Announcement

Collapse
No announcement yet.

What is mechanism underlying ban?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • What is mechanism underlying ban?

    I searched first, and didn't quite find the information I'm seeking. So...

    I'm on 3.0.3. I see how to ban by ip in the admin->options area. I see how to ban by admin->users->ban, and move to group that accepts banned persons.

    I have a troll coming in on an AOL ip address. I made his primary group 'unregistered' and banned him to the 'banned' group (created just for him) for two years (he probably just needs time to grow up).

    But... how does the ban take effect? By cookie? By being logged in? Or by ip address? If it's by ip address that's a problem, since lots of aol users share ip addresses. The one being banned could re-connect with a different aol proxy address, and some other innocent bystander could run afoul of the ban.

    If it's by cookie, would the offender regain access by clearing cookies and simply not logging back in? If so, it would seem to me that banning a person is the same effect as leaving them not logged in. True?

    So... what does the code actually do in the case of a banned person? I don't intend to argue as to the design decisions, just want to know what the design actually is, so I can work accordingly.

    Thanks for the help, as always!

    Ed

  • #2
    Its by cookie, and yes they could clear their cookies and return.

    Sadly I do not believe there is any very effective way to ban a user. It is outside of vBulletin's abilities, we can only know so much about a user, and this is told to us by their browser. Relayed to php and apache. vBulletin knows what apache knows, and apache knows what the browser tells it, which isnt much outside of a few small details.

    Comment


    • #3
      Thank, Zachery! that's what I need to know. And I agree with you on the difficulty of effective banning on a public (non-password-protected) board.

      Comment


      • #4
        Originally posted by Zachery

        Its by cookie, and yes they could clear their cookies and return.

        Actually, I don't fully agree. If your board is set up so that only users who are logged in can see your Subs, than clearing his cookie won't gain him anything.

        He still needs to be a registered user with access in order to see those Subs. If he tries to log in, vB will know he's banned and process him accordingly.


        But that assumes that you have your board set up that way.

        And even if you don't, he can see the threads - but he still can't post unless he logs in and has that access (assuming that you don't allow Guest posting).
        echo $ocean_signature;

        ;)

        Comment


        • #5
          Thanks Ocean, that makes sense

          Comment


          • #6
            Originally posted by ewbarnard

            Thanks Ocean, that makes sense

            You're welcome!
            echo $ocean_signature;

            ;)

            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X