On 2013-03-19 22:42 +0100 Lukas Fleischer wrote:
On Tue, Mar 19, 2013 at 05:12:23PM -0400, canyonknight wrote:
On Tue, Mar 19, 2013 at 9:23 AM, Lukas Fleischer <archlinux@cryptocrack.de> wrote:
This allows for specifying a list of IP addresses that will no longer be able to register new accounts and login. The list of banned IP addresses can be configured in "web/lib/config.inc.php".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> ---
What are your thoughts on taking this a step further and adding a "bans" table to the DB schema? It could eventually be extended to allow for TUs and Developers to ban IP addresses directly from the web interface without ever having to muck around with the config file.
Exactly what I was planning to do.
We should also display each user's last login IP address in his profile (only visible to developers and TUs) and add a "Ban this IP address" button next to it. The "Save last login IP address" patch I submitted already adds the IP address to the Users table.
Do the IPs need to be visible? In the case of a single IP a simple ban button will suffice. A proxied IP will be completely different every time so subsequent addresses are unrelated. That only leaves netmasked dynamic IPs. It would be enough to have an interface button connected to a query that returns all users with an IP in the netmasked range (/24?). You could even automatically flag user accounts that share a range with banned IPs, again without divulging the IP address.
Oh, and we might want to exclude TUs and developers from IP bans.
I haven't tried it, but can't TUs disable each other's TU status? The exclusion would be trivial if so.