IP Block On Blog Comments
I never wanted to have to do this but today I've started to maintain a list of IP addresses from which I will not allow any posts on this site. It's been at the back of my mind for a while and I wasn't sure whether I would ever bother to implement it. Then some idiot decides to post some ridiculous story in response to yesterday's post about stupid posts. It's all too much sometimes. I accept that there are idiots in the world and nothing can be done to change that. I also accept that banning IP addresses is not a fool-proof solution. However, it works and should act as some level of deterrent.
If you're wondering how I did it, read on. Anybody who's seen any of my templates should be familiar with Application Settings documents. I added one of these that will contain a text-list of offending addresses. Then the comments forms had a field called SaveOptions added to them. This field simply cross-referrences the current user's IP address with this list. If they match then the field value is "0", and nothing is saved, otherwise it's set to "1" and all is okay.
That's an awesome approach, but I'm curious to see what type of reaction you'll get from the readership.
Maybe all of us that run a sit should contribute these addresses, implement the approach and then "subscribe" to the listing... a MAPS of stupid posters!
<here's to hoping I'm not on the list>
Good idea Chris. Start with this one:
66.27.106.203
It's a bit of a neverending task though as a new IP address is anything but hard to come by. There are even proxy sites you can use if you *really* want to remain anonymous....
I'll put the ability to block addresses in to the new version of "DomBlog" template when I get round to it as well.
True, but it's a deterrent that'll keep salespeople off of your site ;-)
If you kept the IP address from what post (which I'm sure you did), simply add that to the list and now no-one else will get "spammed".
Okay, including the post form the lady advertising her wares:
203.196.170.181; 66.27.106.203;
Had actually forgot to add hers. She did reply to my mail and promise never to do it again. Never trust a sales person I say. It's been added to my list.
Block This!
It never ceases to amaze me what an arrogant asshole you are. I keep asking myself why I continue to read your dribble, I guess it is like watching a train wreck. The guys hear love talking about your latest ego-centric dialog. Keep up the good work!
I used to block who could post to some sites I was maintaining. Found life became a little boring. Stupid people make life interesting and driving a challenge.
The post above mine is nothing if not amusing.
Keep posting the IPs -- maybe a whois will turn up something interesting :-)
Unfortunately you'll still get those to post who have nothing reasonably intelligent to add (above case in point).
I think there might be one concern to consider. Currently I'm posting from a large corporations site and the only IP address you'll get is one of our proxy servers. If you were to block someone else from within my organization, you would also be blocking me. Just a thought. Not a complaint. Codestore is your domain and you have every right and responsibility to run it as you see fit.
Dear Jake,
I fiddled with IP addresses too but came back to the old way sending me an e-mail when a new comment is posted with a copy of the content. As I like reading the comments anyway I find this a handy approach and found it much more effective than IP blocking. If you can use Notesmail you can also implement a blocking (delete) button that will be send back and disable the post.
Cheers
Henning
I'm down with Henning, you receive an email w/ the content along w/ link to delete or disable the post. And Jake, your no egocentric ahole, your site and time is much appreciated. I hope to get to the other side of the pond soon and treat you to a few pints for providing me w/ your expertise.
Jake, I know it's well-known to people doing this stuff for awhile, but you shouldn't even whisper as to how to get around your blocking.... let them figure it out. Now, if the guy was a teenage kid who's just learning, he might not have known that he can get around your block... but now, he can google it.
food for thought...
Anyway, ip blocking will probably be OK and if someone at the same company gets blocked, they can e-mail you and ask you to take off the block, right? By that time, the offending person will more than likely still think he's blocked and not post anyway.
Later,
Scott
I'm not sure that IP blocking is really effective given that most people use dynamic IPs, they're easy to spoof, etc. I think there are better approaches to the problem. The best is to moderate the messages. Simply delete the bad ones. Another way is the slashdot rating system. Check it out if you haven't heard about it. It is fairly ground breaking.
Anyway, I think that discussions are for fun. People can read what they want and ignore the rest. It's all good.
