Blacklist webmasters

Anon

Hi everyone. Would sombody tell me the best way to blacklist bad webmasters from abusing my site? Do I need to log their IP, then flag as bad if I catch them, then screen all new submitions through the list? I just want to be able to mark them as bad, then prevent them from future using my site.

thank you - Jason

Anon

Aren't YOU the webmaster of your site? What do you mean that they are "abusing" your site? Are they hotlinking to your content or something?

Need more info on what you are trying to stop them from doing...

Anon

Yes I am the webmaster, but other webmasters can submit messages, links, etc. to my site. Every once in a while a bad webmaster tries to submit illegal stuff! I want to blacklist them from using my site in the future. I can't watch it all the time.

Example: webmaster of site abc.com posts illegal porn. I wan't to block webmaster of abc.com from posting in the future.

thanks for the reply!! - Jason

Anon

Well, you could cookie that user with a unique identifier and have that written into a log with his/her posts. Subsequently just check the cookie against a "banned list" before allowing posts.

You could also use .htaccess modifications to exclude the IP address of the user. However, many people are using ISPs that assign dynamic IPs at the time of login.

HTH,
James

Anon

It's way harder than you think. There is no one-to-one
correspondence between IP addresses and users (never
has been, but that's another matter!) Don't waste
your time going down that blind alley.

However, one that that is easy to do regarding posting
links. Since links are highly structured, it wouldn't be
that hard to prohibit a domain name from being posted
once you've decided it's persona non grata.

Anon

Even a webmaster usually accesses the 'net through an ISP, so his IP address will probably change each time. IP address is not a good screening tool.

You could drop a cookie on his hard drive to "mark" or identify him; but how long would it take a "webmaster" to figure that out and delete it or block cookies?

If the rougue links he or she is entering are links back to their own websites, then you can keep a database of domains that are "blocked", as Kirk sugested.

It is really hard to identify individuals over the Internet, especially if your server is wide open. You could have some type of user authentication (user id & password) that you can revoke if they post something bad. If you don't want to go that route, then the next best suggestion is to add an "approved" flag to your tables and don't display anything unless that flag has been set. Just let people know that it might take a day or two before their posts are approved and show up on the site.

-- Rich Rijnders
-- Irvine, CA US

Anon

Thank you everybody! Guess this is a tougher issue than thought. Blocking domain seems the easiest and most effective. I also like approving first, but requires more monitoring.. I like automating as much as possible 🙂 - Jason

Anon

Oops, forgot to reset my "name"... newskool99 is me, but real name is Jason for now on 🙂