Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-737

Add the ability to ban IP addresses and email addresses.

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.2
    • Fix Version/s: 5.9.0-b1
    • Component/s: Staff Interface
    • Labels:
      None

      Description

      We need the ability for staff to ban certain IP addresses or email addresses. These bans should be honored by..

      1. Login system
      2. Order system
      3. Support system

      I think the feature should be available under Tools, called "Blacklist", and allow you to enter email addresses and IP addresses. Wildcards for email addresses like *@hotmail.com should be allowed, and the CIDR format for IP addresses like 192.168.0.0/24 should be supported as well as individual addresses.

      Update: Allow a reason to be set for each blacklist entry. The order and support plugins won't use this reason in their response, the reasons will be private for staff, but the plugins will set their own reason. In the case of the order system, the same response a rejected/fraud order would see should be used. For the support system, something like "Sorry, we are unable to accept your ticket at the moment."

        Activity

        admin Paul Phillips created issue -
        Show
        admin Paul Phillips added a comment - See http://www.blesta.com/forums/index.php?/topic/900-ban-ip-ban-email-domain/
        Hide
        admin Paul Phillips added a comment -

        For the login system, we block only by IP address, not email address.

        Show
        admin Paul Phillips added a comment - For the login system, we block only by IP address, not email address.
        admin Paul Phillips made changes -
        Field Original Value New Value
        Fix Version/s 3.2.0-b2 [ 10501 ]
        Fix Version/s 3.2.0-b1 [ 10002 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.2.0-b3 [ 10503 ]
        Fix Version/s 3.2.0-b2 [ 10501 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.2.0 [ 10502 ]
        Fix Version/s 3.2.0-b3 [ 10503 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.3.0 [ 10100 ]
        Fix Version/s 3.2.0 [ 10502 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.4.0 [ 10400 ]
        Fix Version/s 3.3.0 [ 10100 ]
        admin Paul Phillips made changes -
        Fix Version/s 3.4.0 [ 10400 ]
        admin Paul Phillips made changes -
        Security Private [ 10000 ]
        admin Paul Phillips made changes -
        Fix Version/s Short Term [ 10800 ]
        admin Paul Phillips made changes -
        Description We need the ability for staff to ban certain IP addresses or email addresses. These bans should be honored by..

        1. Login system
        2. Order system
        3. Support system

        I think the feature should be available under Tools, called "Blacklist", and allow you to enter email addresses and IP addresses. Wildcards for email addresses like *@hotmail.com should be allowed, and the CIDR format for IP addresses like 192.168.0.0/24 should be supported as well as individual addresses.
        We need the ability for staff to ban certain IP addresses or email addresses. These bans should be honored by..

        1. Login system
        2. Order system
        3. Support system

        I think the feature should be available under Tools, called "Blacklist", and allow you to enter email addresses and IP addresses. Wildcards for email addresses like *@hotmail.com should be allowed, and the CIDR format for IP addresses like 192.168.0.0/24 should be supported as well as individual addresses.

        Update: Allow a reason to be set for each blacklist entry. The order and support plugins won't use this reason in their response, the reasons will be private for staff, but the plugins will set their own reason. In the case of the order system, the same response a rejected/fraud order would see should be used. For the support system, something like "Sorry, we are unable to accept your ticket at the moment."
        admin Paul Phillips made changes -
        Fix Version/s 5.9.0-b1 [ 11901 ]
        Fix Version/s Short Term [ 10800 ]
        Hide
        admin Paul Phillips added a comment -

        Increasingly more important to have this.

        Make sure that if the system setting "My installation is behind a proxy or load balancer" is checked, that we evaluate the correct IP address.

