Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions

Reply
 
Thread Tools Display Modes
  #1  
Old 07-03-2013, 09:34 PM
John Lester John Lester is offline
 
Join Date: Nov 2004
Posts: 543
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Blocking specific countries from your site

Maybe I'm just not understanding things here so bear with me How come there isn't some simple way to block countries by using their two digit country code? I mean all ips resolve to a specific country right? So how come there isn't a script (or better yet something to put into htaccess) that checks the ip and then blocks it if the country id code is tagged for blocking?
Reply With Quote
  #2  
Old 07-03-2013, 09:41 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

<a href="http://incredibill.me/htaccess-block-country-ips" target="_blank">You can block them from the htaccess file</a>
Reply With Quote
  #3  
Old 07-03-2013, 09:44 PM
nhawk nhawk is offline
 
Join Date: Jan 2011
Posts: 1,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If you're on a dedicated server you can also look into mod_geoip.

That will let you deny access using the country code.
Reply With Quote
  #4  
Old 07-03-2013, 09:54 PM
John Lester John Lester is offline
 
Join Date: Nov 2004
Posts: 543
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ForceHSS View Post
I looked into doing it by ip (all that site does is generate a list of ips) ... but damn that's 100's of ips and slowed the site down a little.

--------------- Added [DATE]1372892164[/DATE] at [TIME]1372892164[/TIME] ---------------

Quote:
Originally Posted by nhawk View Post
If you're on a dedicated server you can also look into mod_geoip.

That will let you deny access using the country code.
I looked into geoip but I'm on a VPS and the host told me to use CSF or something ... but the one they installed doesn't have the "block by country" setting
Reply With Quote
  #5  
Old 07-03-2013, 10:38 PM
snakes1100 snakes1100 is offline
 
Join Date: Dec 2001
Location: Michigan
Posts: 3,733
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

csf does have cc_deny & has for a long time, just use the country codes, comma delimited values.
Reply With Quote
Благодарность от:
John Lester
  #6  
Old 07-04-2013, 01:42 PM
Spangle Spangle is offline
 
Join Date: Jun 2011
Posts: 520
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by John Lester View Post
Maybe I'm just not understanding things here so bear with me How come there isn't some simple way to block countries by using their two digit country code? I mean all ips resolve to a specific country right? So how come there isn't a script (or better yet something to put into htaccess) that checks the ip and then blocks it if the country id code is tagged for blocking?
Have you looked at the IP deny manager in the Cpanel, you can deny IP ranges or parts of or all of by using ***
Reply With Quote
  #7  
Old 07-04-2013, 04:14 PM
John Lester John Lester is offline
 
Join Date: Nov 2004
Posts: 543
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by snakes1100 View Post
csf does have cc_deny & has for a long time, just use the country codes, comma delimited values.
I only see options to block by ip, is there a module in csf specifically for cc_deny that needs to be enabled?
Reply With Quote
  #8  
Old 07-04-2013, 05:26 PM
snakes1100 snakes1100 is offline
 
Join Date: Dec 2001
Location: Michigan
Posts: 3,733
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

@John, Did you check in csf.conf? Should be around line 447

@spangle, its better to use iptables or apf, as these checks for IP banning are done at the server level, not by a deny via apaches htaccess, especially when you list huge lists of IPs, its going to kill apache.
Reply With Quote
Благодарность от:
tbworld
  #9  
Old 07-04-2013, 09:25 PM
tbworld tbworld is offline
 
Join Date: Oct 2008
Posts: 2,126
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

In most large companies we use hardware firewalls to handle this. I know this is not useful information for most, but maybe an explanation on why there is not more sophisticated tools for the small guy. if on a shared server the best you can probably do is some sort of cpanel option, if they have it. if not then set some kind of IP filtering on vbulletin directories like ht-access. Of course it can be done in vbulletin, but this really isn't desired -- you don't really want them to get that far in. If the program is inefficient it can add significant server load and maybe even killing the server as @snake said.

I serve my daughters board over FIOS connection (which gets hammered) and I use a separate firewall for her server. You just need to purchase a descent enough firewall to handle this kind of option. Now I just monitor the IP's that get through to the server using any of the many server tools for doing this. I tried not to reinvent the wheel here.

If your a dedicated server, then there are some good solutions. I agree with @Snake.
Reply With Quote
Благодарность от:
John Lester
  #10  
Old 07-04-2013, 11:35 PM
John Lester John Lester is offline
 
Join Date: Nov 2004
Posts: 543
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

snakes I don't see that file (probably don't have access to it ) so I'll ask the host and see what they say

Ty for the info tbworld, if I ever have a dedicated server I'll keep in mind the hardware firewall

--------------- Added [DATE]1373045497[/DATE] at [TIME]1373045497[/TIME] ---------------

I have another related question, if I block a country via csf (assuming the host allows this) can I have an exception for specific ips?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 06:48 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07996 seconds
  • Memory Usage 2,262KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (3)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete