I have someone who keeps signing onto my website incessantly with different emails and bashing the owner of the site. I have installed word censoring and I have limited combinations of letters he can use for a sing on but WHY CAN'T I CAPTURE HIS IP ADDRESS AND BAN HIM? It allows IP banning. How do you capture it? Is there a module tha I can install to capture his IP and ban him? Please help this is really getting frustrating in the last few minutes he signed in under 6 names. I have changed it now to where as administrator I have to ok the sign on but I cant sit at my computer every minute to authorize sign ons. PLEASE HELP anyone with any suggestions. Thank you!

By the way I have tried a couple of site statistic modules and one does not include IP addys and the other doesnt even install. It's buggy.

I've changed the post title to one that isn't shouting (ie - in capitals)

Try protector - available here: http://xoops.peak.ne.jp/

If the poster posts on an forum or whatever, you should be able to capture his IP and ban him from there.

thank you i didnt mean to shouti am just panicked that he is pirating my entire website. if he posts on a forum i could capture his ip that way? how does that work? i really appreciate your help im panicked

as it turns out i have protector installed. i will look at that module. is there something i should know about the program or is there documentation i could read that is a bit more than what is in the download area? i really appreciate you this was literally a year of my work and he is ruining it. with a simple ip ban i could get rid of him.

If this person posts on the newbb forum you should be able to see his IP adress along with his post under the user info(username, avatar, etc)

If you know what username he uses and you see him online you can open up the whos online pop up(have whos online block enabled) and it will show his IP adress, you can then ban him in the XOOPS CP or using htaccess.

I'd be interested in knowing what sats modules you tried.

Here's the problem, and very few really understand how this all works...If this person is spoofing, you will have a hard time with IP's. Protector is not good enough for that, and although you might be able to find a range of IP's by looking at your access logs, you may not be able to block him specifically.

So, what to do? Well, one thing is to actually look at those logs on your server and figure out what posts are associated with what IP addresses. If you have control over your server, you could install the mod-security module and set up filters. However, my bet is if you study the access logs, you will find a trend. If nothing else, you will find what IP addresses he likes to spoof. Unfortunately, there are no real reliance on the IP coming in.

I only have an interest because I like to actually find these folks and sell them out to everyone. I've done it many times!

I really appreciate all the input. He finally DID post on a forum. I set it to post IP addresses with their post. But it didn't. XOOPS is a great thing but this is a real problem. If he would visit one of my tired old front page pages I would have his IP in a New York minute. I am trying to find where his IP would be stored from posting on the forum but I really don't see it. I think I might just delete that part of the site.

IP banning is only partially effective and it's not just a XOOPS problem, it's how the web and ISPs work.

I'd create a new group called 'Quarantined' or 'Banned' or whatever you'd like it to be and screw down the permissions for that group - no unapproved posts, no editing profile, just enough to keep him posting while you narrow down where he is posting from - and assign all the usernames you know are the offender's.

You have several options to discover what IP was associated with the posts when they happened. Because of the mobility of web access, this person could be logging in from home, from work, from the coffee shop, from the library, or from an unsecured wireless connection. So trying to nail down a specific IP won't work for long. If this person is really a hacker, he can spoof any IP he wants to.

Xoops Who's Online block will show a user's current IP address (click on more... at the bottom of the block)

CBB will log a poster's IP address when they post (turn it on in preferences)

Several statistics modules will also display users' IP addresses.

Your server logs will show all access by IP address.

The XOOPS session table also captures IP addresses.

Protector module will log IP addresses for types of actions (DOS, prefetching, injections and more)

[edit]
You can also modify the registration email notification to include the IP address of the submitter.

I created a new group called Muppet's and they see a completely different site to the public, i have removed all blocks so they cant log out or navigate and they see there own theme, news section and forums.
I dump all the fools in there.
BTW i see IPs of every one on the site via Memberstats module and also the forums shows there details http://whois.domaintools.com/ via that when i click on there IP in there posts.
Also you may want to go admin verify on accounts till you sort him out.