|
Advanced IP Ban Manager
Advanced IP ban manager
What is it/What does it do? This is intended as a replacement for the ip bans under vbulletin options. It allows for timed ip bans, cidr ranges and attatching reasons to bans. It also features registration only ip bans allowing members who may be effected by an ip ban to continue using the forums, but blocking registrations and ip ban exempts so that you can ban a large range of ips and let through a smaller subset of them. Features
Backup db. Upload files from zip. Import product. Refresh admincp. Once Version 0.3 is installed; upload the attached php file into your admin cp to replace the one already there. This file fixes a couple of minor issues for some people. Changelog
Notes This has been tested on 3.7.2 but should work on 3.6.x, 3.7.x and 3.8.x This mod has not been tested on vbulletin 4; a separate, improved vbulletin 4 version can be found HERE Access is now controlled by an admincp permission however no control over ip banning is done. This variable can be used in the config file to prevent banning any ip/range of ips that contain the ips listed in it: $config['SpecialUsers']['unbannableips'] = "127.0.0.1|127.0.0.2"; Ips should be separated by a | symbol. This will not effect any bans that are already in place. Bans are limited to a cidr range of 4. (This should be more than enough) If you require a ban that covers more than this, it should be set in the database. If there is demand for it, I may make the cidr limit optional/changable in future versions. Exempts/bans work by taking the tightest cidr range match. eg if you ban 127.0.0.1/16 and add an exempt for 127.0.0.1/24 the exempt will take precedence, however adding another ban against 127.0.0.1/32 would override the exempt. When uninstalling, the mod will remove the modifications to the admin table, however it is upto you to drop the ipbans table yourself. This has been done in order to preserve the data in that table incase you still want it for something. I've added a file which was created by a member of my admin team, it contains a large list of ip addresses from which A lot of malignant traffic seems to come from. If you are having trouble with spam bots this list may help in preventing them from registering. To use the file visit the url : <your forum url>/admincp/ipban.spambots.php It will ask you to log in to your cp then display a blank page; this is to be expected as all its doing is inserting into the database. It will add approximately 140 bans; so they've been coded NOT to show up in the ip ban list. This feature is something i plan to expand on with a full interface for viewing, creating, adding and removing ip blocklists, but for now this mechanism is what i've come up with. Support As all of my boards have been upgraded to vbulletin 4, I am no longer actively maintaining any of my vb3.x mods. Free support for all of my 3.x mods is being removed from the 31st of March 2010 after this date, I will only be offering paid support for 3.x mods; downloading and usage of the mods will remain free but unsupported. Please pm me for support of 3.x mods as I will not be checking their threads very often. [S]Support is now offered as this is a beta release. I'll be checking vborg from time to time but for critical support issues, you are best contacting me on my own forums. I'm hoping that this version (0.3) is bug free, so this can be considered a release candidate version.[/S] I've uploaded a fixed php file for some people who were having problems with short php tags and other parse errors. This needs to be uploaded to the admin cp. The file will be added into the zip once in the next release. This mod [S]will be [/S] has been upgraded to support vb4 The vbulletin 4 version will be released once the beta goes public. Extra features in vb4.0 version:
Planned features for future versions:
|
This is extremely interesting. Please add a function to define IPs that can not be banned.
|
Thats not a bad idea acctually;
Would you think something like that should be in the config file along with the undeletable users stuff? Seems to me the most logical place to put it - that way if you accidentilly ban yourself, you just add your ip to the conf file and all is good again. I was considering adding some code that just exempt admins/superadmins from being ip banned at all. That would also require stopping ip bans from effecting login.php so that if an ip ban was effecting an admin they could still log in. |
The config file sounds the most logical to me, though I do not think many admins would be stupid enough to ban themselves. So if it means a lot more effort, then I would just make it an adminCP option to enter untouchable IP addresses.
I cant think of a reason why excluding login.php from IP bans would be a problem. If anyone can, then please let me know. Adding code to prevent admins /SA from being IP banned sounds good as well, but note that admins may have multiple accounts. If you can take that into account, then this may be a viable solution. |
Well... we /had/ an admin who's in the past been noted for 'accidentilly' deleting users (her excuse was she dropped the keyboard. ) and having a .bash_history file containing meny entries similar to 'el ess'. Also, if you dont understand how cidr ranges work properly it could be fairly easy to set one too large that hits you as well. (part of the reason theres a hard coded limit on how big the cidr range can be)
My only thought about excluding login.php was that if you ip banned someone for trying to brute force login names it woudn't stop them, on the other hand, vb is quite resistant against that anyway with the strikes system and its something you should probably be adding firewall rules to prevent instead of vbulletin ip bans. If an admin has two accounts, they could just go in and add an exempt from ipbans ( once coded) for their own ip. An alternative was something i was thinking about a while ago - exempting ip bans by user group, which could be done as a setting or as an option (probably the better way) EDIT: bleh, wont work. Login.php dosn't provide a login form, so another page would have to be provided to do that. I have made it so that admins can now login ( by going to the admincp and logging in from there) and since ip bans arn't verified in the admin cp, they can remove the ban preventing their access. Unbannable ips is in; still need to test it, but i'm pretty sure the code is sound. ---------------------- Next step is to decide how best to implement exempts; I had two ideas 1) apply bans in decreasing order of cidr range. This would allow, for example you to set a ban against a range of /16 blocking off a troublesome group of spammers. however you could then exempt a group of /24 that are acctually nice people then you could ban an couple of /32 ips that were not quite as nice as you thought they were. This is much more flexable, but complex. 2) Exempts overide bans. eg if an exempt is set your ip will be allowed in no matter what. |
so the way you saying do a database backup first does this actually work? have you tested it? if you ip ban sum1 they shouldnt be able to access the site correct? lol
|
Dude, you are amazing, I have been looking for something like this for ever. No other forum boards have anything like this. Awesome!
