Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How To Keep a Web Site Local?

kdawson posted more than 5 years ago | from the first-ban-google dept.

The Internet 297

Cornwallis writes "The universal accessibility of the Internet is one of its attractions. But what do you do when you don't want your board to be Slashdotted? Back in the day it was great to run a local BBS where friends and neighbors could dial in using their 9600-baud modems to pick up mail or share games or stories. Now, my Web-based board gets slammed by people from all over the world who have no reason to access it, can't possibly take advantage of the locally focused services it offers, and generally take up my time because I have to block their accounts or explain to them why they can't have access. This despite the fact that the board explains quite clearly that it is for local use only and couldn't possibly be of interest to them. Other than putting thousands of entries in my hosts file to block IP ranges, what options do I have to restrict access to locals only? Or isn't that feasible?"

Sorry! There are no comments related to the filter you selected.

.htaccess (5, Informative)

Norsefire (1494323) | more than 5 years ago | (#27146863)

order allow,deny
deny from all
allow from iprange
allow from iprange
allow from iprange
etc. etc.

There are websites all over the internet [google.com] that allow you to do country-by-IP-range lookups.

You could also do;

ErrorDocument 403 "Sorry, this website is only available to people living in .

(Yes, no final quotation mark).

Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

Re:.htaccess (5, Funny)

Anonymous Coward | more than 5 years ago | (#27146893)

ErrorDocument 403 "Sorry, this website is only available to people living in .

Or "This is a local website for local people. There's nothing for you here."

Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

They covet the precious things.

Re:.htaccess (4, Funny)

fractoid (1076465) | more than 5 years ago | (#27147013)

Or "This is a local website for local people. There's nothing for you here."

Thankyou! I was hoping someone would say this. ;) Bad login attempts should lead to an error page saying "What's all this shouting? We'll have no trouble here!"

Re:.htaccess (5, Informative)

Anonymous Coward | more than 5 years ago | (#27147099)

For any Americans wondering what their mad cousins, from across the pond, are talking about: http://www.youtube.com/watch?v=zOGAAlHzF4o [youtube.com]

You can automate it (4, Informative)

an.echte.trilingue (1063180) | more than 5 years ago | (#27147265)

While it does involve having thousands of addresses, this kind of thing is pretty easy to automate, given what your goals are. For example, I use this tool [webhosting.info] to determine which country my visitors are in and display the relevant contact information (show the French address to people in France, the Belgian one to people in Belgium, etc). I have a cron job set up to update the database once a week; it is fully automatic and very reliable.

If you need to be more specific, this guy [jpederson.com] has a php class that can supposedly give you information as specific as city, or you can write your own using the db you can download here [hostip.info] , although I can't personally vouch for either. You could also parse the hostnames in your server and only allow service providers in your area.

Also, google code [google.com] has a really good tutorial for a client side application if your server is limited in its capabilities.

Either way, it sounds from the summary like you have access to a database of ip address ranges you want to allow. Just set up a cron job to download it and parse it.

Re:You can automate it (2, Informative)

xaxa (988988) | more than 5 years ago | (#27147937)

Implementing something like this brings problems if there's no way to get around it. For instance, many multinational companies have only one point of presence on the Internet, which can be shared by offices in different countries. At the last one I worked at, the PoP was in France, so even thought I was in England many websites would appear in French, and a few "UK only" services didn't work.
Same with people on holiday, or people who use a mobile phone to access the web.

If the website really isn't interesting for non-locals why do they want to look anyway?

I found a website for people in my local area to debate local issues, the only requirement is to provide a postcode when you sign up. I don't know if it's checked, and it's easy to make one up anyway, but I doubt it's a problem anyway, who cares about the library shutting an hour earlier on Thursdays and the graffiti on the bus shelter, except the people living there?

Re:.htaccess (3, Insightful)

Haeleth (414428) | more than 5 years ago | (#27147581)

There are websites all over the internet [google.com] that allow you to do country-by-IP-range lookups.

You could also do;

ErrorDocument 403 "Sorry, this website is only available to people living in .

And then brace yourself, because you're going to get an earful from the next local person who tries to catch up with her friends back home while she's on holiday, only to be told that she's banned because she's "not local".

Re:.htaccess (5, Informative)

andy.ruddock (821066) | more than 5 years ago | (#27147929)

Or allow access to all registered users, but only allow "local" access to the signup page.

Information wants to be free (5, Funny)

Anonymous Coward | more than 5 years ago | (#27148009)

Copyright doesn't exist. You don't have the rights to keep your information for yourself. You MUST share it with all us and everybody as the rights to copy and use it.

or so I have been told here on slashdot.

