How does IP banning work?

Boz Mon · Jan 28, 2007

I was having a discussion with someone about ip banning and he told me that the ISP company will be notified if someone gets ip banned from somewhere. Is there any truth to this, or was this person making it all up? For the record, I didnt get IP banned from anywhere nor do I anticipate it any time soon.

Wolfe · Jan 28, 2007

Well, it's possible. Your ISP's name is one of the bits of info that your computer projects as it surfs the web, and with both the IP address and the ISP name, a website owner could theoretically send them a notice of a ban. I can't say whether or not it's a common practice, though.

NoQuarter · Jan 28, 2007

An IP address is also unique to a service provider. There are form-driven web tool sites that allow one to discover exactly what the ISP is of most IP addresses (AOL uses proxy servers, so even though one can identify a particular IP as being an AOL user, the actual user is masked by the proxy address).

We had an incident last year over at the GTX where a particular user was suspended, then banned for AUS/TOS abuse. He began to reregister with new alias names, using all the available free email services he could find. This escalated into creating new accounts with vulgar and inflammatory names. The staff was kept very busy banning/deleting these accounts.

The Board owner finally contacted the ISP and sent him a list of the IPs along with dates and times of the abuse. After a few rounds emails back and forth, the problem "went away"

Famine · Jan 28, 2007

I'm curious...

If a rogue moderator/admin (someone with the power to ban IP ranges - which only the admin here have) blocked *.*.*.*, would that render the whole site inoperable to everyone, including the owners and hosts, requiring a complete delete and restoring from a backup?

Wenders · Jan 28, 2007

Boz Mon
I was having a discussion with someone about ip banning and he told me that the ISP company will be notified if someone gets ip banned from somewhere. Is there any truth to this, or was this person making it all up? For the record, I didnt get IP banned from anywhere nor do I anticipate it any time soon.

Banning someones IP won't automatically notify their ISP. If they were particularly annoying and breaking all sorts of rules then their ISP can be notifed but it would be up to them if they wanted to boot them off their ISP.

We had an incident last year over at the GTX where a particular user was suspended, then banned for AUS/TOS abuse. He began to reregister with new alias names, using all the available free email services he could find. This escalated into creating new accounts with vulgar and inflammatory names. The staff was kept very busy banning/deleting these accounts.

We had someone like that on a forum I used to belong to, not only did he have mulitple email addys he but also had multiple ISPs, was very hard to get rid of him. The stupid thing was he wasn't some annoying 13yo, he was a 35yo man who thought he knew better than everyone including the owner of the site and game.

NoQuarter · Jan 28, 2007

Famine
I'm curious...

If a rogue moderator/admin (someone with the power to ban IP ranges - which only the admin here have) blocked *.*.*.*, would that render the whole site inoperable to everyone, including the owners and hosts, requiring a complete delete and restoring from a backup?

Famine, I believe most of the premium forum software packages have it coded to ignore that global a command.

Not really the kind of thing I'd like to experiment with...

Der Alta · Jan 28, 2007

Famine
I'm curious...

If a rogue moderator/admin (someone with the power to ban IP ranges - which only the admin here have) blocked *.*.*.*, would that render the whole site inoperable to everyone, including the owners and hosts, requiring a complete delete and restoring from a backup?

No, beacuse Jordan has direct access to the GTP server, which is above the forum software. Whereas Duke and I access the forum software through the forums. So in essence, I can ban everyone, including shutting down the forums, but I cannot access the database to delete anything.

The only person that can, in essence "totally", kill GTPlanet.net is Jordan.

We've survived DDoS attacks, and various other people with intentions to "kill" GTP, and we're still here. They're gone.

Jordan rules this kingdom.

'nuff said.

Famine · Jan 28, 2007

Der Alta
No, beacuse Jordan has direct access to the GTP server, which is above the forum software. Whereas Duke and I access the forum software through the forums. So in essence, I can ban everyone, including shutting down the forums, but I cannot access the database to delete anything.

GTP is a special case - we're a site with a forum. I was thinking more of sites which were solely forums (fora?)...

Mrs. Famine · Jan 28, 2007

Famine
I'm curious...

If a rogue moderator/admin (someone with the power to ban IP ranges - which only the admin here have) blocked *.*.*.*, would that render the whole site inoperable to everyone, including the owners and hosts, requiring a complete delete and restoring from a backup?

Yes, it would, to a degree but it would still be accessible via the database (mySQL for example) as a root user.

Der Alta · Jan 28, 2007

I'm amazed, I know more about this than Famine does. Wow, my feet are cold. Hell must have frozen over.

Any site, is accessed much like a house. A forum, is simply a room in that house. The owner always has keys to the front door, and back door. The content of the site, is in another room. That other room isn't visible, but it is always there. The doors to the house are always there. In order to lock the owner out of the house, you'd have to either have keys, or the owner left a door or window open.

With a shared hosting platform, a group of people share floors in this house. If someone left the doors open to theirs, chances are someone can access your floor.

Can you find an example of a site, which is nothing more than a forum?

Jondot · Jan 28, 2007

Carrying on from what DA said, it's worth bearing in mind that most IP bans don't actually stop you from accessing the server. They simply display a message for people with that IP, and stop them going any further than that.

Think of it as getting into the house, and getting as far as the hallway before being confronted with a wall. While you're strictly inside the house, you can't go any further.

Jordan · Jan 28, 2007

Famine
GTP is a special case - we're a site with a forum. I was thinking more of sites which were solely forums (fora?)...

As Der Alta described with his house example, a forum is simply a set of scripts which run on the server. If the scripts have been instructed to block a group of IP addresses, it will block them if any one tries to access a page generated by that script. If the software is installed in the root directory (which would appear as a site which is only a forum, where the forum is accessed directly at www.example.com ), the user would still be blocked but if they tried to access a page on the site that was not generated by the forum software they would be able to access it without a problem. We almost always use this method when banning troublesome members, because it is the simplest.

The situation that you've described can only occur with an IP block via the server's firewall. This prevents all traffic to and from the server from a specified IP, and is typically used to block DDoS attacks, brute force login attempts, etc. Creating a rule blocking *.*.*.* can be done, and yes it would block all traffic. Of course, I have ways around that too should the situation ever occur.

How does IP banning work?

Boz Mon

Wolfe

Physics Critic

NoQuarter

GT Ambassador

Famine

GTP Editor, GTPEDIA Author

Wenders

iMum 2.0

NoQuarter

GT Ambassador

Der Alta

Official GTP Bouncer

Famine

GTP Editor, GTPEDIA Author

Mrs. Famine

has a use for you

Der Alta

Official GTP Bouncer

Jondot

Jordan

Site Founder

Latest Posts