namaste 0 Posted February 7, 2009 Share Posted February 7, 2009 (edited) I know how to use the IP Manager to block an IP address or range of addresses. The problem I've been confronted with recently is when either a person or a script (?) is used to sign up to our Web Page, and the IP address is 'masked'. I assume this is what is happening as the relevant section of the PHP Nuke file, nuke_users shows a '0' rather than the normal series of numbers for the IP address. This invariably happens when the the Discussion Forum is used to post links to various other sites, mostly someone selling rubbish, religion, et cetera. Am I making the correct assumption here, i.e., the IP address is indeed masked, and if so how or is it possible to still trace / unmask those pests? I know that some years ago --- at least 10--- you could send an eMail to someone via a specific site which stripped off any indication of the true origin of the eMail, so I'm thinking this has now been ported over to the IP address. Any suggestions? Thank you and make a nice day, namaste Edited February 8, 2009 by TCH-Thomas Quote Link to post Share on other sites
SteveW 0 Posted February 8, 2009 Share Posted February 8, 2009 If there's a timestamp for that user's access in your PHP Nuke file, you could check your HTTP access logs (thru cPanel, not PHP Nuke) for who was accessing the site at exactly that time, and maybe find the true IP that way. If the IP in your access log is just "0", that would be weird, but I think it's possible. If someone sends a request to a site with a spoofed or 0 IP address, they'll never get a page back from the site, but in the case of malicious requests, the sender wouldn't care. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.