SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Thread: How to prevent ban evasion

  1. May 15, 2004 07:43 #1
    Turnip
    Turnip is offline
    SitePoint Member Turnip's Avatar
    Join Date
    May 2004
    Location
    Reading, Berkshire, UK
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to prevent ban evasion

    Hi,

    I have a website where users can create an account. Currently, if they are banned, it will just mean that they cannot view the site logged into the banned account. They can perfectly easily delete the cookie, register for another account, and wreak more havok. I (think) that I can get their IP address (using ASP) Server.RequestVariables("HTTP_REMOTE_ADDR"), or something like that at least. Thing is, more than one person can have the same IP address (AOL users especially), and I dont want to stop someone who hasnt done anything wrong from accessing my site. So what I want to know is if there is any way that I can uniquely identify a site visitor which will enable me to stop them from viewing the site if I so wish. Short of that, how can I find out their ISP so I can speak to their ISP in the event of very serious offences.

    Thanks a lot
    Turnip
  2. May 16, 2004 03:46 #2
    Dangermouse
    Dangermouse is offline
    SitePoint Wizard Dangermouse's Avatar
    Join Date
    Oct 2003
    Posts
    1,024
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well if you dont want to ban IP's/IP Ranges there is not a lot you can do, IP is what uniquely identifies you.

    You can find out the isp by using (not sure how to do it in ASP) gethostbyaddr, there should be something in ASP for it. It looks up the ip, and returns the host name, and should have the ISP domain at the end. Eg mine is m159-mp1.cvx1-b.gfd.dial.ntli.net (my ISP is teconet, but ran by NTL(i))
  3. May 16, 2004 04:03 #3
    Turnip
    Turnip is offline
    SitePoint Member Turnip's Avatar
    Join Date
    May 2004
    Location
    Reading, Berkshire, UK
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was under the understanding that often more than one person might have the same IP address, and so that if I banned IPs, I might be stopping people accessing the site. Is this not the case?
  4. May 16, 2004 08:40 #4
    stymiee
    stymiee is offline
    He's No Good To Me Dead silver trophybronze trophy stymiee's Avatar
    Join Date
    Feb 2003
    Location
    Slave I
    Posts
    23,411
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    For dial up users it's possible but keep in mind that not every AOL user is visiting your site. So if you ban a small group of them by banning an IP class you're not hurting yourself much if at all. Plus you can always remove it after a few months after the loser has finally stopped trying to troll your site.
    John Conde | Facebook | Twitter
    Brainyminds Merchant Account Services I Love Code eBook Giant
    Authorize.Net: AIM API | ARB API | CIM API Get the FREE code!
    Merchant Accounts 101 | Ecommerce 101
  5. May 16, 2004 08:43 #5
    The New Guy
    The New Guy is offline
    Put your best practices away. The New Guy's Avatar
    Join Date
    Sep 2002
    Location
    Canada
    Posts
    2,087
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    Mabye you could create a que, where you manually add users, people so if they have similiar IP or a stupid/rude username or whatever, you can just not sign them up, also the extra time needed will discourage them.
    "A nerd who gets contacts
    and a trendy hair cut is still a nerd"
    - Stephen Colbert on Apple Users
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules