Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
Ask a Question

SPAM - New users can still register from blocked IPs - Is this a bug ?

+4 votes
1.8k views
in Q2A Core by
I blocked some ips like this: 222.*

I thought now from this IP nobody could access my site, but registering is still possible.

This is a probem as these users (China this time), register many new users in a short time.

I get spamed with emails and have to delete pages of users one by one, or at least block them

when the approve option is activated...

 

Any idea ?
Q2A version: 1.6.2
by
I think this is the same thing I mentioned many months ago. With the new filters in v1.6 you should be able to block signups meeting certain conditions... but I still think it's a bug for blocked IPs to be able to create accounts.
by
Thank You Scott, even with recaptcha activated they are creating accounts.

They can not do anything on the page but I still receive the mails and have to go into the system to block and delete them.

Would be great to have the option to deny access for some ips...

1 Answer

+2 votes
by
Blocking an IP is meant to prevent new users registering from that IP, so if this is not happening it's a bug. I will look into it for Q2A 1.6.3.
by
My admin/spam blocked IP Addresses area looks like that. But I still have people registering from for example 27.153.213.48

27.* , 58.* , 120.* , 222.* , 36.* , 221.* , 175.* , 162.213.* , 111.* , 110.* , 192.34.* , 198.* , 118.* , 216.244.*

Just to verify that there is no error on my site ....
by
@gidgreen

A work around would be great until the release of 1.6.3

I cant open the site for new user registrations and webmastertools is warning because google bot is searching for hundreds of users which I have deleted, throwing many page not found errors.

This is very bad for ranking..

So some workaround would be very helpful.

With captcha, email confirm, admin confirm and blocked ip i have still up to 20 to 40 new Spam users a day. This sums up fast...

Thank You so far...
by
You could do something in qa-page-register.php with qa_is_ip_blocked() from qa-app-limits.php
by
I think I cant do php better than You, so I will wait...
Meanwhile I use a modified .htaccess
as follows (just the beginning of the htaccess file..):

DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

order allow,deny
deny from 27.
deny from 58.
deny from 120.
deny from 222.
deny from 36.
...
....
....
deny from 216.244.
allow from all
.....
...
..

That seems to work for now.
I just think that it may have disadvantages, when important bots try to access through one of these ip areas...
by
For others, this method seems to work very well, there was just one new registration from a not listed ip from china....
by
I am checking this again now and blocking an IP address does seem to block registrations from that IP in Q2A 1.6.2. So I'm confused why you're seeing the issue. Are you using the regular Q2A registration page? Check if qa-page-register.php has if (qa_user_permit_error()) { ... } in it.
by
Beginning on line 64, never changed that file.

If You want me to test something, just let me know. Actually I am using the htaccess solution and that works so far.

The registration page is the normal one, nothing changed so far.
by
I could use the standard theme and set back the htaccess, to check what ever You want. Actually that site is on hold. If really necessary I could redirect the page name to any demo page You want after recceiving new spam.
Snow Theme by Q2A Market
Powered by Question2Answer
...