Is there anyway to ban IP addresses from accsessing your site? i have a troble amker i want to get rid of.:(

I suggest you read this post (http://forum.powweb.com/showthread.php?s=&threadid=613).

If the user has a static ip address, the method Tom pointed to above will work very well.

But keep in mind, if the user has a dynamic ip address (changes almost everytime they go online) you'll need to ban a subnet. This means that you'll be banning everyone else that uses that subnet.

For dynamic ip's, I usually grab all the info I can from the user and file a complaint with their ISP in an effort to have their account shut down for violation of TOS. Essentially this means they will need a new ISP everytime they want to harass you.

It's about the best you can do, though you could get creative if you want, I did. I set up a webpage that appeared to create an image of the user's harddrive (it didn't really) and send it off to a friend at the FBI for analysis. I never saw that user again LMAO.

:p

~bud

If your access logs are turned on....

you can get their IP, and time they were actually on the site...

track their IP back by going to http://www.arin.net and use the whois DB.... this will tell you who is responsible for this particular IP... and who to contact....

e-mail the the part of the access logs.... where they were creating problems... ect.... " ie guestbook... ect"

this will show them the IP, and time... which if they are reputable... they will lookup who actually accessed your address at that time....

and either ban them... or warn them they have received a complaint... about their inappropriate conduct....

mostly... they will just drop them... and tell them they can't use their service anymore....

IF you don't show them detailed information about what they were doing.... they won't do anything but... tell you they can't do anything without the details.... since just your complaint... is not enough for them to go looking through their massive log files...

you'll need a valid complaint.... and details from YOUR access logs...

if someone is trying to access something that doesn't exist... then you need your error logs.... this will show them trying to access parts of the site... you may removed... or changed....

if they are trying to hack a restricted area... your error logs will show all attempts....

HINT: Using .htaccess, you can restrict any host you want from accessing your web site.

but an accomplished HACK... can get around .htaccess.....

I personally like to have their ISP involved.... since your site is probably not the only one they are messing with.....

these people tend to enjoy creating havoc anywhere they can.... and usually on personal sites.....

If more people reported them.... they would soon get the message.... after being deined access.... eventually all ISP's in their area... will just not give access to them.... or they will get tired of getting kicked.... by their ISP's....

TRUE.... annonimity... on the internet.... is rare.... you are logged everywhere you go.... everything you do.... it's just a matter of... if someone... wants to bother.... looking into the log files....

which is normally only reserved... for when people make complaints....

True SB, and not to mention I myself get at least 2 host addresses through one ISP dial-up and there are multiple dial-up numbers for that ISP where I can get a completely different host address if I want.

Working with an ISP (those that care) is a good idea, they are not net police and almost completely rely on incidences being reported to them. My experience has been that most ISP's will gladly work with you if you can provide them with the proper data.

~bud

Well I did send his ISP a long letter before posting this showing them asll the things he was doing... i liked to plages where he had acctualy left his mark as far as on a message board and stuff like that it was time warner telecom.... but where do i put that .htaccess file at? in my htdocs folder? i mean where?

Thanks
Aaron Stewart

if you're gonna block by IP.... put it in the root folder... or the htdocs folder.... then deny..... that IP... or that subnet... or domain....