PS. Apple users suck.

Re:.htaccess (1)

Dan East (318230) | more than 5 years ago | (#27148061)

There would likely be very significant problems from filtering by IP address. In our rural town, the local DSL usually shows up as a major city over 100 miles from here. We have significant usage by several other ISPs of varying types - cable, dial-up, multiple ad-hoc WiFi providers, satellite, etc. Because of our poor rural internet coverage we have a number of people resorting to satellite and cellular providers (even though the cell service is only around 200 Mbps).

So I don't know about that town, but it would be impossible to restrict access by IP address in these parts. Or at least you would have to allow potential access to many millions of people (including HughesNet users) to allow unfettered access for just a few thousand locals.

Who are locals? (1)

TheLink (130905) | more than 5 years ago | (#27146869)

How do you define locals?

If it's just people living in a small area - like friends and neighbours, how about having your server only serve to anyone on a wifi network you set up for that purpose?

Re:Who are locals? (1)

Frosty Piss (770223) | more than 5 years ago | (#27147071)

Ask yourself: What would RMS say?

Re:Who are locals? (1)

TheLink (130905) | more than 5 years ago | (#27147321)

RMS isn't the one asking the question. For him local could mean something totally different from what cornwallis means.

I think we need more info to provide a useful answer to cornwallis.

So what does cornwallis really mean by local?

Re:Who are locals? (0)

Anonymous Coward | more than 5 years ago | (#27147363)

wooooosh!

Re:Who are locals? (1)

Nutria (679911) | more than 5 years ago | (#27147927)

What would RMS say?

Royal Mail Ships don't say much, if anything, at all.

Re:Who are locals? (4, Informative)

Z00L00K (682162) | more than 5 years ago | (#27147313)

Have a credibility check page - like checking if someone knows about a local detail that's known by the locals.

"What was the color of the church at Elm Street before 2004?"

And you may want to be careful with IP address filtering since that can result in unexpected disadvantages when a local is out traveling.

People travel. (3, Insightful)

Futurepower(R) (558542) | more than 5 years ago | (#27147339)

Yes, exactly: "... you may want to be careful with IP address filtering since that can result in unexpected disadvantages when a local is out traveling."

Don't expect that your users stay in one place.

Do expect that they sometimes travel to other countries.

Re:People travel. (5, Funny)

azaris (699901) | more than 5 years ago | (#27147457)

Don't expect that your users stay in one place. Do expect that they sometimes travel to other countries.

I was going to suggest this, then realized his users are likely to be Americans.

Re:People travel. (2, Insightful)

Haeleth (414428) | more than 5 years ago | (#27147619)

Even Americans travel. Suppose his website's in Florida: he presumably wouldn't want Alaskans using it, because they're even further from being "local" than many foreigners. So any regional blocking would be at the state level, or possibly even the city level. And that means travellers wouldn't have to be abroad to be inconvenienced.

Re:People travel. (0)

Anonymous Coward | more than 5 years ago | (#27147943)

Gah. Show me the European who can list the capital of each state of the USA, a country about as big as Europe. It will be less than 1%. I also expect the number of Europeans who travel outside of Europe to be relatively small.

Good question, but... (5, Funny)

Anonymous Coward | more than 5 years ago | (#27146873)

...I doubt Slashdot can make a good assessment without taking a look at the site. Mind posting the URL?

Re:Good question, but... (4, Funny)

MichaelSmith (789609) | more than 5 years ago | (#27147353)

I'll ask 4chan to help. Looks like a big job.

Re:Good question, but... (0, Funny)

Anonymous Coward | more than 5 years ago | (#27147759)

Anon is not your personal army, newfag.

Re:Good question, but... (1)

4D6963 (933028) | more than 5 years ago | (#27147951)

Nope, but Slashdot is, or so you would believe sometimes.

Easier option (1)

MountainMan101 (714389) | more than 5 years ago | (#27146877)

Would it not be easier to approve individuals than spend time unapproving anyone not from your little community. Do you threaten the intruders with pitchforks whilst crying "Are you local????".
Facebook is open to the world, but still manages to sustain small communities / groups. It's not impossible.

You could restrict your website to 127.0.0.1 - that's very local. Or you could wire all the houses together on a private subnet.

Re:Easier option (2, Insightful)

Frosty Piss (770223) | more than 5 years ago | (#27147101)

Really only two choices: GeoID and Registered Only, with a valid matching pair of city/zipcode (city/zip databases are widely available).

