IP Ranges blocking for voices.occupyboston.org

From wiki.occupyboston.org
Jump to: navigation, search

I've installed the ip_ranges module on voices.occupyboston.org. We keep getting these spam posts from Raul\d+, originating from a set of Chinese IP Addresses. No disrespect intended to Raul, but I'm going to start blocking entire non-us ARIN ranges.

In admin/config, there are two options for blocking ip addresses

  • "IP address blocking". This is drupal's built-in facility for blocking single ip addresses.
  • "IP range bans". This comes from the ip_ranges module.

ip_range stores its blocks in a table called ip_ranges. If you accidentally lock yourself out, you can delete the offending row.

I've also made a small code change to ip_ranges, so that we log blocks.

diff --git a/sites/all/modules/ip_ranges/ip_ranges.module b/sites/all/modules/ip_ranges/ip_ranges.module
index 7872de6..3129164 100644
--- a/sites/all/modules/ip_ranges/ip_ranges.module
+++ b/sites/all/modules/ip_ranges/ip_ranges.module
@@ -75,8 +75,10 @@ function ip_ranges_boot() {
  * Prints a message and exits if access is denied.
  */
 function ip_ranges_deny_access() {
+  $ip_addr = check_plain(ip_address());
+  watchdog('user', 'blocked by ip-ranges: %ip', array('%ip' => $ip_addr));
   header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
-  print 'Sorry, ' . check_plain(ip_address()) . ' has been banned.';
+  print 'Sorry, ' . $ip_addr . ' has been banned.';
   exit();
 }

That's a hack. If ip_ranges works well for us, I'll make the logging configurable, and submit the enhancement to the module maintainers.