Jump to content

User Geolocation Restriction


PrinceOfAbyss

Recommended Posts

%7Boption%7D



File Name: User Geolocation Restriction

File Submitter: PrinceOfAbyss

File Submitted: 29 Nov 2012

File Category: Moderation Tools

Supported Versions: IP.Board 3.1.x, IP.Board 3.2.x, IP.Board 3.3.x, IP.Board 3.4.x



User Geolocation Restriction v1.1.2

User Geolocation Restriction (henceforth UGR) is an advanced tool that offers control over access and/or new registrations to your community based on the location of your visitors. Whether you run a strictly localized community or you want to counterfeit spammers or you simply want to monitor your users' locations, UGR will prove itself as a great asset in your hands.

Access and registration control: Spamwise, it is no secret that the vast majority of spammers originate more or less from a handful of specific countries. Prohibiting new registrations to visitors from those countries or at least allowing the registrations but automatically banning the members for future review or even, as an extreme measure, completely prohibiting access to them is by itself a very effective way to counterfeit spamming. Of course some legitimate members may be lost with that practice, but for the sake of a spam-free community they can be considered as collateral damage.

Application overview: The overview page in UGR v1.0.0 contained a great amount of information, making the interface a bit cluttered. This has changed in v1.1.0. It now displays a small, interactive pie chart powered by Google Charts, with no legend that would consume extra space. Instead, population data is displayed upon hovering with the mouse over each slice of the pie. Additionally, only Top 5 statistics are displayed on the side column for the rest of the information gathered by the application (leaving the rest of it available in other sections of the application).

Location discovery: This is the tool that an admin can use to periodically, manually re-scan each member's location. It is also used when the application is installed for the first time and the locations map of your members needs to be built. Then, during each new registration, the location of the new member is automatically scanned, and stored in the system. So, unless instructed by the application, there is no specific reason to periodically re-scan your members' locations. The locations map is again powered by Google Charts and displays population data upon hovering with the mouse over each region of the map.

Invitations: There are always exceptions that prove the rule, so UGR v1.1.0 offers the ability to invite members originating even from blacklisted locations allowing them to register an account to your community. This can be achieved through an easy-to-use form where you simply fill in an e-mail address that the visitor will use (prior contact between the admin and the visitor is required). The system then sends an informative email to that email address with further instructions. It is also worth mentioning that a task takes care of deleting unused invitations after a specified number of days (configurable in the application's settings).

IP Lookups: Detailed information about your members' IP addresses is available in the Members section (will be presented later). But an admin may need to check any other specific IP address as well for a number of reasons. In UGR v1.1.0, this is possible in this section. You are presented with a form where you fill in an IP address and the system returns any information available for it. Additionally, if the coordinates that correspond to that IP address are available, a Google Map is displayed pointing to the spot defined by those coordinates.

Integration in Members section: UGR v1.1.0 integrates very well with your Members section in ACP. More specifically, it adds a neat hovercard with detailed information about your members' IP addresses in all four locations where their IP is displayed (single member page, members list, incomplete members list and validating members list). The information contains their country, city, ISP, geographical coordinates, etc. Additionally, the advanced Member Search form is greatly extended by UGR. Especially in v1.1.0 this is implemented in a very unique way, allowing the admin to actually search for specific locations (or, for all locations but those specifically checked).

Detailed statistics: In UGR v1.1.0, a new section was added to relieve the clutter of Overview page. This is the Statistics section, where detailed lists are displayed for the subsections Population statistics (each location and the number of members originating from it), Denied Access statistics (the number of access denials performed for each location), Denied Registrations statistics (the number of registration denials performed for each location) and Sent Invitations statistics (the number of invitations sent to each location - determined after the visitor makes use of the invitation).

Logged actions: UGR v1.1.0 logs every action performed either automatically by the system, or manually by an admin. So, each access denial, registration denial, registration (from a blacklisted location) that ended in banning the new member (according to your settings) is logged. However, as those actions are performed by the system and are not admin initiated, the system groups them under Deleted admin. Additionally, any invitation sent to an email address by an admin is also logged.

