Closed CrystalVulpine closed 1 year ago
I believe reddit does log all the requests, considering that it purposely omits duplicate IPs from the account activity page. But it somehow deletes them after 90 days, and I have no idea how that could be done. It's not like an account deletion cleanup where it only has to schedule one thing, there are way too many requests to do it that way.
IP bans
Now there are 4 levels of IP ban:
Note: In order to get this working the database logs with
set_account_ip()
for every single request while the user is logged in. I think this is how it's normally done, but it seems like a huge use of resources to me. Reddit deletes them after 90 days, but I don't know how to do that (maybe @libertysoft3 can figure it out). You could log them only when the user logs into their account, but then if they change IPs while logged in it won't be recorded. The old way of getting IP history, by searching through every single post, comment, sub, and message and grabbing their IPs if their author matches the one we want, has been removed. Users also now have a link on their overview page to view their own IP history.Super admins
Some admin tools are usually disabled on saidit to prevent abuse. Now u/magnora7 can set his permission level to
superadmin
in the ini file instead ofadmin
, so that he and possibly those he finds extremely trustworthy can access the dangerous tools without exposing them to the rest of the admins.This update also includes a new
admin_enable_password_locking
flag."Spiderbans"
This was prepared for in #121. It makes saidit download a cookie when logging into a banned account, which then causes other accessed accounts to be banned as well. If the source account is passlocked it will cause the same to happen to others, if it's shadowbanned or suspended they will be shadowbanned. If there's no ban, it doesn't do anything. It spreads like a virus until the user figures out that they need to clear their browsing data.
The names of the cookies (perhaps obfuscated) must be set in the ini file as
spiderban_shadowban_cookie
andspiderban_passlock_cookie
.Other
There were also a few minor patches to #121.
Warnings