Re:Easier option (4, Insightful)

X0563511 (793323) | more than 5 years ago | (#27147243)

Best to only apply this restriction to account creation. Requiring them to be local when they make the account is entirely understandable, but blocking them from logging in while traveling is not.

Re:Easier option (5, Funny)

Anonymous Coward | more than 5 years ago | (#27148081)

Best to only apply this restriction to account evolution.

Fixed that for y... wait, what?

Why use a tech solution? (3, Informative)

Macthorpe (960048) | more than 5 years ago | (#27146879)

Get some paper, pin it up around the neighbourhood with a private key. Ensure that people can't create an account or access the boards without the private key.

Am I missing something? Why use an overly technical solution when some paper and pens will fix the whole thing?

Re:Why use a tech solution? (4, Insightful)

jschen (1249578) | more than 5 years ago | (#27146937)

I agree that this probably should not be solved purely on the technology end of things. One of the great things about the Internet is that one can access things from most anywhere. Your website may cater to locals, but you need to consider the possibility that someone who is generally local to the area but currently elsewhere might want to access the site. That's a pretty serious problem for filtering based on geography.

Re:Why use a tech solution? (5, Insightful)

Jurily (900488) | more than 5 years ago | (#27147335)

That's a pretty serious problem for filtering based on geography.

No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

Re:Why use a tech solution? (1)

nacturation (646836) | more than 5 years ago | (#27147613)

No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

As others have pointed out, you only need to enforce this when creating the account. Once you have an account, there's no need to do any filtering.

Also, you're assuming this is some kind of social networking site where the goal is to talk to your friends. What if it's an association for condo owners in a specific building? If you move 2000 miles, you're no longer welcome at the site because you don't live there anymore. If you made friends in your building, follow them on Facebook not on some specialist site.

Re:Why use a tech solution? (5, Interesting)

1u3hr (530656) | more than 5 years ago | (#27147645)

No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

Happens to me a lot. I'm in Hong Kong. I find some US ISPs (like AOL) bounce my mail solely based on my location. And much media (even some on Youtube) is blocked geographically. Even some porn sites block me.... And other sites insist on giving me Chinese versions of their web pages, with no option to choose English. Highly irritating to go to Google.com and find myself redirected to Google.com.hk. (Yes, I have workarounds now, still annoying.)

Re:Why use a tech solution? (1)

stephanruby (542433) | more than 5 years ago | (#27147411)

Local trivia was suggested. This private key on paper is a second idea. A third is that you use an invite-only system, just like gmail did at the beginning.

Also, I'd place an invisible link in your web site somewhere, to catch the spiders refusing to follow your robots.txt guidelines (note that even the googlebot sometimes does not always follow that directive, or that many illegitimate spiders will sometimes label themselves as the googlebot to avoid getting blocked, so be careful if you don't want to mess with your current search engine placement).

Idea (0)

Anonymous Coward | more than 5 years ago | (#27146883)

I don't know if this idea will work.

When registering for an account, how about asking question only locals will know? One that is easily known by the locals, but may create a bit too much effort for someone not local. Like, "What is the street that goes by such as such restaurant?"

two words (1)

fringd (120235) | more than 5 years ago | (#27146933)

google maps

five words (0)

Anonymous Coward | more than 5 years ago | (#27147691)

"a bit too much effort"

six words (1)

Jeoh (1393645) | more than 5 years ago | (#27147991)

ctrl+t maps.google.com such and such restaurant

Link plz (3, Funny)

Anonymous Coward | more than 5 years ago | (#27146889)

Give us a link to the board, we need to have a look at it before we can properly assess the best way to 'keep it local'.

hee (1)

fringd (120235) | more than 5 years ago | (#27146947)

+funny

block by ip address (1)

8086 (705094) | more than 5 years ago | (#27146903)

You can allow the website to be usable only by certain IP addresses. One way to do this would be to find out IP address ranges for all ISPs in your area, and allow only those. Another would be to filter by Country/City information about each IP address that you can get using GeoIPLocation or something similar. Also, having a good CAPTCHA will help you avoid some of those unnecessary users.

Re:block by ip address (1)

su8lime (1357275) | more than 5 years ago | (#27146981)

This is not a good solution because people will travel and need to log in from Coasta Rica to access their local area info Blocking by IP address is what narrow minded system adminstrators would do One option as mentioned previously is to require user validation and then approve users before they can log in to post

Re:block by ip address (0)

Anonymous Coward | more than 5 years ago | (#27147741)

"Coasta Rica" - That must be on another planet, as I couldn't find it on Earth.

