How can I block an IP address? are there wildcards?

I can’t see an Admin option to block IP or a range of IPs, is there one?

Thanks!

1 Like

Yes, go to Admin, Logs, Screened IPs. either star wildcard or the crazy standard subnet nomenclature will work.

3 Likes

Thanks!
so 10.20.30.* will work?

2 Likes

Yes, that is the same as
10.20.30.0/24

But for
10.20.*.*
you need to do
10.20.0.0/16

Look for CIDR masking if you dare

4 Likes

10.20.* should also work as expected.

2 Likes

Is there any kind of character limit here? We are going to need to block entire countries by company policy.

1 Like

Have access to root? You can ban entire countries at the kernel level with iptables.

2 Likes

I know it’s a little politically sensitive, but could anyone share a good list of IP address ranges to block for a site that runs just for a local community in the UK? A block list that removes countries like Nigeria, China, Russia etc.

Are you running akismet?

2 Likes

No, I don’t have akismet set up but I certainly will do if I start getting spammed.

One moment there… You are not getting spammed and still want to block huge portions of the planet?

3 Likes

Yes. Perhaps we can discuss political correctness in a different thread? I’m running a forum for people within a small region of South East London. The value to me of protecting against the worst offending spammer nations is far greater than the cost of excluding a tiny number of casual visitors from around the world who might stumble upon my forum.

1 Like

IMHO a compromise would be the better approach than an all out preemptive Blacklisting.

Kind of a “extremely harsh manual roll-up”

That is, wait for some SPAM to happen.
Say it’s IP is “123.123.123.123”

What Discourse does automatically is when more SPAM happens from
“123.123.123.124”, “123.123.123.125” etc. it Blacklists “123.123.123.0/24”
That is, all IPs beginning with “123.123.123.__”

As long is your forum’s target audience is only very local, you could do the roll-up yourself.

eg. SPAM happens from “123.123.123.123” you check and find that those using that IP should have no legitimate interest in joining your forum.

You could add “123.123.123.0/24” yourself without waiting for Discourse to do a roll-up.

Take care with this approach. bit masking IPs isn’t exactly the easiest thing to understand and doing it wrong might Blacklist innocents

3 Likes

But… You don’t have a problem now? I don’t see why you need to do anything here?

It is generally a bad idea to build things speculatively based on imagined problems you might have.

That said I strongly recommend using our Akismet plugin for every Discourse site. Human spammers are a huge and growing problem across the entirety of the Internet. (Akismet is built in to all our hosting plans.)

6 Likes