Srevilak: Created page with "I've installed the ip_ranges module on voices.occupyboston.org. We keep getting these spam posts from `Raul\d+`, originating from a set of Chinese IP Addresses. No di..."

2012-09-01T13:02:22Z

Created page with "I've installed the ip_ranges module on voices.occupyboston.org. We keep getting these spam posts from <tt>Raul\d+</tt>, originating from a set of Chinese IP Addresses. No di..."

New page

I've installed the ip_ranges module on voices.occupyboston.org. We keep getting these spam posts from <tt>Raul\d+</tt>, originating from a set of Chinese IP Addresses. No disrespect intended to Raul, but I'm going to start blocking entire non-us ARIN ranges.

In admin/config, there are two options for blocking ip addresses

* "IP address blocking". This is drupal's built-in facility for blocking single ip addresses.

* "IP range bans". This comes from the ip_ranges module.

ip_range stores its blocks in a table called <tt>ip_ranges</tt>. If you accidentally lock yourself out, you can delete the offending row.

I've also made a small code change to ip_ranges, so that we log blocks.

<pre>
diff --git a/sites/all/modules/ip_ranges/ip_ranges.module b/sites/all/modules/ip_ranges/ip_ranges.module
index 7872de6..3129164 100644
--- a/sites/all/modules/ip_ranges/ip_ranges.module
+++ b/sites/all/modules/ip_ranges/ip_ranges.module
@@ -75,8 +75,10 @@ function ip_ranges_boot() {
* Prints a message and exits if access is denied.
*/
function ip_ranges_deny_access() {
+ $ip_addr = check_plain(ip_address());
+ watchdog('user', 'blocked by ip-ranges: %ip', array('%ip' => $ip_addr));
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
- print 'Sorry, ' . check_plain(ip_address()) . ' has been banned.';
+ print 'Sorry, ' . $ip_addr . ' has been banned.';
exit();
}
</pre>

That's a hack. If ip_ranges works well for us, I'll make the logging configurable, and submit the enhancement to the module maintainers.

IP Ranges blocking for voices.occupyboston.org - Revision history

Srevilak: Created page with "I've installed the ip_ranges module on voices.occupyboston.org. We keep getting these spam posts from Raul\d+, originating from a set of Chinese IP Addresses. No di..."

Srevilak: Created page with "I've installed the ip_ranges module on voices.occupyboston.org. We keep getting these spam posts from `Raul\d+`, originating from a set of Chinese IP Addresses. No di..."