Tips for banning users: Difference between revisions From Online Manual

Jump to: navigation, search
mNo edit summary
mNo edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Proper usage of SMF's system for banning users can make bans work fairly well. A number of tips advising administrators how to implement effective bans are listed below:
Proper usage of SMF's system for banning users can make bans work fairly well. A number of tips advising administrators how to implement effective bans are listed below:


# Avoid creating an entire ban group for a single ban.
# Avoid creating an entire ban group for a single ban. [https://custom.simplemachines.org/mods/index.php?mod=2265 This mod] is very useful to add new bans to an existing group.
# Avoid banning based on host name. This is a slow process because it involves carrying out a reverse lookup on the IP, which takes time.
# Avoid banning based on host name. This is a slow process because it involves carrying out a reverse lookup on the IP, which takes time. For this process, just as is the case with banning by IP, the ban query must be run on every page load that a user generates when visiting the site.
# Avoid banning on IP, if possible. IP based bans are useless because IPv6 affords any user a wide range of IPs from where they can log into a forum. In addition, owing to Carrier Grade NAT (GCNAT), as well as some countries having few IPs, banning by IP may result in banning a large number of legitimate users because there could be many of these users behind that sole IP address. Banning by IP should, therefore, only be used as a last resort.
# Avoid banning on IP, if possible. IP based bans are ineffective, especially when banning IPv6 addresses, because ISPs allow for a wide range of IPs that can change dynamically or be changed manually. As a result, banning a single IPv6 address is pointless. In addition, owing to Carrier Grade NAT (GCNAT), as well as some countries having few IPs, banning by IP may result in banning a large number of legitimate users because there could be many of these users behind that sole IP address. Banning by IP should, therefore, only be used as a last resort.
# If the account which is to be banned is a spammer or one which will be deleted, ensure that the ban is on the email address and prevent this account from registering. This means that the ban check is only applied when attempting a registration action or when attempting to change the email address. If login or post is used as a ban trigger, the ban check does have to apply when this user visits the forum.
# If the account which is to be banned is a spammer or one which will be deleted, ensure that the ban is not triggered on the user account because the account will have been deleted. Instead, set the trigger to be on the email address and set the restriction to be 'Partial: Cannot register'. This means that the ban list is only queried when the user attempts to register or attempts to change the email address (if the account was not deleted). If a ban restriction is set to 'Partial: Cannot login' or 'Partial: Cannot post' then the ban list only has to be checked if the user attempts to login or post and it is not queried on every page load.
# If the account belongs to a registered member, simply ban their account. This is fast for SMF to process.. If this user is getting around the ban, take alternative measures then, rather than in advance.
# If the account belongs to a registered member, simply ban their account. This is fast for SMF to process. If this user is getting around the ban, take alternative measures at that time, rather than taking possibly unnecessary and preemptive actions in advance.


Hopefully, these tips are helpful for administrators.  Please ask on the forum if further advice is required.
Hopefully, these tips are helpful for administrators.  Please ask on the forum if further advice is required.


[[Category:Building your community]]
[[Category:Building your community]]

Latest revision as of 16:57, 9 August 2018

Proper usage of SMF's system for banning users can make bans work fairly well. A number of tips advising administrators how to implement effective bans are listed below:

  1. Avoid creating an entire ban group for a single ban. This mod is very useful to add new bans to an existing group.
  2. Avoid banning based on host name. This is a slow process because it involves carrying out a reverse lookup on the IP, which takes time. For this process, just as is the case with banning by IP, the ban query must be run on every page load that a user generates when visiting the site.
  3. Avoid banning on IP, if possible. IP based bans are ineffective, especially when banning IPv6 addresses, because ISPs allow for a wide range of IPs that can change dynamically or be changed manually. As a result, banning a single IPv6 address is pointless. In addition, owing to Carrier Grade NAT (GCNAT), as well as some countries having few IPs, banning by IP may result in banning a large number of legitimate users because there could be many of these users behind that sole IP address. Banning by IP should, therefore, only be used as a last resort.
  4. If the account which is to be banned is a spammer or one which will be deleted, ensure that the ban is not triggered on the user account because the account will have been deleted. Instead, set the trigger to be on the email address and set the restriction to be 'Partial: Cannot register'. This means that the ban list is only queried when the user attempts to register or attempts to change the email address (if the account was not deleted). If a ban restriction is set to 'Partial: Cannot login' or 'Partial: Cannot post' then the ban list only has to be checked if the user attempts to login or post and it is not queried on every page load.
  5. If the account belongs to a registered member, simply ban their account. This is fast for SMF to process. If this user is getting around the ban, take alternative measures at that time, rather than taking possibly unnecessary and preemptive actions in advance.

Hopefully, these tips are helpful for administrators. Please ask on the forum if further advice is required.



Advertisement: