Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
Advanced IP Ban Manager Details »
Advanced IP Ban Manager
Mod Version: 0.3.1, by Carnage (Coder) Carnage is offline
Developer Last Online: Sep 2014 I like it Show Printable Version Email this Page

This modification is in the archives.
vB Version: 3.7.x Rating: (3 votes - 4.67 average) Installs: 139
Released: 25 Jul 2008 Last Update: 12 Jun 2009 Downloads: 1337
Not Supported DB Changes Uses Plugins Additional Files Translations Is in Beta Stage  

Advanced IP ban manager

What is it/What does it do?

This is intended as a replacement for the ip bans under vbulletin options. It allows for timed ip bans, cidr ranges and attatching reasons to bans.

It also features registration only ip bans allowing members who may be effected by an ip ban to continue using the forums, but blocking registrations and ip ban exempts so that you can ban a large range of ips and let through a smaller subset of them.

Features
  • Ip bans
  • Timed ip bans
  • Ip ban exempts
  • Registration only bans
  • Ban by cidr range
Installation
Backup db.
Upload files from zip.
Import product.
Refresh admincp.

Once Version 0.3 is installed; upload the attached php file into your admin cp to replace the one already there. This file fixes a couple of minor issues for some people.

Changelog
  • 0.3.1
    Added a work around for issues of 0.0.0.0 ips being banned on any system where ip2long returned a signed int instead of an unsigned int.
  • 0.3
    Fixed bug where ip bans wouldn't block registrations unless set to registration only.
    Added file with a list of common spambot ips that can be auto banned.
    Changed limit on cidr range from 16 to 4 As i often came across instances where i wanted to ban larger ranges
  • 0.2.1b
    Added a bitfield rebuild to installer to fix issues with menu not showing.
  • 0.2b
    Fixed bug in instal code.
  • 0.2a
    Added admin permissions and exempt bans
  • 0.1a
    Initial release.


Notes

This has been tested on 3.7.2 but should work on 3.6.x, 3.7.x and 3.8.x

This mod has not been tested on vbulletin 4; a separate, improved vbulletin 4 version can be found HERE

Access is now controlled by an admincp permission however no control over ip banning is done.

This variable can be used in the config file to prevent banning any ip/range of ips that contain the ips listed in it: $config['SpecialUsers']['unbannableips'] = "127.0.0.1|127.0.0.2";
Ips should be separated by a | symbol. This will not effect any bans that are already in place.

Bans are limited to a cidr range of 4. (This should be more than enough) If you require a ban that covers more than this, it should be set in the database. If there is demand for it, I may make the cidr limit optional/changable in future versions.

Exempts/bans work by taking the tightest cidr range match. eg if you ban 127.0.0.1/16 and add an exempt for 127.0.0.1/24 the exempt will take precedence, however adding another ban against 127.0.0.1/32 would override the exempt.

When uninstalling, the mod will remove the modifications to the admin table, however it is upto you to drop the ipbans table yourself. This has been done in order to preserve the data in that table incase you still want it for something.

I've added a file which was created by a member of my admin team, it contains a large list of ip addresses from which A lot of malignant traffic seems to come from. If you are having trouble with spam bots this list may help in preventing them from registering. To use the file visit the url : <your forum url>/admincp/ipban.spambots.php It will ask you to log in to your cp then display a blank page; this is to be expected as all its doing is inserting into the database. It will add approximately 140 bans; so they've been coded NOT to show up in the ip ban list. This feature is something i plan to expand on with a full interface for viewing, creating, adding and removing ip blocklists, but for now this mechanism is what i've come up with.

Support

As all of my boards have been upgraded to vbulletin 4, I am no longer actively maintaining any of my vb3.x mods. Free support for all of my 3.x mods is being removed from the 31st of March 2010 after this date, I will only be offering paid support for 3.x mods; downloading and usage of the mods will remain free but unsupported.

Please pm me for support of 3.x mods as I will not be checking their threads very often.

Support is now offered as this is a beta release. I'll be checking vborg from time to time but for critical support issues, you are best contacting me on my own forums.

I'm hoping that this version (0.3) is bug free, so this can be considered a release candidate version.


I've uploaded a fixed php file for some people who were having problems with short php tags and other parse errors. This needs to be uploaded to the admin cp. The file will be added into the zip once in the next release.

This mod will be has been upgraded to support vb4 The vbulletin 4 version will be released once the beta goes public.

Extra features in vb4.0 version:
  • whois ip from admin cp
  • cidr calculator (shows the ip range that a cidr bans)
  • test bans (enter an ip to see if its banned or not)

Planned features for future versions:
  • import/export bans
  • integration into 'delete posts as spam' => admins with suitable permissions will be able to select a box to ban the posters ip(s) in addition to banning their account(s)

Download Now

Only licensed members can download files, Click Here for more information.

Screenshots

Click image for larger version

Name:	ss1.JPG
Views:	2136
Size:	39.7 KB
ID:	85478   Click image for larger version

Name:	ss2.JPG
Views:	1690
Size:	20.3 KB
ID:	85479  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Administrative and Maintenance Tools Advanced Template Manager Dream vBulletin 3.6 Add-ons 55 18 Sep 2010 20:03
Administrative and Maintenance Tools Advanced Plugin Manager akanevsky vBulletin 3.6 Add-ons 32 03 Jul 2009 01:13
Administrative and Maintenance Tools Advanced Plugin Manager - Reloaded Revan vBulletin 3.6 Add-ons 25 14 Jan 2009 16:33
Advanced Plugin Manager akanevsky vBulletin 3.5 Add-ons 63 12 Aug 2007 20:04
Advanced Plugin Manager Andreas vBulletin 3.5 Add-ons 79 27 May 2006 23:15

Comments
  #2  
Old 25 Jul 2008, 19:22
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
This is extremely interesting. Please add a function to define IPs that can not be banned.
Reply With Quote
  #3  
Old 25 Jul 2008, 22:40
Carnage Carnage is offline
 
Join Date: Jan 2005
Thats not a bad idea acctually;

Would you think something like that should be in the config file along with the undeletable users stuff? Seems to me the most logical place to put it - that way if you accidentilly ban yourself, you just add your ip to the conf file and all is good again.

I was considering adding some code that just exempt admins/superadmins from being ip banned at all. That would also require stopping ip bans from effecting login.php so that if an ip ban was effecting an admin they could still log in.
__________________
www.giveupalready.com

If you want/need to contact me, best thing is to pm me on that site, username Carnage.
Reply With Quote
  #4  
Old 25 Jul 2008, 22:54
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
The config file sounds the most logical to me, though I do not think many admins would be stupid enough to ban themselves. So if it means a lot more effort, then I would just make it an adminCP option to enter untouchable IP addresses.

I cant think of a reason why excluding login.php from IP bans would be a problem. If anyone can, then please let me know.
Adding code to prevent admins /SA from being IP banned sounds good as well, but note that admins may have multiple accounts. If you can take that into account, then this may be a viable solution.
Reply With Quote
  #5  
Old 25 Jul 2008, 23:08
Carnage Carnage is offline
 
Join Date: Jan 2005
Well... we /had/ an admin who's in the past been noted for 'accidentilly' deleting users (her excuse was she dropped the keyboard. ) and having a .bash_history file containing meny entries similar to 'el ess'. Also, if you dont understand how cidr ranges work properly it could be fairly easy to set one too large that hits you as well. (part of the reason theres a hard coded limit on how big the cidr range can be)

My only thought about excluding login.php was that if you ip banned someone for trying to brute force login names it woudn't stop them, on the other hand, vb is quite resistant against that anyway with the strikes system and its something you should probably be adding firewall rules to prevent instead of vbulletin ip bans.

If an admin has two accounts, they could just go in and add an exempt from ipbans ( once coded) for their own ip. An alternative was something i was thinking about a while ago - exempting ip bans by user group, which could be done as a setting or as an option (probably the better way)

EDIT: bleh, wont work. Login.php dosn't provide a login form, so another page would have to be provided to do that. I have made it so that admins can now login ( by going to the admincp and logging in from there) and since ip bans arn't verified in the admin cp, they can remove the ban preventing their access.

Unbannable ips is in; still need to test it, but i'm pretty sure the code is sound.

----------------------

Next step is to decide how best to implement exempts; I had two ideas
1) apply bans in decreasing order of cidr range. This would allow, for example you to set a ban against a range of /16 blocking off a troublesome group of spammers. however you could then exempt a group of /24 that are acctually nice people then you could ban an couple of /32 ips that were not quite as nice as you thought they were.

This is much more flexable, but complex.

2) Exempts overide bans.

eg if an exempt is set your ip will be allowed in no matter what.
__________________
www.giveupalready.com

If you want/need to contact me, best thing is to pm me on that site, username Carnage.