Settings: Here you can set the settings of the application to tailor it to the needs of your community.

TOR network detection: Lately, a new privacy tool has been provided to users of the Internet. That is TOR network, which directs Internet traffic through a free, worldwide volunteer network consisting of thousands of relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Unfortunately, when this technology falls into the hands of users with malicious intentions, it can help them create havoc to your community allowing them to create multiple accounts, etc. UGR v1.1.0 takes care of this to some degree by comparing members' IP addresses against a list of IP addresses that are known to be part of the TOR network.

Installation process: The installation of the applications is pretty straight-forward and similar to the installation of any other application for IP.Board. You simply go to ACP > System > Applications & Modules > Manage Applications & Modules. There, you click on the prompt button on the narrow right column to install the application.

API authentication: If you are upgrading from v1.0.0, you do not need to perform what is described here. If, however, you are installing the application for the first time, you will have to authenticate yourself to the Geolocation API, which is queried by the application, before you can make use of its features. Failing to do so will display a warning message and the application will not function. In order to authenticate yourself to the Geolocation API, you simply have to fill your IPS member ID in the form mentioned in the application's settings or in the warning message mentioned above. Your IPS member ID is the number followed by your name in the URL when viewing your profile page in this community. Eg. my profile page is http://community.invisionpower.com/user/107076-princeofabyss/, so my member ID is 107076. Once authenticated, you will be given a key that you will have to type in the appropriate setting of the application.

Changelog in:

  • Version 1.1.2
    • Fixed a bug affecting location discovery of specific IP addresses and only on 32-bit servers
    • Fixed a bug affecting search filters in Advanced Member Search form not being honored when mass Prune/Move of returned members was selected
    • Fixed a bug that made Discover Locations to not work (just re-upload a fresh copy of the app to your server)
    • Added ping service for the Geolocation API
    • Added a counter informing about the remaining days of service
    • Added setting for turning off admin logging of access/registration control actions
    • Added IP detail hovercards in "Viewing Member" page, under "Actions > Show All IP Addresses"
    • Greatly enhanced access/registration control dropping API requests to just one per member session
    • Fixed an error in Advanced Member Search, where selecting a specific country and then de-selecting it was impossible
    • TOR network list is now maintained in-house, and retrieval of its IP's is performed by the API
    • Split the list of locations to control access and/or registrations into two lists, one for access control and one for registration control
    • Added detection of TOR network IP's
    • Modified the advanced Member Search form integration to search by specific locations
    • Added logging functionality to every action performed by the application
    • Added the ability to invite members originating from blacklisted locations
    • Completely re-designed the interface of the application making it more functional and aesthetically pleasing
    • Added a tool to lookup even "external" IP addresses (not related to your members)
    • Initial release
known and reported bug







China - 47,744 registration attempts prevented United States - 21,876 registration attempts prevented Russian Federation - 18,165 registration attempts prevented Ukraine - 16,802 registration attempts prevented Poland - 7,838 registration attempts prevented France - 5,927 registration attempts prevented Germany - 4,661 registration attempts prevented Sweden - 4,643 registration attempts prevented United Kingdom - 3,760 registration attempts prevented Netherlands - 2,826 registration attempts prevented Latvia - 2,722 registration attempts prevented Thailand - 2,138 registration attempts prevented Luxembourg - 2,096 registration attempts prevented Romania - 1,417 registration attempts prevented Moldova, Republic of - 1,048 registration attempts prevented [*]Version 1.1.1 [*]Version 1.1.0 [*]Version 1.0.0 [*]Attention: If you install this application to an IP.Board v3.2.3 (it may exist in earlier versions as well) and due to a , you will need to make one file edit to fix the bug before the AJAXed Member Search form in ACP can be extended with the geolocation criteria added by the application. The fix, however, is very easy to apply and is included in the bug report mentioned above. Important: Purchasing this application grants you the permission to use it in one community. If you want to use it in additional communities, you will have to purchase additional licenses. Some interesting stats taken from my community where UGR runs since March 2012 until today (May 22, 2013): Total spammer registrations prevented: 155,030 Top 15 spammer countries - Number of spammer registrations prevented:Disclaimer: My certainty about the legitimacy of the above numbers comes from the fact that my community is strictly localized, so I doubt any member coming from those countries wanted to become an active member of it for any reason other than for spamming.



