Blocking IP addresses, domains (.htaccess help)

[TN Todd]

I have a forum at one of my sites outdoors-411.com that uses an older version (1.4.4) phpbb. The forum is basically a family friendly forum with topics such as hiking, fishing, canoeing etc.. I keep getting some lowlife registering obscene user names and within his profile he includes links back to his porno site(s), they are usually one of three web sites all registered outside of the US. This particular version of phpBB does not have a verification process such as sending an e-mail, so these user names are displayed for everyone to see. I try to keep them cleaned out but it is a pain to try to keep up with this moron who sometimes registers 5 or more names a day. I guess he is attempting to gain link popularity ?

I have attempted to upgrade the forum to a newer version with no luck at all and the folks at phpBB are little or no help at all with the upgrade. I am not willing to loose my 12,000+ posts by switching to a different forum and I am just not sure how to stop this freak.

Can I use htaccess to completely block access to my site from a particular country?

I am pretty sure I could block him by his IP if I only knew what it was.

The main web site they are trying to promote is a subdomain (which is to vulgar to post) of kahovsky.com but when you go to the main page of that domain you get nothing but some 'holder' page. However the domain is registered in DE which I assume is Germany? Personally I don't care if anyone from Germany can get to my site if it stops this idiot.

This was happening one other time about 3 months ago and I contacted their host they checked my site a couple of times one day and saw the registerations and they dumped him! This time however, I haven't heard back from his current host who I have contacted a couple of times.

What can I do? I am open to all suggestions just to keep this guy from visiting my site at all. Even if it means keeping everyone from his country being kept out as well.

My thinking is if I can block users by IP via htacess it would seem someone smarter than me may know a way to block by country. Surely this is possible. Any advise or information on that would be greatly appreciated.


Thanks in advance for any suggestions!

[Rosalind]

First, find out his IP, which may not be German at all, even if that is where this guy lives. For example, AOL users from the UK appear to come from the USA. Likewise the whois info could be untrustworthy. So you have to monitor the IP address.

If it's not a fixed IP this could mean banning a whole range from a major ISP.

I don't know much about your version of phpBB, there may be an option to do this already. I'm fairly sure you can block users by IP in the latest versions. Check your logs and if they don't offer up the info, you need a script on the signup page that records the IP and signup name to your database. PhpBB might already do this, it might pay to dig through their help forums before adding a script of your own.

[paulhiles]

Once you've established the visitor's IP address, you can add the following to your .htaccess file

Code:

order allow,deny
deny from 123.123.123.123
allow from all

This would then ban the IP 123.123.123.123 from your site. On visiting, a user from that IP would be shown the 403 "Forbidden Access" error message.

If you're 100% sure that it's the domain name you mentioned, then you could simply ban the whole domain (see below).

Code:

deny from kahovsky.com

Banning access to an individual country would not be effective IMO, they might be physically located in one country, but be hosted in another. One of the many complications of such a global community!

Paul

[TN Todd]

If I knew the IP I could ban them easily, but I have no way of getting it. This version of phpBB only gives it once they make a post which he/they never do. I have no desire at all to wade through 4,000 unique IP's to try to find this persons.

You said "deny from kahovsky.com"

What would this do for me? What is the correlation between this idiots domain name and his ISP?

[paulhiles]

Quote:

Originally Posted by TN Todd

What would this do for me? What is the correlation between this idiots domain name and his ISP?

I thought you'd said that one of the worst sites they posted was a sub-domain of the kahovsky.com domain? I'm just trying to offer suggestions here.

[TN Todd]

Hi Paul and thanks!

Hope I don't sound to negative, but this guy has me pretty .... agrivated. I really do appreciate all suggestions.

If you go to the main domain kahovsky.com it's just a place holder. The actually links he is using in his profile are along the lines of
gang-rape.kahovsky.com/more-disturbing-stuff-here.html

Any ideas on how to stop this guy are greatly appreciated!!

[Easywebdev]

Subdomains use the same ip address as the primary domain.
In this case kahovsky.com resolves to 69.50.187.105 so banning that ip will block access from all subdomains.
A .htacces containing

Code:

order allow,deny
deny from 69.50.187.105
allow from all

should keep them out.

[flood6]

Quote:

Originally Posted by Easywebdev

Subdomains use the same ip address as the primary domain.
In this case kahovsky.com resolves to 69.50.187.105 so banning that ip will block access from all subdomains.
A .htacces containing

Code:

order allow,deny
deny from 69.50.187.105
allow from all

should keep them out.

But the spammer in question almost certainly has a different IP (the dark cave he resides in) from the IP where his site is hosted, correct? i.e slap-and-tickle.kahovsky.com has a different IP than his PC.

I think you're going to have to wait and find what day he registers with your site, then go through that day's logs to try and figure out which IP he's at, and ban it.

[TN Todd]

Flood6 Your correct when you said "But the spammer in question almost certainly has a different IP (the dark cave he resides in) from the IP where his site is hosted, correct? i.e slap-and-tickle.kahovsky.com has a different IP than his PC.
"

That's what I was trying to understand. I did use the above advice just to try, but I woke up this morning and he had indeed registered again.

What a jerk!

[TN Todd]

Is there anyway to get find the major ISP's from this guys town?

Here is his contact info that is listed in Who Is

John Kahovsky (s79s@pisem.net)
6th Grosse str, 17
Dusseldorf
null,D-62512
DE
Tel. +91.773064


Also I have tried e-mailing him to try to get a response (and his IP) but he never responds.

I have also contacted his host and they have not responded or even acknowledged my e-mails.

[flood6]

You could call him, lol! That would freak him out. Don't do or say anything illegal, just kindly ask him to stop abusing your site.

Have you talked to your host? There is a limit to what they can/will do, but if you ask them to try and find out what IP he is using, they might check your logs for you.

[TN Todd]

Appearantly this jerk is using lots of peoples phpBB forums in the same way. Check out the URL's for the members on this page

http://www.linuxselfhelp.org/phpBB/b...t=1050&sortby=

[steve0]

I am not familiar with the older versions of phpbb.. but using the same idea as the htaccess you could also add a line to the top of the config file that says something like:

<?
$remoteaddress = getenv("REMOTE_ADDR");

if (stristr($remoteaddress,"69.50.187")){
die("

</P><h1 align=center>Server currently undergoing maintenance</h1>");
}
?>

It is simple and clean.. and won't seem confrontational...

but the again .. you could use

die(header("location:http://$remoteaddress"));

programmatically saying "Go back where you came from"


-steve

[TN Todd]

I was actually able to track down his IP with some help from my host. I blocked him for a short time but now he's back at it again.

The IP he was using was.
69.50.187.99
Not sure what he's using now. I tried blocking everything between 69.50.187 1-255 but he is still posting a bunch of rape/insect garbage this afternoon.

[cyanide]

YOu may want to consider switching boards.
Invision board, for example has a feature that allows you to pick up the ip address without them having to post. It has a lot more features too.

There's probably a converter available

[TN Todd]

I would convert in a heartbeat if I could keep my old posts.

As I understand it the newest version of phpBB also gives the IP upon regitration. The problem is I have tried to upgrade and had a ton of problems and in the end it would work. Their support is useless for real problems.

Plus, this idiot is appearantly changing IP frequently. If I could get a hold of him I would ring his dang neck!

I for the life of me can't figure out why anyone would want to subject a family friendly site to this crap.