[spamblock_htaccess] character varying 15 is too short for IP addresses

s9y / Serendipity

A PHP blog software

https://s9y.org

BSD 3-Clause "New" or "Revised" License

207 stars 86 forks source link

[spamblock_htaccess] character varying 15 is too short for IP addresses #727

Open Zugschlus opened 4 years ago

Zugschlus commented 4 years ago

Hi,

the database table spamblock_htacces defines a column "IP" as "character varying 15". I assume that thie column is meant to hold an IP address.

This is even too short if an IP address is stored in binary. IP addresses in binary are 16 bytes long, and IP addresses in text can be up to 39 bytes long.

I mean, as long as you don't limit yourself to a deprecated IP protocol where IP addresses are only 4 bytes long.

Greetings Ma "yes, we have IPv6 now" rc

onli commented 4 years ago

The plugin/function probably predates any relevance of IPv6.

I'm not sure it's worth it to fix it. In an IPv6 world, a spammer could just cycle though his many IP addresses for every spam request made. The solution there is not to fill the database with needless entries but to deactivate the function. My opinion, maybe I'm missing something?

Zugschlus commented 4 years ago

Many spammers nowadays use rented VMs where is it a bit more work to obtain a new IP address. Otherwise, your points are valid, thanks for your consideration.