Support

Admin Tools

#10072 Request for more filters

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Thursday, 20 October 2011 02:59 CDT

earthrat
I would like to make a request for more filters on the Security Exceptions Log. I currently have a site that has more than 50 log pages (100 per page) and it would be great if I could narrow down (in particular) and hide the IP's that have already been blocked so I don't have to sift through them to find bad ones to add to them.

nicholas
Akeeba Staff
Manager
I've explained in the past why it's not possible, but I don't mind doing that again :)

The blacklist doesn't allow you to only enter IP addresses. It is a very powerful tool which allows you to enter single IPs, IP ranges (from-to), IP subnets (IP/netmask) or CIDR blocks. As a result, we can not do a simple database query to figure out which IPs are excluded and which are not. We have to run all of the filters against each IP in order to know that. If you have 100 pages of 50 items each, we're talking about 5,000 records. Can you imagine loading these to memory and running the filters on each one of them? Not my idea of fun :) It would cause timeouts and memory outage errors in a heartbeat. Therefore, it is NOT possible to have a filter by IP addresses already excluded.

Furthermore, I have explained countless times that blocking IP addresses is the next more pointless thing to trying to drill a hole in the water. The vast majority of IP addresses are assigned dynamically, which means that the IP address which belongs to a hacker/spammer today will not belong to him in a month or even in a week. I seriously doubt if anyone ever goes back to his black-list to remove older IPs, so you pretty much end up potentially blocking legitimate visitors. Not to mention that if I were to hack you I'd use TOR and have a randomised IP on each of my requests. The only thing which DOES make sense is temporary ban of an attacker. This is what the automatic IP blocking feature does and this is what you need to set up on your sites.

The IP Blacklist has exactly one practical application: disallowing a specific network to access your site. This is rarely needed and even more rarely needed for a not-so-shady reason ;)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

earthrat
Thanks for the info and know that the IPs that I am blocking on the site are repeat offenders and have tried hack the site 5 times or more. However with that comment (and not that I don't agree) then it leads me to ask why is it even there in the first place if it is pointless?

nicholas
Akeeba Staff
Manager
There are cases where a specific IP may belong to an attacker for a long period of time (a week or a month), triggering a lot of security exceptions many times a day, all day long. In those cases you do need to block that IP address, hence the blacklist feature. As I said, it's a rare case, but it's a real one and I have to cover you for it, don't I?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!