Users who are logged in with a banned IP address appear to be able to continue posting without any issues, so long as they are already logged in.
I think it would make sense to disallow posting and editing on banned IP addresses - or to force log them out (so they can’t log back in, until they change proxy).
Additionally, as a feature suggestion, could be a real time-saver being able to auto-suspend users who attempt to sign in or post/edit on banned IPs.
Not sure I understand what you’re asking or maybe my post wasn’t clear.
To clarify, yes, you are right, by banning them I don’t want them there.
The only additional thing is that I also don’t want people to be able to continue posting after I’ve banned their IP. Currently, it seems that users are able to continue posting on banned IPs indefinitely. I’m guessing that it is due to them being already logged in prior to the IP being banned.
This is needed to allow for one-off exceptions to wide IP-based registration bans (e.g. how Wikipedia prevents signups, but not usage, from school addresses).
Use the “IP Lookup” functionality in the admin panel to ban accounts associated with a banned IP.
Yeah there are other issues with IP banning that are even more common such as mobile carrier IPs, single IPs can be shared by very large amounts of people simultaneously and shared by a huge amount of people throughout the day.
IP banning imo is somewhat a last resort and should mainly be used on dirty IPs that are unlikely to have any legit users.
I see what you mean in regards to allowing usage, but preventing sign ups. Last I checked, the IP bans also prevented sign in to existing accounts. I still think disallowing posting from banned IPs would make more sense than it wouldn’t.
Time based IP bans could be a good idea also, e.g. banning an IP for 30 days to prevent overly-broad destructive bans staying forever by default.
Time based account suspensions already exist. IP bans are a last resort - they’re easy to defeat and don’t guarantee a particular user is blocked from accessing a site. Many ISPs don’t hand out static addresses, which means you would need to block entire network ranges to prevent individuals from accessing a site. Most of us also have some form of cellular connection.
The truly determined can just open up Opera or Firefox and use the “privacy” VPN features which are built in. IP whack-a-mole really isn’t the way to handle this kind of stuff.
I agree with all your points. I’m aware of the time based individual account suspensions which are useful.
The points being made would also be points against automatically permanently banning (with no alternative choice) registration and last used ip when flagging a post as spam and deleting the user + content.
IMO each individual spam prevention feature, is generally easily defeatable by itself. Each feature has different scenarios that suit it better. Sometimes they are just a short temporary fix that can be used while a better solution is implemented. It is better to have multiple tools to fight spam (both prevention and clean up). Also that, spam defenses are only as strong as the weakest link.
If a spammer is running 100 accounts on the same IP (not the same as the unique registration IPs). A moderator who searched accounts that use that IP are in for a lot of manual work to simply stop them from posting despite how easy it is to identify them. Manually navigating to all 100 of the user admin pages, selecting suspend, select duration, input reason/email, submit. Much slower if wanting to delete these spam users + content also.
There is the bulk account deletion feature when you click on a user IP on their admin page. It is more heavy handed than just preventing posts on banned IPs. It rarely works for me though, just runs forever without deletions being processed.