Site keeps banning IP even after whitelisting
Standard member
One of my members IP address keeps getting banned by the stopforumspam processing even though they are not listed there.
I removed the row from the database but they were re-banned as soon as they tried to log in.
I again removed the row then added the IP to 'IP addresses that may not be auto-banned' but again they are banned. The action log shows that this IP address was added correctly to the whitelist on the date I did so.
After 9 direct messages between us they have given up, this is not good.
Does anyone have any insight into why this may be happening?
Thanks
TQ
Last edit: by TQ
Standard member
"no violence, no hate, no pain, no enemies
just peace, unity, tolerance and love" - The Beloved
just peace, unity, tolerance and love" - The Beloved
Standard member
SoccerDad said
Hey TQ! Just so all the low hanging fruit has been picked: have you cleared the cache(s) of your Composr installation?
From “Post #9,027”, 24th February 2023, 2:55 pm
Thank you for your response
SoccerDad
.I had discounted that because I wouldn't have expected the SFS results to be cached but I've now flushed everything anyway.
Here's hoping.
TQ
Site director
Become a fan of Composr on Facebook or add me as a friend. Add me on on Mastodon. Follow me on Minds (where I am most active). Support me on Patreon
- If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
- If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
- If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
- If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Site director
However, there's also the "Spammer checking exclusions" config option which does a similar thing, but should completely stop stopforumspam running (i.e. runs at a higher level).
Become a fan of Composr on Facebook or add me as a friend. Add me on on Mastodon. Follow me on Minds (where I am most active). Support me on Patreon
- If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
- If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
- If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
- If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Standard member
I have now added the required IP to the list and asked the member to retry.
One last, but not insignificant point I forgot to mention, the IP in question is NOT listed at SFS, how strange is that!
Tnx again
Nick
Site director
Become a fan of Composr on Facebook or add me as a friend. Add me on on Mastodon. Follow me on Minds (where I am most active). Support me on Patreon
- If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
- If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
- If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
- If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Standard member
Chris Graham said
You did mention it not being in SFS. My brain is a little scrambled today from my medical condition, so was just doing it one bit at a time. Could you email me the IP and I'll look into that too.
From “Post #9,032”, 24th February 2023, 8:38 pm
On it's way.
Nick
Standard member
Chris Graham said
The unbannable IPs feature is buggy and I'll get a fix out soon.
However, there's also the "Spammer checking exclusions" config option which does a similar thing, but should completely stop stopforumspam running (i.e. runs at a higher level).
From “Post #9,030”, 24th February 2023, 7:13 pm
That worked, I've just received confirmation from the member.
Tnx
Nick
Site director
0005369: Problems with IP banning - Composr CMS feature tracker
This is the commit:
Fixed MANTIS-5369 (Problems with IP banning) (f95e237c) · Commits · Composr ecosystem / Composr · GitLab
As for StopForumSpam, the issue is on the member's email address's domain name. The message we give for an SFS result is misleading, because it gives the IP and you'd reasonably think the issue is on the IP. We'll get that improved on v11.
Become a fan of Composr on Facebook or add me as a friend. Add me on on Mastodon. Follow me on Minds (where I am most active). Support me on Patreon
- If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
- If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
- If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
- If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Standard member
Chris Graham said
There were some big bugs in the IP banning functionality:
0005369: Problems with IP banning - Composr CMS feature tracker
This is the commit:
Fixed MANTIS-5369 (Problems with IP banning) (f95e237c) · Commits · Composr ecosystem / Composr · GitLab
As for StopForumSpam, the issue is on the member's email address's domain name. The message we give for an SFS result is misleading, because it gives the IP and you'd reasonably think the issue is on the IP. We'll get that improved on v11.
From “Post #9,039”, 26th February 2023, 1:30 am
Thank you Chris.
I have reverted to using the whitelist for this IP.
I see the member is using a disposable email address, is this the reason that SFS flagged this user? It would be fantastic if it was!
Thanks again for your rapid response.
Nick
Site director
TQ said
Chris Graham said
There were some big bugs in the IP banning functionality:
0005369: Problems with IP banning - Composr CMS feature tracker
This is the commit:
Fixed MANTIS-5369 (Problems with IP banning) (f95e237c) · Commits · Composr ecosystem / Composr · GitLab
As for StopForumSpam, the issue is on the member's email address's domain name. The message we give for an SFS result is misleading, because it gives the IP and you'd reasonably think the issue is on the IP. We'll get that improved on v11.
From “Post #9,039”, 26th February 2023, 1:30 am
Thank you Chris.
I have reverted to using the whitelist for this IP.
I see the member is using a disposable email address, is this the reason that SFS flagged this user? It would be fantastic if it was!
Thanks again for your rapid response.
Nick
From “Post #9,040”, 26th February 2023, 10:08 am
I don't know the specifics, but that seems a reasonable guess given any account I tried on that server got flagged as spam.
