What do you all do with members who refuse to remain banned. They're savvy enough to know how to obtain cloned IP addresses and emails are largely free.

We have "miserable users" mod on board, but one gentleman stays below the parapet for weeks as a seemingly attentive member doing all the 'right' things and then suddenly begins causing havoc....

In one of his guises he used at least 30+ IP addresses - no doubt some could be legit - especially if he likes coffee with his wi-fi :D

Are you using a proxy killer? Might help in this case.

Are you using a proxy killer? Might help in this case.

No we're not - I'll look into that.

Thank you.

Every time I see a new proxy registration, I always block the whole host (all IP ranges that belong to that host) and block the email domain in case it's a spam/temporary domain. Currently have a nice list of nearly 80 million blocked IP addresses from hosts which provide hosting/VPN services and such.
I don't care about traffic from such hosts, I only need legitimate traffic from users with home connection ISP's and the search engine bots.

Every time I see a new proxy registration, I always block the whole host (all IP ranges that belong to that host) and block the email domain in case it's a spam/temporary domain. Currently have a nice list of nearly 80 million blocked IP addresses from hosts which provide hosting/VPN services and such.
I don't care about traffic from such hosts, I only need legitimate traffic from users with home connection ISP's and the search engine bots.

Thanks Dave, but how do you identify the proxy registration in the first instance without affecting otherwise legitimate members, say those at work where their company uses proxies. What proxy trapper would you recommend.

Geoff

I don't really make use of a proxy trapper, I do it all manually.

I do it like this:
1. Whenver I see a suspicious registration, I enter the IP here: https://ipinfo.io/ and check to which ISP it belongs.
2. I Google the ISP and lookup the main site and see what kind of services they provide.
3. If they provide hosting services, not for home connections, I usually block the whole thing using a custom script I wrote to generate all IP ranges that have to be blocked.
4. After I generated all the IP ranges that have to be blocked, I apply it to a tool called Peerblock (for Windows). Of course it can be applied to iptables on Linux as well.

This will not work if you use something such as Cloudflare though.

I just ban them again when we come across them, no message, no fuss.

They eventually get bored of constant re-regeristing, its a lot of work for them, a single click for me.

I don't really make use of a proxy trapper, I do it all manually.

I do it like this:
1. Whenver I see a suspicious registration, I enter the IP here: https://ipinfo.io/ and check to which ISP it belongs.
2. I Google the ISP and lookup the main site and see what kind of services they provide.
3. If they provide hosting services, not for home connections, I usually block the whole thing using a custom script I wrote to generate all IP ranges that have to be blocked.
4. After I generated all the IP ranges that have to be blocked, I apply it to a tool called Peerblock (for Windows). Of course it can be applied to iptables on Linux as well.

This will not work if you use something such as Cloudflare though.

Aye - we check the IP addresses and every time they come up legit - why I commented about the guy liking his coffee! Some email addresses seem odd and yet he obviously is able to route PMs etc through to his 'correct' address.

I just ban them again when we come across them, no message, no fuss.

They eventually get bored of constant re-regeristing, its a lot of work for them, a single click for me.

We keep doing that - no sign of boredom yet. We even shut the Forum down for a month around Christmas after banning his latest account, and yet he already had another one which he'd been using 'normally' for about 150 posts before he reverted to trouble ....

Why not use something like this?

https://vborg.vbsupport.ru/showthread.php?t=125871
https://vborg.vbsupport.ru/showthread.php?t=183268

Be sure to read the latest posts for vB4 compatibility.

Why not use something like this?

https://vborg.vbsupport.ru/showthread.php?t=125871
https://vborg.vbsupport.ru/showthread.php?t=183268

Be sure to read the latest posts for vB4 compatibility.

Because they are both flagged as vB3 versions - nothing to say they were available for vB4. However can they cope with multi-accounts that don't use the same IP or email addresses?

As I said, check out the latest posts (or pages) as the first link I gave you works for vB4 as well regardless them being for vB 3.x, it's all about reading the replies ;). And yes, doesn't matter if they use a different IP or Email address. As long as their cookies are saved in their browser without them removing their browser (including cookie) history, then the plugin will detect it.

As I said, check out the latest posts (or pages) as the first link I gave you works for vB4 as well regardless them being for vB 3.x, it's all about reading the replies ;). And yes, doesn't matter if they use a different IP or Email address. As long as their cookies are saved in their browser without them removing their browser (including cookie history) the plugin will detect it.

Thanks - Just looked at one of the accounts of the pest - 127 IP addresses all through BTCentral ....

See:

https://vborg.vbsupport.ru/showthread.php?t=261085
https://vborg.vbsupport.ru/showthread.php?t=264335

So: https://vborg.vbsupport.ru/showthread.php?t=183268 is confirmed to work on vB4.

But it's recommened to read through all the replies on the latest pages on both detect plugins to see if there's anything that might need to be altered/edited in regards of issues on vB4 or updated PHP version(s).

As I said, check out the latest posts (or pages) as the first link I gave you works for vB4 as well regardless them being for vB 3.x, it's all about reading the replies ;). And yes, doesn't matter if they use a different IP or Email address. As long as their cookies are saved in their browser without them removing their browser (including cookie) history, then the plugin will detect it.

Lot of posts to read - but I'll give it a go - can't be any worse than we are at the moment.

Thanks

Geoff

--------------- Added 1455531944 at 1455531944 ---------------

Loaded and watching....

Lot of posts to read - but I'll give it a go - can't be any worse than we are at the moment.

Thanks

Geoff

--------------- Added 1455531944 at 1455531944 ---------------

Loaded and watching....
Let me know if it works :)

I'd be interested to know how well it works too.

Currently no nefarious or otherwise action has taken place - so as to whether it's working or not, I'm still unsure.

BUT our daily activity is relatively small with new registrations between 0 and 5 daily - so perhaps our mischievous gentlemen are staying away.

<span style="text-decoration: line-through">Sadly a member using the same email address and the same ID had two accounts (a long-standing member so may have gotten on before same email switch was set) did not trigger the mod.</span>

It worked, but I hadn't noticed !

Sadly a member using the same email address and the same ID had two accounts (a long-standing member so may have gotten on before same email switch was set) did not trigger the mod.

It worked, but I hadn't noticed !

This member with two accounts was banned, sadly he created a further three accounts which were not detected.