Last edited by Carnage; 25 Jul 2008 at 23:49.
Reply With Quote
  #6  
Old 26 Jul 2008, 03:54
pspmaster93 pspmaster93 is offline
 
Join Date: Aug 2007
Real name: James
so the way you saying do a database backup first does this actually work? have you tested it? if you ip ban sum1 they shouldnt be able to access the site correct? lol
Reply With Quote
  #7  
Old 26 Jul 2008, 08:13
TheInsaneManiac TheInsaneManiac is offline
 
Join Date: Feb 2008
Dude, you are amazing, I have been looking for something like this for ever. No other forum boards have anything like this. Awesome!


Originally Posted by Alfa1 View Post
The config file sounds the most logical to me, though I do not think many admins would be stupid enough to ban themselves. So if it means a lot more effort, then I would just make it an adminCP option to enter untouchable IP addresses.

I cant think of a reason why excluding login.php from IP bans would be a problem. If anyone can, then please let me know.
Adding code to prevent admins /SA from being IP banned sounds good as well, but note that admins may have multiple accounts. If you can take that into account, then this may be a viable solution.
The original IP Ban manager didn't even have that. It would be nice to have, but I've lived before without it.
Reply With Quote
  #8  
Old 26 Jul 2008, 09:41
Carnage Carnage is offline
 
Join Date: Jan 2005
Originally Posted by pspmaster93 View Post
so the way you saying do a database backup first does this actually work? have you tested it? if you ip ban sum1 they shouldnt be able to access the site correct? lol
I have tested it, and it is running on my own boards. However its not feature complete and hasn't been tested anywhere other than my own board. I suggest not using this on live sites as it may have unforseen issues.

Dude, you are amazing, I have been looking for something like this for ever. No other forum boards have anything like this. Awesome!
It came about for two reasons. 1st, i was banning a bunch of bots using the new delete as spam controls, i felt it was a shame that it didn't include something to automatically ban by ip and by email address as well as just ban.

2nd, i want all my admins to be able to ip ban, but giving them access to canadminsettings seemed somewhat over kill for this task.
__________________
www.giveupalready.com

If you want/need to contact me, best thing is to pm me on that site, username Carnage.
Reply With Quote
  #9  
Old 27 Jul 2008, 22:29
pspmaster93 pspmaster93 is offline
 
Join Date: Aug 2007
Real name: James
well ppl please leave feedback on it i need to know if i should install it cuz i dont wana screw up my site lol
Reply With Quote
  #10  
Old 28 Jul 2008, 10:41
OcR Envy's Avatar
OcR Envy OcR Envy is offline
 
Join Date: May 2008
Real name: Ryan
How about a hostname option? IE: If the ip resolves to have anything with "proxy" in it they will get a banned message.
Reply With Quote
  #11  
Old 28 Jul 2008, 10:58
Carnage Carnage is offline
 
Join Date: Jan 2005
@pspmaster93
Agreed, i want some feedback so i can improve it and fix any bugs.

however, VB allows you to run a personal dev board (protected by .htaccess) for testing things. This is what i'm encouraging people to install onto. use the same settings + mods that you have on your main site and see if there are any conflicts/bugs.

Hostname banning would be a good addition i think, but i want to get some stability testing on the current stuff done first.

I'm working on a 0.2a release, which adds admin permissioins and the unbannable ip address feature. I'm also going to add the exempts feature to it.
__________________
www.giveupalready.com

If you want/need to contact me, best thing is to pm me on that site, username Carnage.
Reply With Quote
  #12  
Old 28 Jul 2008, 12:41
Sirus123 Sirus123 is offline
 
Join Date: Jun 2008
Originally Posted by OcR Envy View Post
How about a hostname option? IE: If the ip resolves to have anything with "proxy" in it they will get a banned message.
That would be a very good feature
Reply With Quote
  #13  
Old 14 Aug 2008, 19:28
Carnage Carnage is offline
 
Join Date: Jan 2005
Update released: is now considered to be a beta.

sorry its been so long, i've had some internet issues as well as other projects i've been working on.
__________________
www.giveupalready.com

If you want/need to contact me, best thing is to pm me on that site, username Carnage.
Reply With Quote
  #14  
Old 16 Aug 2008, 01:12
booher booher is offline
 
Join Date: Jan 2008
I get this: "MySQL Error : Unknown column 'ipbansperms' in 'field list'"
Reply With Quote
  #15  
Old 16 Aug 2008, 18:49
macc's Avatar
macc macc is offline
 
Join Date: Feb 2008
me to ...when saved admin permissions ...

some help?


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 15:17.

Layout Options | Width: Wide Color: