Blocking Destructive Users from Websites? 38
billmarrs asks: "I occasionally need to block a user from using my website because they are abusing the system in some way, but the tools I have to work with for blocking them are easily circumvented. Once I identify them, I can block their IP; but they can just hang-up their modem and dial-in again to get a new IP. I can also stick cookies in their browser to identify them, but they can delete the cookies (or turn them off altogether). Are there other ways to block unwanted users from one's website?"
You could try ... (Score:4, Funny)
I've heard these can be quite effective.
(Just watch the moderation on this post for proof!)
Re:You could try ... (Score:2)
Re:You could try ... (Score:1)
e-mail address-authenticated logins (Score:5, Insightful)
Re:e-mail address-authenticated logins (Score:2, Insightful)
Nobody need ever be challenged by a contradictory thought or opinion...
Re:e-mail address-authenticated logins (Score:1)
Re:e-mail address-authenticated logins (Score:1)
Re:e-mail address-authenticated logins (Score:2)
If the problem is people cursing, then an automatic-censoring program could help, if it's smart enough to check for things like f*ck, etc, different characters inbetween, and all that, but it seems more trouble than it's worth.
If you've got lots of time, money, and ability, then perhaps an intelligent system that combines IP logging, e-mail address domain logging, username similarities, etc, could be made, but that's an insane level to go to, IMO.
easily circumvented (Score:2)
Nice try, but it won't work for long.
Re:e-mail address-authenticated logins (Score:3, Funny)
Excellent suggestion! Instead of kicking them off, put them in the "safe" room. You should be able to fool them with a well-planned trap -- just don't change the look of one page without changing the other!
This reminds me of a bit of manufacturing equipment I once saw (a plastic injection molding machine, IIRC). There was a control panel with knobs and switches and dials, which the production workers would adjust throughout their shift to maintain certain limits (temperature, pressure, etc.). Every evening the night shift folks would state that the day shifters had it all screwed up, and would set the knobs where they liked them. Every morning the day shifters would say the same about the night shifters and set the knobs back. Neither group knew that the controls on the panel did nothing except make the dials move a bit; the real controls were all hidden inside the panel, where only the production engineers could get at them. Everyone was happy!
block the hostmask (Score:4, Insightful)
Yes, it's broad, but works. Or you can call the ISP and complain to them
-Henry
Re:block the hostmask (Score:1)
And then you discover that three of your "best users" also dial into that same modem pool (or whatever) and then what?
Re:block the hostmask (Score:1)
I have had some success with blocking IP ranges for cases of unpopular ISPs or cable modem/DSL users who seem to have a static IP. But, this is rare.
Re:block the hostmask (Score:1)
Re:block the hostmask (Score:2)
contact their ISP. Abuse is semi-illegal already, depending on what form it takes. Take legal action if you can.
The biggest thing you do though is don't ban them directly, just take everyone to a page that says "Do to other uses from your ISP abusing our system you are blocked. Contacting your ISP has not resolved the problem. If you are the abuser go away. If you are an honest user, then switch ISPs, as you are currently paying someone who doesn't care." Some re-wording of that should be done, read it twice and you will get the idea, but my writting skills are not enough to make to readable.
User accounts (Score:3, Interesting)
If your problems stem from some kind of forum where the person is posting crap, spamming, etc. you might try requiring people to create a simple account where they need to supply a valid e-mail address.
The disadvantage to that is that having to register for an account is pretty annoying and many users won't sign up for them if they don't visit the site all the time... Other (non-registering) solutions would require you to program some advanced filters on forum posts, or having a limit on how many messages a person can post in X amount of time.
Auto detection may be an answer... (Score:2, Interesting)
You could write code to detectt this, then block the IP, or use a cookie based method to block them for a short time. If they try different tactics, you could modify the blocker code.
It's hard to tell if this would be a good soultion without knowing the details of what they do.
Non technical solutions work the best. (Score:3)
The thing to do is litigate. Follow the money. The abusive user may not have much to lose financially, but his/her ISP sure does.