Quote:
|
Quote:
Quote:
2nd, i want all my admins to be able to ip ban, but giving them access to canadminsettings seemed somewhat over kill for this task. |
well ppl please leave feedback on it i need to know if i should install it cuz i dont wana screw up my site lol
|
How about a hostname option? IE: If the ip resolves to have anything with "proxy" in it they will get a banned message.
|
@pspmaster93
Agreed, i want some feedback so i can improve it and fix any bugs. however, VB allows you to run a personal dev board (protected by .htaccess) for testing things. This is what i'm encouraging people to install onto. use the same settings + mods that you have on your main site and see if there are any conflicts/bugs. Hostname banning would be a good addition i think, but i want to get some stability testing on the current stuff done first. I'm working on a 0.2a release, which adds admin permissioins and the unbannable ip address feature. I'm also going to add the exempts feature to it. |
Quote:
|
Update released: is now considered to be a beta.
sorry its been so long, i've had some internet issues as well as other projects i've been working on. |
I get this: "MySQL Error : Unknown column 'ipbansperms' in 'field list'" :(
|
me to ...when saved admin permissions ...
some help? PHP Code:
|
Umm... any1 gonna help us?
|
i've been away for the weekend.
That was an issue i was having while testing, however i was sure i'd fixed it. i should have a fixed product file in an hour or two. Edit: fixed the problem... a missing ; :s Import new product file allowing overwrite to fix. |
hello
i can not see anything in my cp ...no ip bans (where to found this in admin cp ?.... just updated ...and database errors is fixed - thanks reg macc |
It should add a new menu item; did you upload all the extra files?
|
cool
|
yes i upload files from package ... see anything extra there but nothing in my admin cp ...no extra menu item...
reg macc |
Is your account the superadmin account? If not, make sure your account has the extra admin permission assigned to it to allow for ip banning.
Also, refresh the menu frame of the admin cp. If you still can't see it, rebuild the bitfields. and refresh the menu again. |
yes my account is superadmin ..i put permissions and can not see ...uploaded files again ...no resuls ...
reg macc |
Ok, I found the problem... at some point i managed to loose a file from the archive. (the file that defines the menu...) New archive with missing file included now attached.
|
have updated but no results ...
reg macc |
I've added some code to the installer which should fix the issue you are having.
Incidentally, is anyone else having issues with the menu not showing? (it should appear under the users menu) |
So the CIDR (never heard of it before) of 32 means that if you enter an IP to ban it will ban all the IPs in the 0-31,32-63 etc range that the IP falls in? Or what?
What if I want to ban just the single IP as per the original vB IP banning system? Cos that's all that I will ever need to do. |
thanks ...now works
regards macc |
This will come in very useful, installed. :)
|
Quote:
imagine the ip address as a big binary number. each of the . seperated parts equates to 8 bits so an ip address as a number would look like this: 00000000 . 00000000 . 00000000 . 00000000 32 binary bits in total. The cidr range is specifying how meny of those bits must match before the ip is considered banned. specifying a cidr range of 32 means that ALL 32 bits must match and is thus the same as banning a single ip. The real power comes in when you want to ban larger ranges for people who have dynamic ip addresses. a cidr range of 24, for example matches only the most significant 24 bits of the ip so for the following ip, if all the 0's match it wouldn't matter what the x was set to 00000000.00000000.00000000.xxxxxxxx this is equivilant to banning an ip with only three segments to it. Currently the cidr is hard coded at 16, mostly because i didn't want admins on my own forums accidentilly banning the entire board cause they didnt know what it did. This will probably become an option at some point in the future (eg setting the max allowed cidr range) There is a note saying to leave the cidr at 32 if you dont know what it does :p Edit: just to clearly answer your question, If you just want to ban a single ip address, leave the cidr set to 32. |
so if i want to ban a user with the 127.0.0.1 (dynamic) i might set the cidr to 8? so ALL the 127.0.0.xxx (or xxx.0.0.1, 127.x.0.1, 127.0.x.1) are banned?
i think this is a very useful tool ... but i don't understand how it works ... :S |
Quote:
This wikipedia article explains Cidr ranges in a lot of detail. For a basic idea, take a look at the table about half way down the page: http://en.wikipedia.org/wiki/Classle...Domain_Routing |
Can you include the ability to ban ip ranges?
And for me it doesen´t work. Everytime it bans ip 0.0.0.0 |
it does ban ip ranges, thats what the cidr is for.
/me thinks this needs some admin help popups... expect them when i release an update. mathew: what are teh other settings for your ip ban? what vb version are you using? |
I ve tried to Ban IP 203.160.1.43 but every try it bans IP 0.0.0.0 ??? Dont know why ??? Pls Help Carnage Thank you so much
|
sounds good. marked for installation.
|
so this is ok for 3.7.3?
|
i've not tested on 3.7.3 however there shouldn't be any problems.
@angeldevil, what vb version are you using? What other values are you adding the the form? |
im using Vbb 3.7.2
IP Address 203.160.1.43 ( or 203.160.1.48 same thing happen ) CIDR Range (if you are unsure what this does, leave it as 32) 32 Registrations only? NO Exempt IP? (not yet implemented) NO Thank you for ur help Carnage |
Just uploaded to use it on 3.7.3. It doesnt seem ti be working as all i see script language when i pull up the admin panel.. any ideas?
|
| All times are GMT. The time now is 07:13 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|