Become a fan of Composr on Facebook or add me as a friend. Add me on on Mastodon. Follow me on Minds (where I am most active). Support me on Patreon
- If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
- If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
- If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
- If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Site director
TQ said
Chris Graham said
There were some big bugs in the IP banning functionality:
0005369: Problems with IP banning - Composr CMS feature tracker
This is the commit:
Fixed MANTIS-5369 (Problems with IP banning) (f95e237c) · Commits · Composr ecosystem / Composr · GitLab
As for StopForumSpam, the issue is on the member's email address's domain name. The message we give for an SFS result is misleading, because it gives the IP and you'd reasonably think the issue is on the IP. We'll get that improved on v11.
From “Post #9,039”, 26th February 2023, 1:30 am
Thank you Chris.
I have reverted to using the whitelist for this IP.
I see the member is using a disposable email address, is this the reason that SFS flagged this user? It would be fantastic if it was!
Thanks again for your rapid response.
Nick
From “Post #9,040”, 26th February 2023, 10:08 am
To add on what I know, disposable IPs are blocked by some RBLs. I just checked, and Stop Forum Spam is one of those. Check out Stop Forum Spam and scroll down to "Tor Exit Nodes". This indicates to me that Stop Forum Spam lists Tor Exit Nodes by default, and "notorexit" must explicitly be passed in their API to disable this behavior (Composr does not do this). Other blocklists such as efnet and Tornevall also list Tor exit node IPs as well. It is possible the member had a listed exit node, which Composr blocks by default (since it is returned to Composr from the Stop Forum Spam API).
- Need support for version 10? The core development team is no-longer offering it for free (unless it's a critical bug that breaks your entire site or a serious security hole). Please consider hiring me instead if you need v10 support or a non-critical bug fix. Or, ask the community in the forums!
- Do you enjoy Composr? Please consider contributing your talent to the project or recommending Composr to others. Even small contributions make a big impact in the Composr community.
- Do you have feedback for us? You can report bugs, suggest features, or give feedback on the Free support options page.
- Do you need professional service with your Composr website? Please consider contracting me for your needs through my company, PDStig, LLC. Doing so will also help fund Composr development.
- Want to watch live streams of me developing Composr CMS? Please subscribe to me on Twitch to be notified when I stream. Composr development streams are usually spontaneous / not scheduled in advance as work priorities come first.
Standard member
Patrick Schmalstig said
TQ said
Chris Graham said
There were some big bugs in the IP banning functionality:
0005369: Problems with IP banning - Composr CMS feature tracker
This is the commit:
Fixed MANTIS-5369 (Problems with IP banning) (f95e237c) · Commits · Composr ecosystem / Composr · GitLab
As for StopForumSpam, the issue is on the member's email address's domain name. The message we give for an SFS result is misleading, because it gives the IP and you'd reasonably think the issue is on the IP. We'll get that improved on v11.
From “Post #9,039”, 26th February 2023, 1:30 am
Thank you Chris.
I have reverted to using the whitelist for this IP.
I see the member is using a disposable email address, is this the reason that SFS flagged this user? It would be fantastic if it was!
Thanks again for your rapid response.
Nick
From “Post #9,040”, 26th February 2023, 10:08 am
To add on what I know, disposable IPs are blocked by some RBLs. I just checked, and Stop Forum Spam is one of those. Check out Stop Forum Spam and scroll down to "Tor Exit Nodes". This indicates to me that Stop Forum Spam lists Tor Exit Nodes by default, and "notorexit" must explicitly be passed in their API to disable this ßehavior (Composr does not do this). Other blocklists such as efnet and Tornevall also list Tor exit node IPs as well. It is possible the member had a listed exit node, which Composr blocks by default (since it is returned to Composr from the Stop Forum Spam API).
From “Post #9,046”, 1st March 2023, 4:18 am
Hi Patrick,
I too scoured the SFS forum & API info yesterday and discovered that the user in question email domain is listed as toxic so this confirms everything you say. It's part of my sites T&C's not to use disposable email addresses because it clogs up my mail server with delivery retries.
I for one appreciate that the new (to me) features like toxic domains etc. are included by default which drove me to search the Composr database for the SFS results. I had no success but would like to have found them to provide an insight into why potential members get banned automatically.
I have been blessed with good fortune as far as spam is concerned. I enabled every protection Composr offered as a result of me making a mistake years ago that left me with over 5k of spam messages overnight which was a nightmare to clean-up.
Thanks again for taking the time to investigate, very much appreciated.
Nick
Site director
TQ
I will keep your suggestion in mind. We are currently finishing up development of Composr version 11. That could be a feature we add in either in 11 or a later version like 11.1.
You could add it to the tracker if it is not already there.
- Need support for version 10? The core development team is no-longer offering it for free (unless it's a critical bug that breaks your entire site or a serious security hole). Please consider hiring me instead if you need v10 support or a non-critical bug fix. Or, ask the community in the forums!
- Do you enjoy Composr? Please consider contributing your talent to the project or recommending Composr to others. Even small contributions make a big impact in the Composr community.
- Do you have feedback for us? You can report bugs, suggest features, or give feedback on the Free support options page.
- Do you need professional service with your Composr website? Please consider contracting me for your needs through my company, PDStig, LLC. Doing so will also help fund Composr development.
- Want to watch live streams of me developing Composr CMS? Please subscribe to me on Twitch to be notified when I stream. Composr development streams are usually spontaneous / not scheduled in advance as work priorities come first.
1 guest and 0 members have just viewed this.