It's kind of funny - if you read it carefully, that troll that was posted might as well have been from a troll-posting 'bot. Much too generic a criticism and could be applied to just about any discussion board (not that I agree with it in this case...)
Keep up the good work Jake.
Hi Jake,
Well, I read your site weekly and must say I enjoy it quite a lot. Thanx for all the work you put into it ;o)
I cannot say that I agree with your idiot-ip list though. Besides the obvious problems with Proxy Servers, I do think that it is a bit arrogant of you to call people idiots just because they use your site in a way that you did not intend it to be used! I do understand that it is your site and all, but most (if not all) of us will just ignore the person and not respond to the Spam. The comment in question was posted on the 13.03. (2003 I assume) in response to a article you posted on 22.10.2001. If you hadn't brought it to our attention I doubt anybody would have even noticed ;o) I feel you are making a mountain out of a molehill here - sorry. Deleting the offending message also means that the rest of us cannot be assured that our messages are not also deleted if they don't fit into your world view!
Here's an idea - how about you mask offending messages (ones you personally find offending) by placing a link to the origional message in the comment - that way, you are still moderating the messages, but anybody who really feels the need to see such messages can see them ;o)
Please, use your energy to give us another great article and not on creating a web-site for all the "non-idiots" out there ;o)
Keep up the good work
Ursus
A better way of doing this is to surely have a registration system.
People who register must wait untill approved by you. One approved they can post limitless without any moderation. Average anonymouse joes can then post, but these posts are moderated. It's a really simple way of dealing with people, but you could also add your IP blocking script in, but with a timeout feature which simply looks at the time the evil IP attempted to enter your site and if it's over 2 months or whatever then unban them because it may be just another normal notes joe by then.
scuse me i this was typed a little rushed. It's a Boss over shoulder moment... again
If this thread shows anything, it's the fact that there is no final solution to the problem, just various approaches - depending on your personal favours - that do or do not work to some degree.
For those who already forgot: Jake DID once approve each and every posting prior to publishing it. He made the step away from that policy for good reasons (having a more lively response in the first place, probably saving some time as well). The downside is obvious now (and I'm sure that he was fully aware of it from the very beginning).
Creating a registration system is surely possible, but not only is this some serious piece of work, it also requires you to have some administative controll over the server. Plus it might take away some valueable spontaneous responses while still not keeping idiots - and I fully agree to Jake's use of that idiom - from registering again and again.
Furthermore I don't conform to the old - still wrong - 'security by obscurity' approach. Keep in mind that Jake could have easily implemented this new feature without telling anybody. Would anybody have prefered it this way? I don't think so. If there is whatever problem either with Domino or with this site, Jake talks about it loud and clear. That's one of the reasons I come here almost daily.
Noone can force you to provide storage capacity for bullshitty stuff that doesn't relate to your web site's topic at all, no matter how the link to that content is made up. Quite the contrary, depending on the nature of this content, you might actually be forced to remove it immediately for legal reasons.
Maintaining a site that allows everybody to add his opinion is a risk. It's completely up to Jake, how he want's to handle that risk. Whatever his final decision will be, I'm sure he'll come up with an approriate solution in the end. End tell us about it.
Hugh!
Thanks Harkpabst. You're right, it is up to me what I do. And whatever I do it won't be a decision I take lightly. My whole professional reputation is built around this site and the last thing I want is people coming here (note the spelling of "hear" Mr HaHa!) and reading nonsense and stories of underage sex.
Not only that it bores me and upsets me that people have the arrogance to call me arrogant. If anything that's the last thing I am. A lot of time and thought goes in to this site and I do it primarily for you lot. If the abuse continues I can't guarantee the site will.
Hi, Jake.
We have the same problem in barrapunto.com site and notesring.com but i think is better to ignore all those comments. When i don't like a site i don't surf to the site.
The best way is ignore all of them. In a pair of weeks they will stop to post to your site.
In addition you'll have a lot of problems blocking these posts. There are lot of people beside proxy servers ... and the idiots can post from everywhere ( a ciber, by example ).
