Notifications
Clear all

wpForo 1.x.x [Closed] IP address of members

21 Posts
8 Users
3 Reactions
2,277 Views
Posts: 1187
Topic starter
(@percysgrowroom)
Noble Member
Joined: 5 years ago

I yer again being spammed by the same wanker!!! 46 account created today by this tiny d**k mother fucker with nothing else better to do! 

I am not able to find his IP address to ban him via that, and it makes me think..... why not???

We should be able to see the IP address of all of the people who sign up to the site. SO we can ban spammy batsrds like this rat who is plaging my site. 

I dont know what kind of sad person sits around making up fake accounts on some one else's site, especially the couple of hundred this rat has made!

I need a away to get his IP address so I can stop this stupidness. And would like to know why we can find it on the members dashboard. 

Thanks in advanced for any help, I really want to do something about this rat now! I thought he would have got bored by now and fucked off. But no, So I need a way to find his IP. 

Any ideas~? 

20 Replies
Posts: 1187
Topic starter
(@percysgrowroom)
Noble Member
Joined: 5 years ago

lol, the rage can be felt in this message l**o

2 Replies
Tutrix
(@tutrix)
Joined: 4 years ago

Noble Member
Posts: 1449

@percysgrowroom

You can try CleanTalk, $8/year, 7 days free trail

https://wordpress.org/plugins/cleantalk-spam-protect/

https://cleantalk.org/wordpress-security

 

Robert
Admin
(@robert)
Joined: 9 years ago

Support Team
Posts: 10589

@percysgrowroom,

Ok, don't forget that wpForo is based on WordPress user system. Just find and install some WordPress plugin which detects and allows you to block users by IP. Here is a good example: https://wordpress.org/plugins/ip2location-country-blocker/

And there should be tons of such plugins in WordPress plugin directory, all should work fine with wpForo.

st7878
Posts: 111
(@aima-forum)
Estimable Member
Joined: 5 years ago

I solved a similar problem through hosting features.

dimalifragis
Posts: 2615
(@dimalifragis)
Famed Member
Joined: 4 years ago

@percysgrowroom I already provided to you a solution a few weeks back.

 

https://wordpress.org/plugins/when-last-login/

7 Replies
(@percysgrowroom)
Joined: 5 years ago

Noble Member
Posts: 1187

@dimalifragis As you know mate, my site already has too many plugins, I do not want to install one just for this. You can find the IP addresses of members in the forum debug screen. So why are admin not able to see this on a members profile? 

Is it possible to make it so, no account is created until the email has been verified? 

 

dimalifragis
(@dimalifragis)
Joined: 4 years ago

Famed Member
Posts: 2615

@percysgrowroom Fair enough. But there are no IPs kept for users from wpForo. The debug IP you see is only the admin's IP. There are no records kept in wpForo and Wordpress for IPs, as far as i know.

So a plugin (as also Robert suggested) is the only way to go.

st7878
(@aima-forum)
Joined: 5 years ago

Estimable Member
Posts: 111

@dimalifragis wpforo registers an IP address, but only for registered (with verified e-mail) users.

 

dimalifragis
(@dimalifragis)
Joined: 4 years ago

Famed Member
Posts: 2615

@aima-forum It appears wpForo does that for ONLINE users. Doesn't keep any records.

Robert
Admin
(@robert)
Joined: 9 years ago

Support Team
Posts: 10589

@dimalifragis,

This is a session entry inserted in the wp_usermeta table by WordPress functions. This doesn't come from wpForo. wpForo only selects all wp_usermeta data of the inserted user ID and shows there.

dimalifragis
(@dimalifragis)
Joined: 4 years ago

Famed Member
Posts: 2615

@robert Still this information is for online users? No log is kept for each and every user, right?

Robert
Admin
(@robert)
Joined: 9 years ago

Support Team
Posts: 10589

@dimalifragis,

This question should be asked in WordPress support forum. I think the information can be kept by WordPress even if the user is no more online.

You can find more information here: https://wpactivitylog.com/delete-all-user-sessions-wordpress/

dimalifragis
Posts: 2615
(@dimalifragis)
Famed Member
Joined: 4 years ago

@percysgrowroom Some thoughts of mine, feel free to ignore.

I have encountered this issue several times. I have tried to ban IPs, filter domains, you name it. I have failed since it requires a lot of work from us and also because IPs are dynamic and they change.

So the best way is to block whatever comes in BEFORE reaching Wordpress (before the login/resister) and automate it. I mean block it automatically for a while and after a few hours release the IP. 

How to do that? Only with a plugin. You have to search and test. No easy way.

An other way is to ask your hosting provider for Immunify360. This is a server-wide security A.I. solution that blocks in 1/3 (or something) the ammount of spam/attacks/brute force/TOR login/Risky IPs etc etc). Invisible to your site, it is managed from the server admin. It works well and it is developed from the guys at CloudLinux. Cloud based.

 

2 Replies
(@percysgrowroom)
Joined: 5 years ago

Noble Member
Posts: 1187

@dimalifragis Thanks mate, I will look into doing it with the host and see what they can do. 

I appreciate the help, nice one mate 

dimalifragis
(@dimalifragis)
Joined: 4 years ago

Famed Member
Posts: 2615
Posted by: @percysgrowroom

@dimalifragis Thanks mate, I will look into doing it with the host and see what they can do. 

I appreciate the help, nice one mate 

Check it out:

https://www.imunify360.com/

 

Page 1 / 2