Ban IP Address/Range for 1.5

Added in 1.5.3 is the ability to define comments in the params by prefixing the line with a pound character.
Added in 1.5.2 there is the ability to use a table to define entries. The table create statement is at the top of the banip.php file. An XML install for Table Editor (part of the Advanced Tools project) is available to modify the table in a GUI style interface.
Note: If you wish to test your ranges before applying them, check out the IP Checker in my JDiagnostics kit: http://sammoffatt.com.au/os/index.php/joomla-15-products/13-jdiagnostic/29-jdiagnostic-ip-checker
If this extension is misconfigured it may prevent access to your site. It is recommended that you utilise the JDiagnostic IP Checker before publishing the extension. Additionally, you can rename the /plugins/system/banip.php file to diasble the extension temporarily to allow access to the administrator if you have enabled that option in error.
AnyHoo, I had set Ban IP to use the White list for Admin with my IP address in it. HSS kind of spoofs your IP so consequently Ban IP blocked me and I got the redirect page.
So I got my FTP up and renamed the banip.php to banip.php.old and tried to login, same redirect page, ok lets have a clean out, CCleaner to the rescue, ran CCleaner, started Firefox and luckily I got the login page.
Phew! that was close,
Went to the plugins manager
Clicked on System - Ban IP Address
Chose "Enabled - NO"
Saved the settings
Went to my ftp, renamed banip.php.old back to banip.php
Went back to the plugins manager and opened System - Ban IP Address
Changed the administrator block mode to black list only
set the Enabled: to Yes and saved the settings.
Drama over lol! I'm still learning... obviously and the information could be a bit more noob friendly, consequently I kind of stumble around piecing bits of info together, this is one of the reasons I've done this to maybe help others that make my mistake.
I was / am getting so tired of all these Spam Bots. Seems close to 80% of forms I have to deal with are bogus - and most clients DO NOT what to use a 'catcha'.
This little plugin has done the trick.
PS - not sure how anyone accidentally locks their IP out from the Admin - you literally have to try and make such a mistake with this plug-in.
You can rename the file in the file system (/plugins/system/banip.php) or you can edit the database to disable the extension. I suggest renaming the PHP file, logging in and reconfiguring the plugin. I also suggest using JDiagnostic to test prior to enabling the extension.
I have had a few lamers from known ips who have been targeting me lately.
normally I just ban their usernames when I see the familiar IP or the shenanagins on the site.
but this lets me Rick Roll them or send a sweet message while they are logged.
love the redirect...
"life is like a box of tinyurl redirects, you never know what your gonna get"
HA!
5 stars by far!
I have encountered a few disadvantages though, which I would like to see removed in another version:
All the IPs are stored as parameters in the jos_plugins table, which makes the data access slow. This might not be the problem with a few IPs but becomes a tremendous challenge with about 6000 IPs.
Not only is the data field a text field in the jos_plugins table, which cuts all the entries after a specific length, but all the data needs to be retrieved for the plugin to work. (OK, I adjusted the field type manually to longtext to store all the data in the field.)
I suggest that an additional table be inserted into the database, which contains all the IPs. Then it would be one fast query to see, whether an IP is in the table or not. But the user wouldn't have to wait until 6000 or more records are loaded.
Thanks,
Kelley
The only request I would have is that there be a broader range in the octave set rather then simply banning or white listing a C class, have it so that we can ban B and even A classes.
I could give scenarios as to why such an additional function/feature would be needed - helpful - or even wanted...but would save that for the right forum...
All in all a very simple plug-in to install and very easy to use!!! Well done and thank you for building the tool.
You can put any CIDR formatted range, you could do a /16, a /8 or even if you want something like a /31 and all should be blocked/permitted properly. The /24 is documented because its a popular choice, I might put some other examples up there as well.
My only feature request for the average user would be: upon saving the parameters, if the $_SERVER['REMOTE_ADDR'] == 'ONE OF THE IPS IN THE BLACKLIST' then a message saying 'you are blacklisting' your IP, are you sure you want to do that?'
This would give users who are not database savvy a chance not to lock themselves out of their CMS.
GREAT JOB though Sam!!!
As this is a plugin there is no way to easily check the values of it when it saves. When I get some time I'm planning on building a component that will have a better user interface and permit extra checks. The plugin will then have the ability to use the component's configuration or stand alone in its own right.
The guestbook lists the IP address, install ban address end of problem.
Does the job! Thanks






