Banlist

Please note: This page is under construction and has not been finished yet.

Introduction

The Banlist is a tool for restricting access to your e107 website. It will always put less load on the server if you are able to ban unwanted visitors before e107 even starts executing; where this is not practicable for any reason the e107 banning facilities cut in early on during execution - before the database is opened.

Automatic Bans

e107 automatically bans individual IP addresses if they attempt to flood the site, as well as addresses with failed logins.

There are a number of types of ban:

  • Unknown (Most likely a ban that was imposed before e107 was upgraded from 0.7.x)

  • Manual (Entered by an admin)

  • Flood (Attempts to update the site too fast)

  • Hit count (Attempts to access the site too frequently from the same address)

  • Login failure (Multiple failed login attempts from the same user)

  • Imported (Added from an external list)

  • User (IP address banned on account of user ban)

All these individual types can be treated differently by the options available in Messages/Ban Periods

Blacklist

The user banning/whitelisting system is arranged to minimise the impact on the server from banned users. All checking of IP addresses is carried out before the database is opened.

Banlist Main Page

This page shows a list of all IP addresses, hostnames and email addresses which are banned. (Banned users are shown on the user administration page)

  • Ban Date

  • Type

  • IP / Email / Reason

  • Notes

  • Ban expires

  • Options

    • Edit

    • Delete Ban

Add to Banlist

You can ban users from your site at this screen. Either enter their full IP address or use a wildcard to ban a range of IP addresses. You can also enter an email address to stop a user registering as a member on your site.

Banning by IP address:

Entering the IP address 123.123.123.123 will stop the user with that address visiting your site. Entering an IP address with one or more wildcards in the end blocks, such as 123.123.123.* or 214.098.*.*, will stop anyone in that IP range from visiting your site. (Note that there must be exactly four groups of digits or asterisks)

IPV6 format addresses are also supported, including '::' to represent a block of zero values. Each pair of digits in the end fields may be a separate wildcard, represented by 'xx'. (Note that digits cannot appear after you've entered 'xx').

Banning by email address

Entering the email address foo@bar.com will stop anyone using that email address from registering as a member on your site. Entering the email address *@bar.com will stop anyone using that email domain from registering as a member on your site.

Banning by user name

This is done from the user administration page.

  • Enter IP, email address, or host:

    • Note: To ban a user by user name, go to the users admin page:

    • Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host. Banning by IP and email address will still function normally.

  • Reason:

  • Notes:

  • Ban expires:

Whitelist

This page shows a list of all IP addresses which are explicitly permitted. This list takes priority over the ban list - it should not be possible for an address from this list to be banned. All addresses must be manually entered.

Add to Whitelist

You can specify IP addresses which you know to be 'friendly' here - generally those for the main site admins, to guarantee that they can always gain access to the site. You are advised to keep the number of addresses in this list to an absolute minimum; both for security, and to minimise the impact on site performance.

  • Enter IP, email address, or host:

    • Note: To ban a user by user name, go to the users admin page:

    • Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host. Banning by IP and email address will still function normally.

  • Reason:

  • Notes:

Failed logins

Import/Export

This page allows you to transfer banlist data to and from this site as CSV (Comma Separated Variable) files.

  • Data Export

    • Select the types of ban to export. The fields will be delimited by the chosen separator, and optionally included within the selected quotation marks.

  • Data Import

    • You can choose whether the imported bans replace existing imported bans, or whether they add to the list. If the imported data includes an expiry date/time, you can select whether this is used, or whether the value for this site is used.

  • CSV Format

    • The format of each line in the file is: IP/email, date, expiry, type, reason, notes. Date and expiry are in the format YYYYMMDD_HHMMDD, except that a zero value indicates 'unknown' or 'indefinite'. Only the IP or email address is essential; the other fields are imported if present.

    • Note: You will need to modify filetypes.xml to allow admins to upload the 'CSV' file type.

Export Types

  • Unknown (Most likely a ban that was imposed before e107 was upgraded from 0.7.x)

  • Manual (Entered by an admin)

  • Flood (Attempts to update the site too fast)

  • Hit count (Attempts to access the site too frequently from the same address)

  • Login failure (Multiple failed login attempts from the same user)

  • Imported (Added from an external list)

  • User (IP address banned on account of user ban)

  • CSV Export format:

  • Field Separator

  • Quote (round each value)

Import Choices

  • Replace all existing imported bans

  • Use expiry date/time from import

  • Import File:

  • CSV Import format:

  • Field Separator

  • Quote (round each value)

Messages/Ban Periods

This page allows you to specify any message text to be displayed to a banned user, and also the default duration of the ban (this can be overridden for each individual ban).

Message If you wish the banned user to get a blank screen, use an empty message. Otherwise enter the message to be displayed. As a special case, if the first characters of the message are 'http:' or 'https:', the entire message is treated as a URL, and the banned user is redirected to that URL. Thus you can, for example, direct the user to your 'site rules' page or other help, or display a simple HTML page. If there is no query part to the URL, the type of ban is appended in the form [-n], where n is a digit 1..9 representing the type of ban. See the e107_handlers/iphandler_class.php file for details of these.

  • Ban duration

The default ban duration can be set to one of a number of fixed values:

    • Indefinite

    • 1 hours

    • 2 hours

    • 3 hours

    • 6 hours

    • 8 hours

    • 12 hours

    • 1 day(s)

    • 36 hours

    • 2 day(s)

    • 3 day(s)

    • 4 day(s)

    • 5 day(s)

    • 7 day(s)

    • 14 day(s)

    • 28 day(s)

Click Update when finished.

You can set an expiry period for each type of ban, in which case the entry is removed once the ban period expires. Otherwise the ban remains until you remove it.

You can modify the ban period from this page - times are calculated from now.

Options

Use reverse DNS to allow host banning

If enabled, the user's IP address is looked up to obtain the associated domain name. This accesses an external server, so there may be a delay before the information is available - and if the server is off-line, there may be a very long delay.

You can choose to look up server names on all site accesses, or only when adding a new ban.

    • Turning this option on will allow you to ban users by hostname, rather then just IP or email address.

    • NOTE: This may affect pageload times on some hosts, or if a server isn't responding

Reverse DNS accesses when adding ban

  • Reverse DNS accesses when adding ban

    • When a ban occurs, this option adds the domain of the banned address to the reason

Set maximum access rate

This sets the maximum number of site accesses permitted from a single user or IP address in any five-minute period, and is intended to detect denial of service attacks. At 90% of the selected limit, the user receives a warning; on reaching the limit they are banned. Different thresholds may be set for guests and logged-in users.

  • Set maximum access rate

    • for guests

    • for members

    • This determines the maximum number of site accesses in a 5-minute period

Retrigger ban period

This option is only relevant if the option to ban users for a specified time, rather than indefinitely, has been used. If enabled, and the user attempts to access the site while banned, the ban period is extended (as if the ban had just started).

For this option to function, the relevant scheduled task must also be enabled. This task recalculates all the expiry times for the bans. An interval of 5-60 minutes is suggested, dependent on the shortest ban period used.

    • This will restart the ban period if a banned user accesses the site

Date/time format for ban log

Remove expired bans from list

Last updated