Jump to content
namaste

How To Unmask An Ip Address In Order To Ban It ?

Recommended Posts

I know how to use the IP Manager to block an IP address or range of addresses. The problem I've been confronted with recently is when either a person or a script (?) is used to sign up to our Web Page, and the IP address is 'masked'. I assume this is what is happening as the relevant section of the PHP Nuke file, nuke_users shows a '0' rather than the normal series of numbers for the IP address. This invariably happens when the the Discussion Forum is used to post links to various other sites, mostly someone selling rubbish, religion, et cetera. Am I making the correct assumption here, i.e., the IP address is indeed masked, and if so how or is it possible to still trace / unmask those pests? I know that some years ago --- at least 10--- you could send an eMail to someone via a specific site which stripped off any indication of the true origin of the eMail, so I'm thinking this has now been ported over to the IP address.

 

Any suggestions?

Thank you and make a nice day,

 

namaste

Edited by TCH-Thomas

Share this post


Link to post
Share on other sites

If there's a timestamp for that user's access in your PHP Nuke file, you could check your HTTP access logs (thru cPanel, not PHP Nuke) for who was accessing the site at exactly that time, and maybe find the true IP that way.

 

If the IP in your access log is just "0", that would be weird, but I think it's possible. If someone sends a request to a site with a spoofed or 0 IP address, they'll never get a page back from the site, but in the case of malicious requests, the sender wouldn't care.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×