[Suggestion] Time limit on IP bans

James

Well-known member
If XF offers an IP ban option, can we have the ability to have it for a set period of time?

IPs are regularly changed for users and I don't like to indefinitely ban IP addresses. I generally ban them for a period of time and then moderate any posts made by that IP address to check if the user is still using that IP or if it is actually a new user who I could be blocking access to my forums.

Perhaps offer an option to move banned IP addresses to a moderation area so that we can moderate them and make a decision after a few days.

Like this post if you agree :)
 
Upvote 11
Chris Coyier wrote an interesting article talking about how long IP addresses should be banned for.
Interesting article. I like the post here: http://css-tricks.com/how-long-should-we-ban-ips/#comment-82703

It would be awesome if it could turn it into "smart" IP banning, rather then us manually defining a time for the IP ban (although it would still be an option to do so). That way if you re-ban an IP because of abuse right away, the system would automatically add time to the default ban time so you don't need to keep track whether or not you just removed a certain IP or not.
 
I never thought IP Bans were particularly effective anyway since most users can just change their IP. :)
 
They are not always effective, but I like the idea of making anything that little bit harder for the spammer/trolls. Eventually they will give up or go else where (well that is the plan lol) So I like the idea of this too, as usually only a few days would be enough for an IP ban.
 
Chris Coyier's article covers it well. It also covers my suggestion about moving the IPs to a moderation to monitor the users:
I can get on board with that. IP blocks should only last a limited time, since all IPs eventually change. Most blocks should be short, but if you experience long-term bad activity, make the ban longer. In the case of this site and WordPress, the Discussion Settings also offer a Moderation list, so you don’t actually have straight blacklist IP’s at all if you don’t want, and even if you do, you can move them from the blacklist to the moderation list after a while and be fine.

P.S: Like the first post if you agree.
 
Very good idea, I ran into this issue just recently, I had years ago banned some Italian IP's due to a cracker.. and a potential customer and all round nice guy got caught in that net, luckily I knew him on IM and he could let me know about the ban (which of course I had totally forgotten about)

:)
 
Very good idea, I ran into this issue just recently, I had years ago banned some Italian IP's due to a cracker.. and a potential customer and all round nice guy got caught in that net, luckily I knew him on IM and he could let me know about the ban (which of course I had totally forgotten about)

:)
That is a pretty awesome coincidence. You ban an italian IP and out of the 6 billion people in the world it was a guy you know on IM :P
 
I never use IP banning for the simple reason that you may inadvertently be banning other innocent users.

If a spammer is determined, they will find a way around the IP ban very easily - new IP address from ISP, proxy, etc.
 
Expiring IP ban would be useful to block bursts of spam. Maybe the expiration time could be provided in error message, which real people can (and will) read.
 
Expiring IP ban would be useful to block bursts of spam. Maybe the expiration time could be provided in error message, which real people can (and will) read.
That would defeat the purpose. You'd be telling the abuser: It's not going to work right now, but if you wait until 6 hours from now, you can try again. In some cases that would just provoke them to do something a little more extreme when the ban is up.
 
That would defeat the purpose. You'd be telling the abuser: It's not going to work right now, but if you wait until 6 hours from now, you can try again. In some cases that would just provoke them to do something a little more extreme when the ban is up.
True I guess. I forgot about human EVIL!!-doers since we have never had the sort of people who don't need to know how long their bans are. :D
 
Since many years in my vB can Mod/Adm enter a IP with a simple plug-in.
This IP was written with unix-timestamp(as comment) direct into the .htaccess.
The forbidden error-site therefore is custom designed.
Any 24h run's a cronjob and remove old IP's

Simple and easy for us. :)
 
Top Bottom