Block IP address from commenting?

Oct 22, 2009 at 9:42 PM

Is there a way to block an IP address from commenting or even from viewing the site?  An extension maybe?

Oct 23, 2009 at 12:24 AM

Use Commentor (http://rtur.net/blog/post/2009/02/16/Commentor-e28093-new-version.aspx). It will get bundled into the next version of BE. I modified this extension to also automatically delete comments in addition to block (see http://www.neovolve.com/post/2009/09/15/Adding-delete-comment-support-to-the-Commentor-extension.aspx).

Dec 13, 2013 at 1:45 PM
Hi, I'm still running BE 1.6.0.1...I added the updated Commentor extension and while the interface is different from the "Comments" page in the blog Admin, I do not see a way to directly block IPs from commenting?

I'm using Akismet, but the problem is I'm getting carpet-bombed by new sources that Akismet isn't picking up yet. I'll get 20-30 posts in a row from the same IP within 10 minutes.

I don't want to block them at my firewall, are any ways to do it locally on the blog?
Coordinator
Dec 13, 2013 at 5:28 PM
Edited Dec 13, 2013 at 5:31 PM
You can save this as "BlockByIp.cs" and drop to you app_code/extensions folder.
This will block comments added to ip list (ipList = { "111.11.111", "222.22.222" };).
Adding IP manually not fun, but if you have few you need to block this should work.
The odd characters in adding event are "plus equals" signs, codeplex doesn't like them.
using BlogEngine.Core;
using BlogEngine.Core.Web.Controls;
using System;

[Extension("Block by IP", "1.0", "Me")]
public class BlockByIP
{
    static BlockByIP()
    {
        Post.AddingComment += Post_AddingComment;
    }

    static void Post_AddingComment(object sender, System.ComponentModel.CancelEventArgs e)
    {
        string[] ipList = { "111.11.111", "222.22.222" };
        try
        {
            var comment = sender as Comment;
            foreach (var ip in ipList)
            {
                if (ip == comment.IP)
                {
                    e.Cancel = true;
                    return;
                }
            }
        }
        catch (Exception) { }
    }
}
Dec 13, 2013 at 6:24 PM
Edited Dec 14, 2013 at 2:28 PM
Thanks Rtur!

Unfortunately it's a case of "whack a mole" but hopefully it will help if I catch the hammering while it's happening.

[Update]
I noticed that I'd often see multiple IPs from the same Class-C in a given wave of spam, like:

192.168.1.2
192.168.1.43
192.168.1.234

Which I presume is a spam-farm of people working out of the same location, with the same list of websites to attack.

I also was looking at your example and you left off the last triplet of the IP...so using your code as a starting point, I modified it slightly to match the first three triplets of the IP address. I'd rather block an entire range of IPs--and risk blocking some legitimate comments--than go crazy matching individual IPs.
        try
        {
            var comment = sender as Comment;
            var ipMatch = comment.IP.Substring(0, comment.IP.LastIndexOf("."));
            foreach (var ip in ipList)
            {
                if (ip == ipMatch)
                {
                    e.Cancel = true;
                    Utils.Log("Blocked by ip: " + comment.IP);
                    return;
                }
            }
        }
This will match any IP in "192.168.1/24" ...not that I expect this to be ultimately helpful...it's still "whack a mole"