MaxMind + PHP? (2, Insightful)

shri (17709) | more than 5 years ago | (#27146905)

If you use PHP, consider getting Maxmind and filter on its city / country databases.

Re:MaxMind + PHP? (0)

Anonymous Coward | more than 5 years ago | (#27147887)

Or perl,or python, or java, or ... there is even an apache module.

http://www.maxmind.com/app/api [maxmind.com]

IP to location database, SMS (1)

nacturation (646836) | more than 5 years ago | (#27146907)

Download a database of IP address to location, then do a lookup. If it's within your state, for example, then allow access. Otherwise, send them to a "sorry" page with contact info in case they really are local and you need to add an exception.

Or implement SMS verification on account signup that only allows your area code and then do manual review, perhaps using a community approval process.

Are you local? (0)

Anonymous Coward | more than 5 years ago | (#27146959)

This is a LOCAL site for LOCAL people!

Probably one option only (1)

EdIII (1114411) | more than 5 years ago | (#27146969)

Other than putting thousands of entries in my hosts file to block IP ranges, what options do I have to restrict access to locals only? Or isn't that feasible?

Your really asking the impossible. The Internet is fundamentally designed to share data across the various networks that comprise it. I understand your desire to keep costs down (time+bandwidth), but if for some reason you are having large numbers of users visit your site that is raising your costs, there is practically nothing you can do that you are not already doing.

A block list, or allow list is your only option AFAIK. There are services that attempt to provide geographical data associated with IP addresses. They are not always accurate, and proxies/TOR would allow people to still bypass those restrictions.

I don't think you are really trying to restrict the data to "locals" only, but instead reduce your costs. Unfortunately, I don't think you can suffer the costs of looking up those visiting IP addresses on demand with such a service as surely they would charge you which would defeat the purpose.

Keep expanding your block list, it's your only option that I can think of. Just keep in mind, that any geographic data you get regarding IP ranges can get stale quickly. You will have to keep updating it.

Why you gotta be like that? (5, Interesting)

QuantumG (50515) | more than 5 years ago | (#27146977)

You have no idea what is of use to other people. Maybe they're thinking of visiting your local area. Maybe they have friends that live there. Maybe they're thinking of setting up a similar board for their own area and want to know how yours is going. Put down your ego for a minute.

Re:Why you gotta be like that? (0)

Anonymous Coward | more than 5 years ago | (#27147103)

She probably runs a local **** ring and doesn't want the Feds scoping it out (either accidentally or after someone drops a dime on the operation).

That's the only 'valid' reason I can think of.

Re:Why you gotta be like that? (1)

X0563511 (793323) | more than 5 years ago | (#27147131)

Local dating site, without having all those phishing jackasses start crawling all over it... that would be a very good reason.

How about restricting acount creation to local IPs based on something like Maxmind or GeoIP, but allow them to log into already existing accounts from elsewhere (for instance, if they are currently out of the area)

Re:Why you gotta be like that? (2, Insightful)

Yvanhoe (564877) | more than 5 years ago | (#27147505)

Maybe they are locals who happen to be visiting Japan...
If you put a website on internet, then want to restrict its geographical zone of use, you are doing something wrong. You can make a community group by selecting the individuals but that is about it.

Re:Why you gotta be like that? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27148027)

Excellent point. A couple of years ago my son was going to interview at a college, sleep overnight in the dorm etc. What I wanted to do in this rural area was go for a bicycle ride. I googled up a local bicycle club, downloaded a map from one of their rides, emailed one of them to try to find out where I could rent a bike. He loaned me a bike. I traveled with helmet, clothes and pedals. On the face of it, it would have seemed obvious that only locals would have been interested in the local bike club and its rides.

Moot? (2, Insightful)

Anonymous Coward | more than 5 years ago | (#27146979)

I'd put good money on this being 4chan

tough one (1)

ILuvRamen (1026668) | more than 5 years ago | (#27146997)

I think I heard one time about a free, open source IP-geogrphy list or database you can implement in programs and webpage code. Other than that, databases that DNSStuff.com use all want money for you to access them. They're probably a bit more accurate and up to date but I doubt you want to pay for their use. Other than that, you can look them up manually and make a whitelist type filter like the first reply said but then you have to cross your fingers and hope no location ever changes their IP addresses (yeah right). Plus, some local people are using protection programs and proxy internet content filters that make it look like they're from elsewhere. And other people could just use a local proxy server to make it look like they're from your area. There really is no good solution to this at all but that won't stop me from suggesting the best possible system:

Put a splash page that says for example "Click here if you're from Wisconsin" and then "Click here if you're from elsewhere" and if they don't click the Wisconsin one, BOOM! it runs a script that banned them from the server. Now that's foolproof lol.

whitelist (1)

n3tcat (664243) | more than 5 years ago | (#27147007)

Get a list of local ip ranges from local ISPs and whitelist them in your firewall. It'll take a lot of work, but that's what happens when you work against the openness of the internet.

