Administrative and Maintenance Tools - Advanced IP Ban Manager

Advanced IP ban manager

What is it/What does it do?

This is intended as a replacement for the ip bans under vbulletin options. It allows for timed ip bans, cidr ranges and attatching reasons to bans.

It also features registration only ip bans allowing members who may be effected by an ip ban to continue using the forums, but blocking registrations and ip ban exempts so that you can ban a large range of ips and let through a smaller subset of them.

Features

• Ip bans
• Timed ip bans
• Ip ban exempts
• Registration only bans
• Ban by cidr range

Installation
Backup db.
Upload files from zip.
Import product.
Refresh admincp.

Once Version 0.3 is installed; upload the attached php file into your admin cp to replace the one already there. This file fixes a couple of minor issues for some people.

Changelog

• 0.3.1
  Added a work around for issues of 0.0.0.0 ips being banned on any system where ip2long returned a signed int instead of an unsigned int.
• 0.3
  Fixed bug where ip bans wouldn't block registrations unless set to registration only.
  Added file with a list of common spambot ips that can be auto banned.
  Changed limit on cidr range from 16 to 4 As i often came across instances where i wanted to ban larger ranges
• 0.2.1b
  Added a bitfield rebuild to installer to fix issues with menu not showing.
• 0.2b
  Fixed bug in instal code.
• 0.2a
  Added admin permissions and exempt bans
• 0.1a
  Initial release.

Notes

This has been tested on 3.7.2 but should work on 3.6.x, 3.7.x and 3.8.x

This mod has not been tested on vbulletin 4; a separate, improved vbulletin 4 version can be found HERE

Access is now controlled by an admincp permission however no control over ip banning is done.

This variable can be used in the config file to prevent banning any ip/range of ips that contain the ips listed in it: $config['SpecialUsers']['unbannableips'] = "127.0.0.1|127.0.0.2";
Ips should be separated by a | symbol. This will not effect any bans that are already in place.

Bans are limited to a cidr range of 4. (This should be more than enough) If you require a ban that covers more than this, it should be set in the database. If there is demand for it, I may make the cidr limit optional/changable in future versions.

Exempts/bans work by taking the tightest cidr range match. eg if you ban 127.0.0.1/16 and add an exempt for 127.0.0.1/24 the exempt will take precedence, however adding another ban against 127.0.0.1/32 would override the exempt.

When uninstalling, the mod will remove the modifications to the admin table, however it is upto you to drop the ipbans table yourself. This has been done in order to preserve the data in that table incase you still want it for something.

I've added a file which was created by a member of my admin team, it contains a large list of ip addresses from which A lot of malignant traffic seems to come from. If you are having trouble with spam bots this list may help in preventing them from registering. To use the file visit the url : <your forum url>/admincp/ipban.spambots.php It will ask you to log in to your cp then display a blank page; this is to be expected as all its doing is inserting into the database. It will add approximately 140 bans; so they've been coded NOT to show up in the ip ban list. This feature is something i plan to expand on with a full interface for viewing, creating, adding and removing ip blocklists, but for now this mechanism is what i've come up with.

Support

As all of my boards have been upgraded to vbulletin 4, I am no longer actively maintaining any of my vb3.x mods. Free support for all of my 3.x mods is being removed from the 31st of March 2010 after this date, I will only be offering paid support for 3.x mods; downloading and usage of the mods will remain free but unsupported.

Please pm me for support of 3.x mods as I will not be checking their threads very often.

[S]Support is now offered as this is a beta release. I'll be checking vborg from time to time but for critical support issues, you are best contacting me on my own forums.

I'm hoping that this version (0.3) is bug free, so this can be considered a release candidate version.[/S]

I've uploaded a fixed php file for some people who were having problems with short php tags and other parse errors. This needs to be uploaded to the admin cp. The file will be added into the zip once in the next release.

This mod [S]will be [/S] has been upgraded to support vb4 The vbulletin 4 version will be released once the beta goes public.

Extra features in vb4.0 version:

• whois ip from admin cp
• cidr calculator (shows the ip range that a cidr bans)
• test bans (enter an ip to see if its banned or not)

Planned features for future versions:

• import/export bans
• integration into 'delete posts as spam' => admins with suitable permissions will be able to select a box to ban the posters ip(s) in addition to banning their account(s)

[macc]

yes i upload files from package ... see anything extra there but nothing in my admin cp ...no extra menu item...


reg

macc

[Carnage]

Is your account the superadmin account? If not, make sure your account has the extra admin permission assigned to it to allow for ip banning.

Also, refresh the menu frame of the admin cp.

If you still can't see it, rebuild the bitfields. and refresh the menu again.

[macc]

yes my account is superadmin ..i put permissions and can not see ...uploaded files again ...no resuls ...



reg


macc

[Carnage]

Ok, I found the problem... at some point i managed to loose a file from the archive. (the file that defines the menu...) New archive with missing file included now attached.

[macc]

have updated but no results ...

reg

macc

[Carnage]

I've added some code to the installer which should fix the issue you are having.

Incidentally, is anyone else having issues with the menu not showing? (it should appear under the users menu)

[Spinball]

So the CIDR (never heard of it before) of 32 means that if you enter an IP to ban it will ban all the IPs in the 0-31,32-63 etc range that the IP falls in? Or what?
What if I want to ban just the single IP as per the original vB IP banning system? Cos that's all that I will ever need to do.

[macc]

thanks ...now works

regards

macc

[Headliner?]

This will come in very useful, installed.

[Carnage]

Quote:

Originally Posted by Spinball

So the CIDR (never heard of it before) of 32 means that if you enter an IP to ban it will ban all the IPs in the 0-31,32-63 etc range that the IP falls in? Or what?
What if I want to ban just the single IP as per the original vB IP banning system? Cos that's all that I will ever need to do.

easiest way to explain the cidr range is thus:

imagine the ip address as a big binary number. each of the . seperated parts equates to 8 bits so an ip address as a number would look like this:

00000000 . 00000000 . 00000000 . 00000000

32 binary bits in total. The cidr range is specifying how meny of those bits must match before the ip is considered banned.

specifying a cidr range of 32 means that ALL 32 bits must match and is thus the same as banning a single ip.

The real power comes in when you want to ban larger ranges for people who have dynamic ip addresses. a cidr range of 24, for example matches only the most significant 24 bits of the ip so for the following ip, if all the 0's match it wouldn't matter what the x was set to

00000000.00000000.00000000.xxxxxxxx

this is equivilant to banning an ip with only three segments to it.

Currently the cidr is hard coded at 16, mostly because i didn't want admins on my own forums accidentilly banning the entire board cause they didnt know what it did. This will probably become an option at some point in the future (eg setting the max allowed cidr range)

There is a note saying to leave the cidr at 32 if you dont know what it does

Edit: just to clearly answer your question, If you just want to ban a single ip address, leave the cidr set to 32.