Use tools like traceroute to detect the source of the attacks. Then use the arin whois database to find the service provider. Then SUE LIKE CRAZY.
A lot of people think the Internet is not part of the real world, so they think laws do not apply.
They are wrong. There is plenty of case law on this subject.
The point is to stop looking for technical solutions to social problems. They agree to a terms and conditions when they visit your site. Make sure they fulfil their side of the legally binding contract.
The website I hate [adequacy.org] has a 'terms of use' which all posters are legally bound by. It even goes so far as to prohibit the use of the wget client. They seem to have a heavyweight legal team there too. And so far, apart from a minor DDOS attack by a jealous rival website, they have not experienced many problems, despite the highly controversial subject matter they seem to deal with.
So to conclude: Sue their asses off.
Re:Non technical solutions work the best. (Score:1)
Re:Non technical solutions work the best. (Score:1)
I hate adequacy because it represents everything that is wrong with the Gen-X attitude to life. Nothing is sacred, everything exists to have fun made out of it.
I don't know why you are accusing me of being a troll perhaps you are mistaking me for someone else. Or perhaps you are using the 'slashdot definition' of troll: someone whom I disagree with.
Few details about the abuse make it hard to advise (Score:2)
However, I'm assuming you're running some sort of service that involves a server you can program. (If this is an EZBoard being abused, which you use but don't control, you're toast.) The key is to ban the behavior, not the user. Exactly how you do that depends on the exact situation.
If someone's posting too often, make people wait at least n seconds before posting again. If they abuse that, kick the time up. And if they're posting rapid-fire, keep kicking the time up. Look into "exponential decay", it's what you're looking for. Once they cross a threshold, you may choose to ban the IP for a week and delete whatever messages were posted automatically, thus undoing the abuse automatically, which is kinda the key to this whole idea.
Think outside the "IP ban" box. What you do for other services depends. Ban behavior, not people. It's a little harder at first, but much more reliable.
Are you using Apache? (Score:2)
(Limit GET POST)
order deny,allow
deny from 209.14.27.
(/Limit)
(Replace the parentheses with angle brackets, a la HTML.) If you can't tweak httpd.conf, put that in an
Someone else suggested automating the process, this is a good idea if you can do it. When Nimda first fired up, a friend of mine wrote a Perl script that took the remote IP and added it to the deny directive in
Your solution depends on how aggressive you want to be, and whether or not you care if a few babies get thrown out with the bathwater. Me, I'd just ban the netblock for a couple of weeks. The lusers will find another site to harass, and you can lift the ban.
Shaun
MAC address? (Score:2, Interesting)
Here's what I'd do: Check the MAC when you get a request (probably only for certain key pages, but you could do it for all I guess) and if the address matches your banned list, automatically ban that ip address for say... 24 hours. This way you don't accidentally lock out real users for any length of time, and it should at least slow down your pest. Granted this falls apart if your intruder knows how to change the address on your card, but you didn't say how sophisticated this all is and it's better than nothing.
Cheers
That'd be a great idea (Score:2)
That's as far as the MAC goes.
-Peter
Re:MAC address? (Score:1)
Concentrating on good users (Score:2, Interesting)
Giving these guys a quick route through the posting process will allow you to slow down new comers to a crawl. If users have been reading your site for sometime then they probably have something useful to say, and it is probably worth speeding them up. I read slashdot for ages before starting to post (not that what I post is always useful).
If a newcomer does have something they really want to say, then they would be prepared to go through the hoops. Perhaps going through the password by email cycle for every post, or answering a selection of blindingly obvious but difficult to automate random questions (e.g. What colour is grass? red, green or blue).
keep it open (Score:1)
In regard to users who abuse the system, one of the things I love about
The logitics of who gest banned is an adders nest to be avoided as well. How is it fairly applied? What is deemed illegal on said boards? How woudl fair notice be given?
I have similar problems on boards we run, but we've gone for the standoffish side. As soon as we edit a post or start saying which users are valid or not as the owner of the system, we take on a far more expansive regulatory role. And that's not fun.