1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The bane of an Admin's life...

Discussion in 'Forum Management' started by lazer, Jul 22, 2013.

  1. lazer

    lazer Well-Known Member

    Hey :)

    Here's the scenario...
    • A user abuses staff and members via posts and PC's
    • User is banned
    • User re-registers under a different name and email
    • User is banned
    • User discovers proxies, registers under a different name, IP and email
    • User starts abuse again
    • User then shows identity thru posts and PC's and is banned
    • Repeat point 5 - 7 (up to 8 times a day)
    I'm sure we've all had 'em but how do you make sure (in this scenario), the little bugger gets the message and stays away for good?

  2. Biker

    Biker Well-Known Member

    There are various ways to block proxies, the easiest being via .htaccess.

    You can try adding this to your .htaccess file.

    # block proxy servers from site access
    # http://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/
    RewriteEngine on
    RewriteCond %{HTTP:VIA}                 !^$ [OR]
    RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
    RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
    RewriteCond %{HTTP:pROXY_CONNECTION}    !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
    RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
    RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
    RewriteRule ^(.*)$ - [F]

    Snagged from this site. http://perishablepress.com/how-to-block-proxy-servers-via-htaccess/
    Marcus, Brandon Sheley and lazer like this.
  3. lazer

    lazer Well-Known Member

    Thanks Biker.

    Blocking proxies can also have a negative effect for regular members too though (even some ISP's use 'em), it's such a difficult call, to enable it on a big site.
  4. Biker

    Biker Well-Known Member

    You're going to have to decide whether you want to put some effort into this or not. There are ways of blocking anonymous proxies and leaving legitimate ones (such as those used by ISPs) alone. This will also depend on what type of access you have on the server.
  5. NixFifty

    NixFifty Well-Known Member

    Jeez, talk about no life :eek:
    0xym0r0n likes this.
  6. lazer

    lazer Well-Known Member

    Tell me about it...
    So there are ways to allow ISP's and not proxies, such as Tor?
  7. Biker

    Biker Well-Known Member

    lazer and Steve F like this.
  8. AndyB

    AndyB Well-Known Member

    Just turn off registration for a few days. The banned user will lose interest and go away.
    Marcus likes this.
  9. mauzao9

    mauzao9 Well-Known Member

    This is sadly one routine in large forums where mad users that got banned always want their daily "attacks" to our community.

    We are frustrated because the script can't do anything more to defend the site from such behavior but must live with it, and try to react fastest possible when it happens. :(
  10. lazer

    lazer Well-Known Member

    Whilst a good thought, it's entirely not practical for our site...
    It seems so. Unless you're prepared to take drastic action that may actually prevent legitimate users from accessing your site.
  11. DBA

    DBA Well-Known Member

    One suggestion, instead of banning him make him a discouraged user and have every pageload be at least 30 seconds (among other "issues"). That's how I finally got rid of someone.
    Brad L and lazer like this.
  12. lazer

    lazer Well-Known Member

    I had tried the "discouraged" route but my pageload times were set at 5 - 20 seconds. I will try that in the next round, thanks DBA.
  13. Marcus

    Marcus Well-Known Member

    I had a difficult case some years ago, he used an anonymous proxy. The police could stop that proxy and get access to his data.
  14. mauzao9

    mauzao9 Well-Known Member

    I don't know if it would possible Xenforo Detects Proxies under registration and act like the Anti-Spam systems do. Or even put the user waiting manual approval.
  15. AWS

    AWS Well-Known Member

    This same user is hitting my site too. Driving my staff and I crazy.
  16. CyclingTribe

    CyclingTribe Well-Known Member

    What about putting the first five posts in moderation for brand new users?

    We're doing this on CycleChat at the moment to deal with the kitchen spammers, but it also stops other rubbish going "live" until we've had a chance to review it.

    You'd be able to check IPs (discover if they are proxies), assess the context and writing style (presumably you've had enough flames to be able to spot them easily?), and it would stop the content of their new accounts hitting your live pages.

    Just set Registered to 'Not set' for follow moderation rules, then promote after x posts to a usergroup that has this set to 'Allow'. (y)

    It's a bit more work for you and your moderator team and means that new members experience a slight delay in their posts appearing, initially, but just explain it's an anti-spam measure and they'll understand.

    Shaun :D
  17. Brogan

    Brogan XenForo Moderator Staff Member

  18. lazer

    lazer Well-Known Member

    Good ideas guys but most of our members are new posters (technical support site), so a pre-moderation for all new members, whilst great in practice, could cause an inordinate amount of work for me and the rest of my team.

    AWS and I are discussing this individual case, in an effort to conclude it.
    Other than this idiot, we have had no real issues with this type of thing. I'm loathed to use a hammer to crack a nut.
  19. MikeMpls

    MikeMpls Well-Known Member

    We dealt with one problem user by moving everything he ever posted into a locked "consolidated wisdon" thread & turned off his option to delete or edit his own posts.

    What we really need is a "Tachy Goes to Coventry" addon.
  20. Renegade

    Renegade Well-Known Member

    It is difficult to control such members while keeping your forum open for regular members and new registrations. We have had such members recently and it was painful.

    The most that we could do was
    • Put proxy sites on moderated registration using anti spam tools.
    • Put the spammers IP/ISP block on moderated registration
    • Enable word filters to put posts/PM on moderation queue
    • Ban new IDs which pass this filter as they get reported

    My community has been really patient and helpful in that regard.

    We used to have first 5 posts under moderation earlier when we were on VB. The problem with that was most new-to-forum users would get confused and put off that their posts will take time to appear. Of course it is much easier to notice moderated posts on XF thanks to the moderator bar but we haven't got back to that yet.

Share This Page