - www.arin.net.
If the IP address is delegated in the Americas, ARIN will tell you who it belongs to. If not, ARIN will tell you which registry to go look in to find out who it belongs to.
[edited by: DaveAtIFG at 3:27 pm (utc) on Aug. 13, 2003]
[edit reason] "Generalized" the IP [/edit]
81.23.XXX.XX
Try it for yourself, first. :) It's easy!
It is assigned to an ISP in Ireland.
[edited by: DaveAtIFG at 3:28 pm (utc) on Aug. 13, 2003]
It appears that Web-Sat is using that IP range for Nigerian connections.
It appears that Web-Sat customers are our problem?
[edited by: soquinn at 6:08 pm (utc) on Aug. 13, 2003]
From there, the easiest way to deal with abuse is to contact the ISP in question, or simply block the users from your site.
That's an administrative decision you'll have to make. Every webmaster deals with abuse differently.