Thanks for your site, Jake!
Note : Sorry, i'm spanish and my english is very poor. I hope you understand me. ;-)
Not too long ago, I read this on a colleague's desk:
"Never argue with a stupid: First they drag you down to their level and then they beat you with their experience."
I think that's the best approach to take in these situations.
My personal suggestion is to just delete those offending/unwelcome comments as soon as you first see them. Also, implement your IP blocking idea without making any detailed announcements about it.
If anyone is wrongly blocked, they'd be sure to come knocking your doors, but if you keep talking about it, the idiot poster gets the satisfaction (s)he never deserved.
I'd agree with Pritesh's comments.
The most important thing from my point of view is not to beat yourself up about it. Your site is superb, you've got sooooo many followers so don't you dare give it up..... or we'll track you down and burn ya! :-)
For what its worth, I agree with the comment that ignoring them is best. Delete the message as soon as you see it and don't say a thing. Block the ip, since you can. Anything you add to it is just "feeding the troll" and will only encourage them.
Jake,
Mountains and molehills spring to mind. It would only take a couple of clicks for you to delete what you consider to be inappropriate messages, and you've already expended more effort in implementing an IP blocker (which is of dubiuous use for small numbers of messages) and typing responses to this thread.
If you getting spammed by the hundreds and that degrades the value of the site to its visitors, then by all means put in some automated control. If individual comes here to disrespect you or your work in a single message, then maybe that's feedback that you should take on board, even if you consider it out of hand.
I recently had a HotorNot poll on my site, and although it only attracted a few responses, I took the negative ones to heart and reconsidered what my site means to other people. I made some changes and now consider it better.
I think you consider this site to be a private work, but it is now a public forum, whether you like that or not. If you don't like that, why solicit feedback via the comments. If you want to protect the 'value' of your site, then why not have people email you and then you can publish 'excepts' from that correspondence that you deem relevant to the site.
What I'm getting at here is that you have to take the rough with the smooth. You do a great job here, but at the end of the day people come here for top quality Domino related information, and your personal battles only degrade the value of that unless you can put it in the context of Domino advice. By all means talk about inappropriate posts, but tell us more about the technical challenges that they create, and how you go about solving them. And if you stand in a room and start pointing out the 'idiots', its only so long before the 'normal' people start thinking you could be referring to them.
Most of all, keep up the good work.
harkpabst_meliantrop creating a custom registration system isn't that hard, and you don't have to have admin access to the server.
You simply have to use cookies to store the userid and a hash of their password. Setup a user db with the id and their password and simply match them on every page by jamming a subform in the top of your forms.
This is what i've done,
so we wouldn't have to add public users to the address book. It's simple and works fine.
Another option is to create a registration system using PHP. It is similar to prawnFresh's idea above, but just uses a little different technology to do so.
This can even be as simple as adding the username and password to a *.txt file on the server during the registration process. Once that is completed, you simply need to parse it.
Well, I've just been for a stroll with Mike (Golding) and he's come up with the perfect compromise. Instead of blocking the naughty IP addresses you simply mark them for approval before they appear. Simple yet effective.
Jealousy is a strange behaviour in humans - it seems to go even further into the 'strange' with techie 'jealousy' - I would take it as a compliment that people think of you as a big enough 'target' to try and upset/annoy - best to see it that way - else you piss yourself off - and they win! - im not that calm/mature etc so personally I tell the BB posse that a certain mr H is hiding in their basement!!
prawnFresh, your right, for the needs of a commenting system it's probably not necessary to implement "real" Domino user authentication. In general I dislike hacking around readily available Domino core functionality so much, that I didn't even think about such an approach. Sometimes this might prevent me from catching the most suitable solution ... :-)
However, I still consider the implementation (including proper handling of no-cookie-surfers) to be rather work than fun ;-). At least more work than Jake's original IP blocker.
Hi there..
I really would like to learn how to blog some IP from entering my site. I am a newbie so I dont really know how. Search in the yahoo led me to this site. I really hope u can help me.Thank you..Please Email me..i really could use some help