May I wish: An improved Ban feature to help against spam

Found something that doesn't work as expected? Encountered PHP errors? Submit your bug reports here!
snailbrain
Posts: 52
Joined: Sun Mar 06, 2005 10:55 pm

May I wish: An improved Ban feature to help against spam

Postby snailbrain » Sat Sep 21, 2013 7:43 am

Dear all,

I have used NP_Captcha for years, and everything went well. However, in the last two or so weeks, the spam on my blog has reached dimensions that are simply not tolerable.

Yesterday I changed to NP_RECaptcha and also installed NP_BadBehaviour. I set up accounts with ReCaptcha Project and Honeypot org and entered all significant data into my system. But the spam issue has not improved, it has become even worse.

Spam comments come in almost each minute. I am spending more time with deleting them and adding bans than with writing new blog entries. This can't be it.

I can see from the entries which origins are the worst, e.g. ---.vpn999.com (or its IP range respectively). I need a way to completely block a range like, say, "115.*.*.*", without having to ban or small IP ranges like "115.123.123." because if I simply block 115., it also blocks IP numbers that have 115. somewhere in between, and that's not what I want. (I hope you understand what I mean.)

Please help. I have been happy with Nucleus since 2005, and now I need some support from you friendly developer guys.

Best regards,
snailbrain
User avatar
WillyP
Nucleus Guru
Nucleus Guru
Posts: 872
Joined: Sun Aug 30, 2009 3:29 am
Location: Pembroke, NH
Contact:

Postby WillyP » Sat Sep 21, 2013 6:03 pm

An example : "134.58.253.193" will only block one computer, while "134.58.253" will block 256 IP addresses, including the one from the first example.



Are you saying that if you block 115, it would also block, say, 123.987.115 and 456.115.789?

And using the example above banning 134.58.253 would not only ban 134.58.253.193, but also, for example 567.134.58.253?

Have you confirmed this? If so i think this would be a very major bug indeed.
snailbrain
Posts: 52
Joined: Sun Mar 06, 2005 10:55 pm

Postby snailbrain » Sat Sep 21, 2013 7:02 pm

Hi Willy,

I can confirm it.
I banned "113" and then tried to post a comment on my blog via a VPN connection containing 113 only in the third octett of the IP number.

I can see the blog and its content, but when I try to send a comment, I get the following message:

"Cannot perform action since you (ip range 113) are banned from doing so."

Best regards,
snailbrain
User avatar
slightlysome
Posts: 213
Joined: Thu Feb 24, 2011 1:33 am
Contact:

Re: May I wish: An improved Ban feature to help against spam

Postby slightlysome » Tue Sep 24, 2013 4:08 pm

snailbrain wrote:Spam comments come in almost each minute. I am spending more time with deleting them and adding bans than with writing new blog entries. This can't be it.


A little on the side of the subject, but I may provide some light in the comment spam tunnel. I'm currently working on a comment moderator plugin. This plugin feature among other things a spam filter api. Currently I have written 2 spam filter plugins for this API and in the last month they have caught all spam comments on the site I'm testing the moderator plugin on. So this plugin may be an option for you (when it is finished).

There is still some features I need to finish and documentation to be written before I can release the plugin. I haven't had much time working on the plugin lately, and I don't know when it will be finished.
- Leo -
LMNucleus CMS home page: nucleus.slightlysome.net
My Nucleus powered blogs: www.slightlysome.net - www.tswtraveler.com
My Nucleus plugins.
User avatar
WillyP
Nucleus Guru
Nucleus Guru
Posts: 872
Joined: Sun Aug 30, 2009 3:29 am
Location: Pembroke, NH
Contact:

Postby WillyP » Tue Sep 24, 2013 11:52 pm

Nice, I am sure that will be very helpfull.

But back on topic, I have moved this thread to the bug report section. I can't imagine that the behavior described by snailbrain is intentional.
User avatar
slightlysome
Posts: 213
Joined: Thu Feb 24, 2011 1:33 am
Contact:

Postby slightlysome » Sat Sep 28, 2013 11:45 pm

Did a quick look in the Nucleus core source code, and I suggest the following change to fix this:

In BAN.php change line 33 from

Code: Select all

$found = strpos ($ip, $obj->iprange);
to

Code: Select all

$found = ! strncmp($ip, $obj->iprange, strlen($obj->iprange));
- Leo -

LMNucleus CMS home page: nucleus.slightlysome.net

My Nucleus powered blogs: www.slightlysome.net - www.tswtraveler.com

My Nucleus plugins.
snailbrain
Posts: 52
Joined: Sun Mar 06, 2005 10:55 pm

Postby snailbrain » Sun Sep 29, 2013 8:44 am

Thank you for your reply, slightlysome.
Okay, BAN.php is modified. And now, which syntax to use to ban, e.g. everything under IP 60.182.*.* ?

(That's an IP range in China from which I've got nothing else but spam comments. And you see, I'm quite insistent... ;-))

Best regards,
snailbrain
User avatar
slightlysome
Posts: 213
Joined: Thu Feb 24, 2011 1:33 am
Contact:

Postby slightlysome » Sun Sep 29, 2013 9:50 am

Add a ban on

Code: Select all

60.182.
and it should ban everything under IP 60.182.*.*.
- Leo -

LMNucleus CMS home page: nucleus.slightlysome.net

My Nucleus powered blogs: www.slightlysome.net - www.tswtraveler.com

My Nucleus plugins.
snailbrain
Posts: 52
Joined: Sun Mar 06, 2005 10:55 pm

Postby snailbrain » Wed Oct 02, 2013 6:30 pm

Thank you so much; it works. :-)

Best regards,
snailbrain

Return to “Bug Reports & Feature Requests”