here to download this file

Link to comment
Share on other sites

  • Replies 301
  • Created
  • Last Reply

Sorry for the delay guys, and thanks for not raging because of my absence.

Tuesday morning I woke up with terrible sore throat and high fever and went to the hospital... They found some severe form of tonsillitis, or whatever that fu@#&% thing is called in English... I had to stay in for 3 days after they "scraped" my tonsils to take out the pus, and gave me some heavy medication...

Today I got out, so I just quickly released a temp. compatibility fix, until I fully test every part of the app and release a proper version for 3.4.+ boards.

But 99,9% this was the only thing that needed to be changed.

So, to apply the fix:

  1. Download the single .xml file you'll find in the submission.
  2. Upload it to admin/applications_addon/other/geolocation/xml/hooks/
  3. Perform a Reimport Applications Hooks
Link to comment
Share on other sites

They found some severe form of tonsillitis, or whatever that fu@#&% thing is called in English... I had to stay in for 3 days after they "scraped" my tonsils to take out the pus, and gave me some heavy medication...

Just get better soon, take some time off and just rest :thumbsup:

P.S: It is called 'acute tonsillitis' and that is awful to have.

Today I got out, so I just quickly released a temp. compatibility fix, until I fully test every part of the app and release a proper version for 3.4.+ boards.

But 99,9% this was the only thing that needed to be changed.

Thank-you - now go and rest!

Link to comment
Share on other sites

I had to uninstall and reinstall with the option to drop tables. I lost my API key and now when I attempt to register for the API key it gives me ERROR: #2044.

I assume this is because I registered once before. Kind of short-sighted to not be able to either retrieve the key or register again. Help?

Link to comment
Share on other sites

I had to uninstall and reinstall with the option to drop tables. I lost my API key and now when I attempt to register for the API key it gives me ERROR: #2044.

I assume this is because I registered once before. Kind of short-sighted to not be able to either retrieve the key or register again. Help?

Probably a better idea to PM Prince and when he gives the API key, save it to a file for future use (that is what I have done).

Link to comment
Share on other sites

  • 3 weeks later...

Working fine for now. The developer helped me out by directing me to the instructions.

One suggestion would be to have an IP address exclusion list where you allow a member from a banned country access to your site or access to registration.

3DKiwi

Link to comment
Share on other sites

This can be added, and indeed it's a very nice idea, but there will have to be some kind of communication between the admin and the member that needs to be per-case whitelisted. Ie. I contact you to tell you I'm a legitimate member and would like to join your community although my country is among the ones you have blacklisted. Then give you some kind of information that you will then use to whitelist me.

The only difference is that IP address is not a good idea, as it may be dynamic. Think of the scenario where I give you my IP to temporarily whitelist me. But then, my IP may be dynamic so until you read my email, whitelist my IP, and then I re-try to register in your community, my IP may have changed to something else, so the whole procedure will have to be repeated.

Of course there is a better idea, using the email address to whitelist. So this (to use the email address) can definitely be implemented.

So, guys, before I release 1.0.1, is there any other feature you'd like to see in it?

Link to comment
Share on other sites

Using an email address to bypass the country block would be fine.

I would also like to ban a country or countries from my site completely i.e. China but allow all others access but then from a second list block additional countries from registering an account.

Thanks

Link to comment
Share on other sites

  • 1 month later...
  • 4 weeks later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...