This continues to be annoying me for a while. I usually picture starting my website, plus some grime bag developing and uploading porno or bombarding profanity. And So I decide I'm not going him using my website, I prohibit his account and prohibit his ip during my cpanel, but let's say he's utilizing a proxy and merely keeps making new accounts to harass me? So what can I possibly do in order to prevent this horrible outcome?

Well, when not problematic for normal customers, you can block Insolvency practitioners/IP ranges that are known proxies. However, if all of your regular clients are behind among individuals proxies, this will not work.

Generally, however, unless of course you need registration with some type of hard-to-duplicate linked information (like a validated telephone number, charge card number, etc), it will likely be difficult to prevent proxying from the determined user.

You will never. You can set a cookie which defines him as malicious user, but it is trivial to get rid of such snacks.

Now you ask ,, exactly what does it require for you to upload files in your site? Get people to register, ask them to enter a legitimate current email address. Send a verification towards the current email address before initiating the account. If a person reacts wrongly, then prohibit his current email address. By doing this the individual always require a new working current email address for signing up.


Just rephrasing what "Cosmin Prund" stated. Set up a choice inside your site, in which a User can mark any content as inappropriate, as well as for accountability, set up some smart way of indicating exactly why this content is inappropriate(an easy drop box with assorted options is going to do). Now, in case your customers enjoy your website, they'd mark all of the porno and junk e-mail content. All that you should do is just remove the marked content following a quick review. You may also create a policy in which, when the content published with a user continues to be marked as inappropriate in, say 100 different instances, block that account. Keep your unblocking part at the discretion.

Its similar to the "Junk e-mail" button supplied by email service companies to recognize junk e-mail messages.

Hope this can help :)

If this sounds like a real large problem for you personally, you could do this some kind of UUID based security with the aid of the consumer Agent along with other client sent variables.

I've come across a current POC (can't recall the address), stating that with javascript browser recognition and php user sent variables, you may create a UUID to recognize your customers.

EDIT : Thought it was, the script is known as Panopticlick, it will a fingerprint identification from the user according to plug ins available, fonts available, user agent, time zone, and display size. Using their say :

Your browser fingerprint seems to become unique one of the 777,809 examined so far.

Presently, we estimate that the browser includes a fingerprint that conveys a minimum of 19.57 items of determining information.

Obviously this isn't totally secure, because the user can certainly spoof these details, but technology-not only to produce a grey list, to ensure that if your user matches the UUID of the banned ip, you present him having a login screen, or perhaps a captcha, or any kind of added security you'll need.

Often it helps searching at other programs that may have a similar problem, observe how they fixed it. Individuals other programs may be:

  • Forum internet sites
  • eMail programs
  • Blogs
  • StackOverflow

... and today you'd watch a pattern, the stuff you need to avoid has a title: "Junk e-mail", and also the people doing the work are known as "Spammers". How are individuals people handled around the sites which are uncovered to such problems? I type of like StackOverflow's bag of methods.