Denying locales?


#1

Is it possible to deny users with certain language locale settings from accessing my site? I’m having issues with a Brazilian who keeps using proxies to attempt to join and spam my forum – every time I ban the name server of the proxy he uses, he just uses another one. I know it’s him every time because it says “pt-BR” in the information. I want to ban users with this locale. Is it possible, using .htaccess or through some other means?

I’ve tried asking about it on phpbb3, but they said I’d need a mod, and I don’t have the knowledge to create such a mod.


#2

Hello Erebus,

If you want to manipulate IP data, I warmly recommend you the powerful maxmind application: http://www.maxmind.com/

They have a free version you can test out: http://www.maxmind.com/app/geolitecountry

Read the documentations, then you could be able to redirect users like this:

if ($country = “br”) {
header (Location: deny.php);
}
else {
header (Location: accept.php);
}

You can also do a redirection by cities etc. Encourage to have a look at it.

Hope this help.

Get $55 discount: use this code DHDISCOUNT55 when you sign up with Dreamhost for one year.


#3

Forgot to add. If you want to ban a specific IP can do it on your .htaccess file:
order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all

Source: http://www.javascriptkit.com/howto/htaccess5.shtml

Hope this help,

Get $55 discount: use this code DHDISCOUNT55 when you sign up with Dreamhost for one year.


#4

where do you see “pt-BR” exactly? if that’s actually getting sent to your server you can at the very least deny posts and/or user registration when that’s present.

track7 - my dream-hosted site


#5

mkhad: The problem is, he uses proxies that are located in other countries, so banning a specific country/specific IPs wouldn’t do me any good. This is why I just want to automatically deny access to anyone using the pt-BR locale, because if he uses proxies, then there isn’t anything else I can do, as far as I know.

misterhaan: In phpbb3, when you view the “Who is online” area, it’ll include the browser/system information of the users currently active, it’ll show things along the lines of: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6.

I’m really getting sick of dealing with this moron every day, and I can’t seem to get rid of him.

There’s this page that shows how to block Firefox using PHP, and I was wondering if it’s possible to do this to block users with certain locale settings? The code can be found here: http://whyfirefoxisblocked.com/blockcode.html


#6

The pt-BR part is in HTTP_USER_AGENT, so you could try something like this in .htaccess:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} pt-BR [NC]
RewriteCond %{REQUEST_URI} /posting.php
RewriteRule .* - [F]

Of course, he can always disable/change the user agent string, so in that example, I only blocked the posting page (I believe that’s what it’s called in phpBB), so he’d still have access, but not be able to post.

Maybe that wouldn’t tip him off as quickly on what’s being blocked, since that could just look like a site error, since he can view other parts okay.

If you don’t want him there at all, you could just remove this line:

RewriteCond %{REQUEST_URI} /posting.php

If you really want him to think the site is broken, maybe try this, which should just loop him back to last page if he tries to post:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} pt-BR [NC]
RewriteCond %{REQUEST_URI} /posting.php
RewriteRule .* %{HTTP_REFERER} [R,L]

Another idea that would keep him out completely and maybe not tip him off that he’s being blocked:

Create a page like closed.html that basically says you had to take the site down because of spam. He probably won’t feel singled out and might just go away with a warm feeling inside thinking he ruined your site.

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} pt-BR [NC]
RewriteCond %{REQUEST_URI} /posting.php
RewriteRule .* /closed.html [R,L]

Don’t forget to be sure this isn’t going to block anyone that you don’t want to.


:stuck_out_tongue: Save up to $96 at Dreamhost with ALMOST97 promo code (I get $1).
Or save $97 with THEFULL97.


#7

Thanks, I’ll look into this and see if it works.


#8

All right, yeah, that worked. Thanks. Is there anything else I can do about this person in case he gets around it? Surely, this can constitute as some form of harassment – it seems like it’s akin to some stranger constantly trying to get into your house, despite the fact that you don’t want them in your house, and you’ve explicitly stated so.


#9

Glad it worked out… for now, at least. :stuck_out_tongue:

You can just keep looking for other unique things to block. For example, if he just drops the user-agent, you could block blank ones. If he forges it and puts en-US in there, you probably won’t have much luck.

The one problem is that the more you block, the better your chances are of blocking someone you don’t want to.

If you don’t have a large number of sign-ups, you could manually approve them for awhile to see if anything seems suspicious, before approving them.

The forum should also have a profanity filter, so if he’s spamming a specific site, or keywords, you could always add them to the filter. Instead of just replacing them with something like *****, you could use a phrase like “delete this spam” that you can later search for, in case any of his posts slip by.


:stuck_out_tongue: Save up to $96 at Dreamhost with ALMOST97 promo code (I get $1).
Or save $97 with THEFULL97.


#10

I’ve been doing that for about a month. He never seems to give up.