It's easy (1)

Jane Q. Public (1010737) | more than 5 years ago | (#27147009)

Just make it members only, and implement a signup procedure. Lots of sites do this; it's relatively easy.

Re:It's easy (1)

palegray.net (1195047) | more than 5 years ago | (#27147431)

The submitter already requires a user account to use his system. Hence the part in the story about spending a lot of time deleting accounts.

Re:It's easy (1)

Jane Q. Public (1010737) | more than 5 years ago | (#27147471)

Then maybe it's not made clear up front that the site does not pertain to them. Personally, I am pretty selective about what sites I will bother to sign up on (Slashdot was my last major mistake), and I find it hard to believe that given enough information to know that the site does not pertain to them, they sign up anyway.

Re:It's easy (1)

1u3hr (530656) | more than 5 years ago | (#27147661)

I find it hard to believe that given enough information to know that the site does not pertain to them, they sign up anyway.

Spammers will sign up to any and every forum they can. Some automated, some sweatshops i INia do this all day long. Any forum, on any subject, if you allow automatic registration, will be full of spam in a few weeks or months if not moderated.

Re:It's easy (1)

Jane Q. Public (1010737) | more than 5 years ago | (#27147735)

Sorry but I disagree. This last year I have worked on a major commercial website, with extremely easy signup, and not even any captcha (we got rid of the captcha about 8 months ago). Spam has been a very minor problem if at all.

Re:It's easy (1)

rtb61 (674572) | more than 5 years ago | (#27147877)

I think the person is after a fully automated solution that requires no maintenance. One of those local boards where people offer service in their local area to other people, possibly a barter board or the like.

They are now learning one the internet biggest lessons, creating a web site is a relatively simple thing, keeping it running and up to date is a never ending chore and the more interactive it is, the more maintenance required.

There really are no quick easy solutions, which is of course why some many companies, pay all those professional web geeks, to maintain web sites.

Put some smarts into your registration page (0)

Anonymous Coward | more than 5 years ago | (#27147021)

The MaxMind GeoIP database is a good way of determining who is coming from where.

Use this service to determine where they are coming from, and ask them to enter their location as part of the registration process.

If the two match, you can probably approve them.

If they don't then tell them that it's a local access service only, and that out of area access has a $20 processing fee payable via Paypal.

That way you can fund the database service, and filter out those who want access for the wrong reason.

Trick question on the user registration form (1)

flux (5274) | more than 5 years ago | (#27147039)

Make the user registration form (mandatory to access said services) ask a mandatory piece of information: location. City, town, or what ever your target population is described by. If the answer is not what you want, give the account, but make the website just as defunct as it used to be before making the account. :-)

apt-get install geoip-bin (0, Redundant)

AlXtreme (223728) | more than 5 years ago | (#27147049)

If you want to restrict access to your country only, you could give geoip a try. Either call geoiplookup for every visitor or use one of the many bindings.

It might block users you would want on your site though and there's not a lot you can do about proxies. YMMV.

It's pretty simple with some configuration (0)

Anonymous Coward | more than 5 years ago | (#27147057)

Turn off anonymous posting

Re:It's pretty simple with some configuration (1)

Zoko Siman (585929) | more than 5 years ago | (#27147073)

To continue...

You can reverse your configuration options, apply what I'm saying abstractly.

Have a blanket DENY option. Then when you find a friend you can add them specifically. Much simpler than having to start blocking the internet.

For example, on my personal wiki page I have registration set to disabled right now. When I find a friend needs access I enable registration.

Furthermore, to avoid some of the /. effect you could protect the actual pages. The entire contents of the folders storing your board HTML and code could be authorization required.

Really... (0)

Anonymous Coward | more than 5 years ago | (#27147079)

I'd have to think this is a bad idea.

Let's say someone want's to go there (ie: vacation or move there) and would like a 1st hand account of what its like. ("How hot is it in the summer?" or questions like that).

And of course lets say that the ISP borks up and the GeoIP is wrong. Trust me, it happened to me before. It thought I lived a couple thousand miles away.

