But yes, you can block by singular IP, a block or range of IPs. Since you're hosted in Italy, you probably don't want to restrict IPv4 addresses designated to Italian ISPs or those of your Web host. I'd recommend identifying them in a spreadsheet by downloading the list of available assigned IPs and prioritizing the larger IP ranges. You can then use it as a reference against IPs you plan to block in the ACP or .htaccess. You'll then need to monitor your
Contact Us page messages for members, new members and prospective members asking to be unbanned.
To block an IPv4 address, just put in the full IP. That won't be effective for long though.
(
ACP, Users and Groups, Ban IPs).
To restrict a network, end it with "
*", so
113.200.14.* This blocks all 255 IPs in the 113.200.14.x network
or
113.200.*.* to block all IPs in the 113.200.x.x network
Or if you see a BOT or group data mining your site, just use the WhoIs function in WHO IS ONLINE to help identify its network range. So if it's 113.200.14.0 - 113.216.255.255, adapt the ending network IP in the
IP addresses or hostnames box up by 1.
You'll want to block 113.200.14.0 - 113.217.0.0. Then go back and remove 113.217.0.0 from the un-ban box below the main ban box, because it's not part of the range you originally wanted to ban. The forum code will fill in all the address blocks you asked it to block automatically.
Note, this will not prevent the scammers and trolls from getting to your site from those IPs. They'll see a page showing that they've been banned, but the WHO IS ONLINE will show them as viewing "Index Page.' It you want to totally block all access via IP bans, use your .htaccess file for that. It does not tolerate those coming to your site via any IP you've blocked there. Get to know and use the Allow/Deny structure:
...
Order Allow,Deny
Deny from 111
Deny from 112
Deny from 113.200
Deny from 185.220.102
etc...
etc...
etc...
Allow from all
Note, overlapping the IPs in .htacess and in your ACP ban list will be redundant if you do that, with .htaccess taking priority.
Also very helpful in identifying the bad guys is
Stop Forum Spam https://www.stopforumspam.com/search
a free site you can use to paste suspected offensive
IP and email addresses from whatever source you find them. The Web site allows you to search either via an IP or email address, both of which every PHPBB member will have associated within their registered account. There's a PHPBB plug-in for it too, if you want to automate banning known scammers.
https://www.phpbb.com/customise/db/exte ... forum_spam
Blocking email addresses using wildcards can slow or prevent the VPN tricksters too, one more obstacle you can throw in their way. They often use an email address with a country code extension. Use the "*" wildcard to catch all instances of certain fields, like so:
*@*.club
*@*.*.club
*@*.*.*.club
*@*.fun
*@*.*.fun
*@*.*.*.fun
*@*.pw
*@*.ru
*
[email protected]
*
[email protected]
Do your best not to use a ban that would block prospective members from registering. All but the last two examples here are absolutes for their domains. The last two simply prevent any characters to the left of the random number previously used.
Case in point, we have several users attempting to register. They're coming in over IPs that we haven't banned yet, but I needn't worry. Doing a quick search on Stop Forum Spam lists the E-mail address(s) used and positively identified them as a scammer. Our forum email bans already cover all possible scenarios of email accounts associated with the bad guy(s) in the list. They won't be able to register. Problem solved.
PHPBB IP and email bans are rather crude tools. But they're simple to use and eventually do make a difference it filtering out most of the garbage going on out there when you keep at it. Expect your two lists to grow extensively.