        Show
        admin Paul Phillips added a comment - Increasingly more important to have this. Make sure that if the system setting "My installation is behind a proxy or load balancer" is checked, that we evaluate the correct IP address.
        admin Paul Phillips made changes -
        Rank Ranked higher
        admin Paul Phillips made changes -
        Rank Ranked lower
        jonathan Jonathan Reissmueller made changes -
        Sprint 5.9.0 Sprint 1 [ 182 ]
        jonathan Jonathan Reissmueller made changes -
        Rank Ranked higher
        jonathan Jonathan Reissmueller made changes -
        Assignee Cody Phillips [ cody ]
        jonathan Jonathan Reissmueller made changes -
        Story Points 5
        jonathan Jonathan Reissmueller made changes -
        Story Points 5 8
        abdy Abdy Franco made changes -
        Assignee Abdy Franco [ abdy ]
        abdy Abdy Franco made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        abdy Abdy Franco made changes -
        Remaining Estimate 0 minutes [ 0 ]
        Time Spent 6 hours, 45 minutes [ 24300 ]
        Worklog Id 16486 [ 16486 ]
        abdy Abdy Franco made changes -
        Time Spent 6 hours, 45 minutes [ 24300 ] 1 day, 6 hours, 16 minutes [ 51360 ]
        Worklog Id 16488 [ 16488 ]
        abdy Abdy Franco made changes -
        Time Spent 1 day, 6 hours, 16 minutes [ 51360 ] 2 days, 2 hours, 57 minutes [ 68220 ]
        Worklog Id 16491 [ 16491 ]
        abdy Abdy Franco made changes -
        Time Spent 2 days, 2 hours, 57 minutes [ 68220 ] 2 days, 6 hours, 18 minutes [ 80280 ]
        Worklog Id 16498 [ 16498 ]
        abdy Abdy Franco made changes -
        Time Spent 2 days, 6 hours, 18 minutes [ 80280 ] 3 days, 5 hours, 41 minutes [ 106860 ]
        Worklog Id 16500 [ 16500 ]
        abdy Abdy Franco made changes -
        Time Spent 3 days, 5 hours, 41 minutes [ 106860 ] 4 days, 2 hours, 50 minutes [ 125400 ]
        Worklog Id 16502 [ 16502 ]
        abdy Abdy Franco made changes -
        Time Spent 4 days, 2 hours, 50 minutes [ 125400 ] 1 week, 2 hours, 39 minutes [ 153540 ]
        Worklog Id 16503 [ 16503 ]
        abdy Abdy Franco made changes -
        Status In Progress [ 3 ] In Review [ 5 ]
        Resolution Fixed [ 1 ]
        Hide
        jonathan Jonathan Reissmueller added a comment -

        From Paul

        It seems like if they already have an active account they should be able to sign into it. Lets say for example, someone can't sign up because of email (maybe we block free email domains), so we manually create an account for them to bypass and allow access, they should be able to login. The email ban would certainly apply to a client registering an account though, but not to staff creating a client in the client area.

        Show
        jonathan Jonathan Reissmueller added a comment - From Paul It seems like if they already have an active account they should be able to sign into it. Lets say for example, someone can't sign up because of email (maybe we block free email domains), so we manually create an account for them to bypass and allow access, they should be able to login. The email ban would certainly apply to a client registering an account though, but not to staff creating a client in the client area.
        jonathan Jonathan Reissmueller made changes -
        Status In Review [ 5 ] Closed [ 6 ]
        Hide
        admin Paul Phillips added a comment -

        I don't see a field to enter the IP or email to blacklist, there's a Rule, Type, Note field only.. I think a field is missing.

        Show
        admin Paul Phillips added a comment - I don't see a field to enter the IP or email to blacklist, there's a Rule, Type, Note field only.. I think a field is missing.
        Hide
        jonathan Jonathan Reissmueller added a comment -

        Pretty sure "Rule" is the IP or email. I'm assuming it's labeled as such because it handles ip ranges and wildcard email addresses

        Show
        jonathan Jonathan Reissmueller added a comment - Pretty sure "Rule" is the IP or email. I'm assuming it's labeled as such because it handles ip ranges and wildcard email addresses
        Hide
        admin Paul Phillips added a comment -

        Abdy Franco tagging you from my earlier reply, there is still no field to enter IP or email address.

        I don't see a field to enter the IP or email to blacklist, there's a Rule, Type, Note field only.. I think a field is missing.

        Show
        admin Paul Phillips added a comment - Abdy Franco tagging you from my earlier reply, there is still no field to enter IP or email address. I don't see a field to enter the IP or email to blacklist, there's a Rule, Type, Note field only.. I think a field is missing.
        Hide
        admin Paul Phillips added a comment -

        Never mind, "Rule" field is not a rule name but for the actual rule. Dunno why I missed that. Guess we just need CORE-5010

        Show
        admin Paul Phillips added a comment - Never mind, "Rule" field is not a rule name but for the actual rule. Dunno why I missed that. Guess we just need CORE-5010

          People

          • Assignee:
            abdy Abdy Franco
            Reporter:
            admin Paul Phillips
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Fix Release Date:
              15/Dec/23

              Time Tracking

              Estimated:
              Original Estimate - Not Specified
              Not Specified
              Remaining:
              Remaining Estimate - 0 minutes
              0m
              Logged:
              Time Spent - 1 week, 2 hours, 39 minutes
              1w 2h 39m

                Agile