In other words: this is a bad idea. A bad idea for your forum, and a bad idea for the internet in general.

Re:Really... (1)

Phroggy (441) | more than 5 years ago | (#27147215)

Let's say someone want's to go there (ie: vacation or move there) and would like a 1st hand account of what its like. ("How hot is it in the summer?" or questions like that).

Presumably, this site is not an appropriate forum for those kinds of questions. The local Chamber of Commerce should have a site targeted at visitors.

Re:Really... (0)

Anonymous Coward | more than 5 years ago | (#27148123)

I'd mean more like real life conditions. Something a stats sheet couldn't answer. About their neighbors. About the quality of life around there. Multiple opinions to help them form their own opinion.

invite (0)

Anonymous Coward | more than 5 years ago | (#27147083)

Maybe you could use an invite system?

Local Capthca (2, Interesting)

jannic (152373) | more than 5 years ago | (#27147085)

Implement something similar to a captcha: Ask questions only people from your neighborhood can answer. Make sure the answers are not too easily found by using google.

Local Captcha + Obfuscation (1)

slifox (605302) | more than 5 years ago | (#27147225)

This is a pretty insecure authentication mechanism, because it necessarily has to be simple -- so you'll want to use some obscurity as well.

Make sure that if the incorrect answer is given, the user is redirected to a 'login success' page that has minimal and outdated content.
They will quickly lose interest and leave.

If you redirect to a 'login error' page, then they may try harder to get in.

Another approach would be to distribute (multiple or a single) SSL client keys to all your neighbors.
Then its a simple matter to redirect users based on the key -- if they have it, they get the content; if they don't, they get the dummy page.

local knowedge (5, Insightful)

1u3hr (530656) | more than 5 years ago | (#27147091)

We have a forum for our village.

A couple of years ago we started to get a lot of people signing up from China, India, Russia etc and then posting spam. So now, to register with the forum you have to answer a question that requires you have some local knowledge. That gets rid of most automatic signups. And secondly, the accounts are not activated automatically but have to be approved by an administrator. So we delete those with spammy URLs in their signatures ("Buy WOW gold" seems to be a common variety). In a small community, the number of real local people siging up is a few per week. Maybe a couple of spammers get past that in a month, and then their posts and accounts are quickly deleted.

The Temporal Solution (1)

Nitroadict (1005509) | more than 5 years ago | (#27147135)

1.) Make your own server via spare comp, bought up internet connection.
You might not need a terribly fast one if you intend to keep this strictly local, so DSL or Comcast (default subscriptions) should do.

2a.) Utilizing the trust low-tech solution of offline marketing, post flyers, pass by word of mouth in the community, etc. to those in your locale that you wish to know about your site.

2b.) Here's the catch: when you inform others of your site, tell them explicitly that your site will only be online from Hour A to Hour B (i.e. 8PM to 10PM).
They will require any of the following; login info that you provided for them, a keyword to say upon entering the chat room, a certain thread to post in on the BBS, etc.
Use your imagination with this one.

3.) Repeat & vary the process, keeping your local site online only when needed or desired.
For the days that you don't want to filter access, utilize all the traditional methods of blocking outsiders out.

Not a perfect solution, but it's another tool to use rather than just whitelisting (blacklisting is less effective).

Re:The Temporal Solution (0)

Anonymous Coward | more than 5 years ago | (#27147851)

One can use the low tech solution as you mentioned for something else, that might work as well. I'm using Austin as an example, but I'm pretty sure that most cities have something similar:

Austin has a free periodical called the Austin Chronicle which comes out on a weekly basis on Thursdays. One can put an ad in this stating this week's passcode, and have it expire on Friday of the next week. On festival weeks like South by Southwest, one would have the code be in the previous week's Chronicle and active for two weeks, so the festival issue doesn't have that info in it.

Users then can use the passcode to create an account. Of course, this doesn't make it completely sure that you have nobody that isn't from that city, but it keeps it narrowed down. A person has to either have a copy of that periodical, or get the information from someone who does to get access.

Hmmm.... (-1, Troll)

Facegarden (967477) | more than 5 years ago | (#27147213)

Sounds like you're a dick. Maybe just get over it? OMFG people want to look at your site! Take advantage of it, don't get all "get off my lawn" about it.
-Taylor

Re:Hmmm.... (1)

X0563511 (793323) | more than 5 years ago | (#27147255)

Did you even read the whole post? The submitter gives plenty of reasons why they want this. It's their site, they can do what the hell they want. Either provide an answer or something else constructive, or STFU.

Re:Hmmm.... (0)

Anonymous Coward | more than 5 years ago | (#27147359)

Actually, I do feel he is a dick.

can't possibly take advantage of the locally focused services it offers

Let's say Joe want's to go to Anytown, USA. He's never been there before. Doesn't know anyone. But from what he heard, it sounds cool. Before he decides 100% to go in the Summer, he want's more info. Joe searches the web, and finds this forum. "Perfect", he thinks, "now I'll be able to ask people who live there!" So yes, I do feel that people from say, Nowhere, USA (which let's say is on the other side of the country) can take advantage of such services.

and generally take up my time because I have to block their accounts or explain to them why they can't have access.

This is 100% your fault. Why block such accounts if all they want is info? Why not just have the only forum accessible by default be an off-topic one? And if people are from your town, enable access?

Just, FYI, you do understand this is the Internet. No forum will ever be safe from the trolls.

Re:Hmmm.... (0)

Anonymous Coward | more than 5 years ago | (#27147373)

I'm not sure he adequately explained this.

Now, my Web-based board gets slammed by people from all over the world who have no reason to access it, can't possibly take advantage of the locally focused services it offers

If they have no reason to access it, why do they? It sounds like they do. Maybe they get benefit out of it that the submitter doesn't understand?

Of course, if he were being a bit more specific, eg. "we get spam from other countries", that would make a lot more sense. Or even if he said, "we don't want things we discuss of a personal nature all over the world". But he didn't say that. He said, "they have no reason to look at this."

Re:Hmmm.... (1)

N1AK (864906) | more than 5 years ago | (#27147667)

Did you even read the whole post?

He started by accusing a guy he has never met of being a dick for wanting to control access to a resource he provides, I seriously doubt whether he read the article or not would have any affect on his inability to interact via the internet.

Re:Hmmm.... (4, Insightful)

davmoo (63521) | more than 5 years ago | (#27147367)

And it sounds like you've never had to pay for things like bandwidth and server space out of your own pocket. Maybe he wants to keep it small because that's what he can afford. Information may want to be free, but the infrastructure to host it never is.

Easy... (1)

FauxReal (653820) | more than 5 years ago | (#27147249)

Make all potential users send scanned copies of at least forms of ID, one with a local address and a copy of any utility bill or credit report.

Wrong (0)

Anonymous Coward | more than 5 years ago | (#27147253)

You put it on the wrong Internet, basically.

IPv6 (0)

Anonymous Coward | more than 5 years ago | (#27147293)

This is the type of problem that always brings me back to IPv6. One of the main selling points for IPv6 is that the larger address space allows for better address categorisation. The groups could be anything, such as geographical location (including hierarchy of state, city, etc.) to organisation type (company, educational, government, etc.). As the OP has found, trying to solve this problem on an IPv4 framework is rather unwieldy and unfeasible (seriously, good luck achieving your aim with any measure of success in the near future). For an IPv6 infrastructure, such a problem would be a relatively quick solve.

Unfortunately, as many of us are aware, IPv6 isn't here yet (currently at 1-2% adoption). A proper roll-out relies on an expensive overhaul of existing internet infrastructure, which is unlikely to happen for many years. As usual, it will take IPv4 address exhaustion to get Governments and ISPs into gear. Even then, they'll probably just apply band-aid solutions for another 5-10 years.

To answer the OP's plea: don't waste your time. You'll spend an inordinate amount of energy setting up a system that trades an increased positive-hit rate for an equally increased negative-hit rate. As irritating as it is, your current manual-approach will probably consume less time in the long run than any of the other ideas floating around, such as setting up a comprehensive IP-table of all non-local addresses.

Callback/SMS (3, Interesting)

hab136 (30884) | more than 5 years ago | (#27147323)

One previously common method of authentication was call-back. You give the site your phone number, then then site calls you (and you press a digit, or answer with your modem).

Nowadays the equivilent is SMS. When they sign up, have them put in their cell number to receive an SMS, then require them to enter that code to continue. You can send SMSes via email for most carriers, so no equipment on your end. Only allow SMSes to your area code and local carriers. For people without cell phones, have them enter their landline phone number and then have a human call them.

Re:Callback/SMS (0)

Anonymous Coward | more than 5 years ago | (#27147405)

I've lived in Seattle for nearly 2 years, and I still have a phone number from Minnesota. Area codes aren't specific to any local.

Are you local? (0)

Anonymous Coward | more than 5 years ago | (#27147387)

This is a local shop for local people. There's nothing for you here.

What about...a VPN? (0)

Anonymous Coward | more than 5 years ago | (#27147395)

Doh...the simplest solution is to create a VPN :o)

Re:What about...a VPN? (1)

MichaelSmith (789609) | more than 5 years ago | (#27147423)

Have a shared killfile, then turn it inside out.

Check for tails (0, Offtopic)

Pond823 (643768) | more than 5 years ago | (#27147683)

Only no-tails aren't local.

Change the sign-up procedure (0)

Anonymous Coward | more than 5 years ago | (#27147733)

Change the sign-up page to read the following:

Hello, this site is run by Joe, living in the yellow house down the main road. If you want to have an account on this site, just drop by at my house Sunday between 3pm and 5pm to get your account details.

Please bring some time and home-made cake. Your initial status on the site depends on the taste of the cake.

other port + robots.txt (1)

Errtu76 (776778) | more than 5 years ago | (#27147769)

Run your main site on a port other than 80/443. Have another site listen to port 80 with a kind message to please go bugger off. Tell your visitors to go to the site with the other port. Make use of the robots.txt file so that site won't get indexed.

Use some geolocation database (1)

Trahho (1496885) | more than 5 years ago | (#27147777)

I'd suggest you to look into some geolocation/ipaddress database such as http://www.maxmind.com/app/city [maxmind.com] to deny access to the signup form for "foreigners".

They have two editions of their database, a commercial one and a free one which is inferior to the commercial product (in terms of accuracy). They also offer code to read from the database file or a webservice (which is not free as far I remember).

At work we're using the commercial product and we're quite satisfied, despite not being US residents and thus not having the luxury of zip codes.

Keep it out of search engines (0)

Anonymous Coward | more than 5 years ago | (#27147813)

Add Meta noindex nofollow to the pages served
Include robots.txt disallow everyone

This will make sure spammers cannot find your site. This worked for me for many many years. I also follow many of the other advices given in this thread.

The best solution is a lot like using a BBS. (0)

Anonymous Coward | more than 5 years ago | (#27147889)

Don't get a DNS name for the site, set up a server with a separate IP address and give that to them.

A few issues (4, Informative)

Canazza (1428553) | more than 5 years ago | (#27147897)

Your local audience may leave the area (either on holiday or to live) but still want to talk to people back home. This means that blanket IP Range blocking is out of the question.
What I suggest is restrict viewing the website to people who are logged in. A default splash page for those not logged in could be shown that's minimal in graphics and text, containing just the log-in form and a 'register here'.

To stop unwanted people registering a new account, you could to a blanket IP ban on the registration page ONLY, meaning that a local person can register at home, and then roam to wherever and still access the site.

someone mentioned earlier this library [webhosting.info] for blocking a range of IP's by country and this PHP class [jpederson.com] that can do it too.
Just use them on the registration page and set up a redirect for those who are not logged in (regardless of location) and you should have a nice walled in forum.

Referrals Only (2, Insightful)

Secret Rabbit (914973) | more than 5 years ago | (#27147957)

Set-up account registration such that you can only get an account if you were referred by an existing user. You know, since you already have a good sized user base (you do, yes?). It isn't unreasonable as long as you're keeping things local. Most people should know one another, or know someone who knows someone.

But, honestly, why are you even explaining yourself to these people. An email solely with RTFM in it with a link to the page the explains what the site is about is more than enough. Seriously, stop feeding the help vampires.

easy (0)

Anonymous Coward | more than 5 years ago | (#27147999)

Do an IP filter so only prople in your area can sign up for an account. The website can then be put on the web.

Perhaps using HTTP referrers? (1)

TrixX (187353) | more than 5 years ago | (#27148115)

It is hard to think a good solution without knowing what you mean by "locals" (is there a simple offline way to get them a passphrase?), what kind of users you have (will they be thrown off from the site if they have to login?), etc.

Anyway, something that might work and can be used together with other filtering methods mention by other people here is filtering by HTTP referrer field.

This is assumming that your users have alternate ("local") ways of getting the URL of your site, and you don't mind being a bit detached from the rest of the web (apparently, you don't). So what you do, is filter every HTTP request where the referrer field is not empty or inside your site. This will essentially stop people from following links from other sites (google, blogs, whatever) into your site. You will be able to enter your site only by entering your URL (like knowing the BBS phone number), and then following internal links. Of course, this is not "secure" (for someone who knows http, it is not very hard to enter directly once they realize how the filter works), but I think it will stop a lot of "casual bypassers".

Btw, if you avoid being in google (robots.txt covering your whole site) you will avoid a lot of visitors already.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?