TPerry
Well-known member
I don't know how he does it... but I do it via CSF (ConfigServer Security & Firewall) on my VPS's (and the main server for them).
Today two guys spammed in my forum
- Thread starter garry420
- Start date
rainmotorsports
Well-known member
Which sounds like a much more efficient way of doing it. I don't plan on blocking forever we have alot of people outside of the US in turbulent regions or deployed and we don't mind them using Tor to read or login. So on the forum end using a plugin to just block registration from those IP's is a decent tool. But blocking from htaccess or in Xenforo itself probably way less efficient than what your doing!
aleclee
Member
All depends on what you're trying to accomplish. Last summer, my board was DOSed by folks using anonymous proxies so I'm kind of paranoid about them. We also have had issues with banned members using Tor to avoid detection when they came back under another account. All that has put me in a mode of actively seeking out proxy addresses rather than waiting for them to crop up.
I think a lot depends on the nature of your board. For my guitar discussion site, I don't see folks overseas having issues reaching us. With the number of intrusion attempts from China, they're certainly not blocking us. I have identified DOD proxies and let those roll. Since my board's big issues are DOS and alter egos, I've gone down a more aggressive path fighting proxies.
I think a lot depends on the nature of your board. For my guitar discussion site, I don't see folks overseas having issues reaching us. With the number of intrusion attempts from China, they're certainly not blocking us. I have identified DOD proxies and let those roll. Since my board's big issues are DOS and alter egos, I've gone down a more aggressive path fighting proxies.
rainmotorsports
Well-known member
Sounds reasonable but did you see any of the attacks actually coming from Tor? I am not too familiar with Tor myself other than trying out the bundled browser to test my attempts at blocking. But apparently they do not support UDP packets and also won't carry malformed TCP packets. Supposedly making them less likely a source for an actual ddos attack. But I wouldn't know.
The entire banned users using Tor is the reason behind blocking registration for those IPs as well as being able to see and label users on the admin side. Id love to modify the plugin I am using now that sends me an email when someone registers to just outright say (or only send when) a user registers via tor if we have that unblocked. Should be easy enough when I get there.
The entire banned users using Tor is the reason behind blocking registration for those IPs as well as being able to see and label users on the admin side. Id love to modify the plugin I am using now that sends me an email when someone registers to just outright say (or only send when) a user registers via tor if we have that unblocked. Should be easy enough when I get there.
aleclee
Member
DOS, no. Banned alter egos, many.
What I describe as DOS was hitting the registration page hundreds of thousands of times a day. Not a traditional approach and maybe not the intent but the result was that my board was often inaccessible until I started blocking IPs. The volume of requests was such that letting it hit the web server likely wouldn't have eased the load issue. Once I developed an automated way of dealing with those nogoodniks, it became my preferred mechanism for blocking IPs. I'll still sometimes ban IPs in the app, but only if I'm less confident about the block.
What I describe as DOS was hitting the registration page hundreds of thousands of times a day. Not a traditional approach and maybe not the intent but the result was that my board was often inaccessible until I started blocking IPs. The volume of requests was such that letting it hit the web server likely wouldn't have eased the load issue. Once I developed an automated way of dealing with those nogoodniks, it became my preferred mechanism for blocking IPs. I'll still sometimes ban IPs in the app, but only if I'm less confident about the block.
Suzanne O
Well-known member
I have found that using a free app that is available actually stops forum spam. It's really good. It's called StopForumSpam and if you google up the site you should sign up as it gives you a product key for your forum. Have had it for a good couple of weeks and it's recommended that you get it.
Similar threads
- Question
