Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is an effective method for banning users from my site?

Tags:

http

php

I know a lot of scripts handle IP ban, IP range ban etc. I was trying to make a method that would block a user as best as I can. I came up with:

  • IP block
  • Setting a cookie
  • But if a user has a dynamic and doesn't enable cookies this wont do much to him. I don't want to block an IP range because most of my visitors come from the same town and I don't want to block innocent people.
  • Creating a hash value for multiple variables coming from the user, (like browser and version and something else) and adding them to a table which stores a list of banned users or such values.

Thanks for ideas.

like image 273
Samuel Avatar asked Jan 20 '10 10:01

Samuel

People also ask

Can you block an IP address from viewing your website?

Head to the “Security” section and find the “IP Address Deny Manager”, then enter a specific IP address or range of addresses to block. Here, the result is more substantive: Anyone trying to access your site from these addresses will get an error message instead of seeing your page.

How do I ban someone's IP?

The easiest way to ban an IP address is by specifying the IP address in the /ban-ip command. You should see the message "Banned IP address 172.16. 5.128 belonging to TheNotWanted" appear in the server console. In this example, the player named TheNotWanted will see the message "Connection Lost.

1 Answers

In plain: you can't.

Some user can block to receive cookies, or even to use a proxy to fake it's IP address, you you just can't make sure some user cant access your application.

An (extreme) option is to force all your legitimate users to install a client certificate and to check it at server-side but, as I said, it's a extreme solution. I don't like to install certificates just to access some site.

I suggest you just let it go; sometime in future your troll will get bored and will look for something more useful to do with his/her time.

like image 87
Rubens Farias Avatar answered Sep 27 '22 17:09

Rubens Farias
Sign in to Comment

Related questions

custom monolog logging channel in symfony2 command
What is the PHP exec() return value?
Detecting emails in a text
PHP and custom HTTP headers, bad practice?
Folder Structure for storing millions of images?
Anyone know an elegant function to fix name cases?
What is the maximum number of cURL connections set by?
How does Facebook notify and instantly shows new comments or how does Stackoverflow do it?
How do I configure emacs for proper PHP development?
Android GCM message successfully sent but not received
Dependencies graph for large PHP application
"You cannot access this page directly" - Hybrid Auth
Why does PHP think it's a bad idea to rely on the system's time zone? [duplicate]
How to keep only specific array keys/values in array?
How to export database with Adminer?
laravel url validation umlauts
Force Canonical to use HTTPS
cURL error 35: gnutls_handshake() failed
Failed to load native library 'libnative-platform.so' for Linux amd64
Zend_JSON:Encode messing up - why?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!