Home » Forums » ejabberd & XMPP » ejabberd Administration

Reserve / blacklist JIDs

Submitted by Roi on Mon, 2008-12-22 17:49

Hello all,

is there a way to reserve / blacklist JIDs in ejabberd?

I don't like users like for example admin@, hostmaster@, root@... because they implement certain functionality which isn't there or for sure maybe also usernames which are politicly incorrect.

Kindest regards,
Martin

‹ Fail to login in cluster mode though http-bind A way to disable digest-uri SASL authenticaiton / or a command line client that can handle it? ›

Re: Reserve / blacklist JIDs

Submitted by zinid on Tue, 2008-12-30 12:48.

Hmm... I guess you can define an acl in config file and deny this usernames in mod_register.

»

Hi! open your

Submitted by Lux on Wed, 2008-12-31 13:56.

Hi!

open your ejabberd.cfg

search & edit this:

{acl, strangename, {user_glob, "xxx"}}.
{acl, strangename, {user_glob, "*admin*"}}.
{acl, strangename, {user_glob, "test*"}}.
{acl, strangename, {user_glob, "root"}}.
{acl, strangename, {user_glob, "chef"}}.
{acl, strangename, {user_glob, "king"}}.
{acl, strangename, {user_glob, "god"}}.

works great!

»

Re: Reserve / blacklist JIDs

Submitted by Roi on Wed, 2009-01-07 20:38.

Hey great thank you! I'll test this as soon as I restart the server again. :-)

»

Re: Reserve / blacklist JIDs

Submitted by Roi on Mon, 2009-01-26 11:30.

Hello,

additional question: When blacklisting JIDs, can I still manually add those specific JIDs and can existing users with these JIDs still user their accounts?

Thank and regards,
Martin

»

case sensitive or insensitive?

Submitted by Roi on Wed, 2009-11-11 10:31.

Hello all,

another question: I blacklisted "admin" and now someone created an account named "Admin".

So user names are not case insensitive?!? How can I blacklist insensitive?

And is it possible that there are users named "XXX", "xxx" and "Xxx" for example?

Kindest regards,
Martin

»

> So user names are not case

Submitted by mfoss on Mon, 2009-11-16 12:47.

> So user names are not case insensitive?

In Jabber, username is case insensitive: admin and Admin are the same. I verified in ejabberd that blocking "admin" makes impossible to register account "Admin".

> I blacklisted "admin" and now someone created an account named "Admin".

I can see two explanations:

  • You didn't blacklist "admin" correctly.
  • You blacklisted "admin" correctly, and the other account is not "Admin". Instead it's "Adm1n, or uses some UTF-8 character to appear similar to the latin characters.

You can try to register accounts ADMIN, ADMin, etc.

»

Re: Reserve / blacklist JIDs

Submitted by Roi on Tue, 2009-11-17 10:41.

This is how it looked:

> The user 'Admin@jabber.hot-chilli.net' was just created on node ejabberd@calypso.

Then I checked the config file:

> {acl, strangename, {user_glob, "admin"}}.
> {acl, strangename, {user_glob, "administrator"}}.
> {acl, strangename, {user_glob, "hostmaster"}}.

Seems to be ok or is there a typo?

I try to register other forms of "admin" and post the result.

Regards,
Martin

»

Maybe you forgot to add the

Submitted by mfoss on Wed, 2009-11-18 21:59.

Maybe you forgot to add the other parts of the config?

You should have something like this:

{acl, strangename, {user_glob, "admin"}}.
{acl, strangename, {user_glob, "administrator"}}.
{acl, strangename, {user_glob, "hostmaster"}}.

{access, register, [{deny, strangename}, {allow, all}]}.

{modules, [
  ...
  {mod_register, [
                  {access, register}
                 ]},
  ...
]}.
»

Yes, I forgot {access, register, [{deny, strangename}, {allow...

Submitted by Roi on Thu, 2009-11-19 10:47.

Hello badlop,

oh yes, I forgot

> {access, register, [{deny, strangename}, {allow, all}]}

for each virtual host I want to blacklist JIDs... Shame on me and thank you so much.

I hope this works now, keep you posted.

Can you say something about this question I asked earlier (some months ago)?

> additional question: When blacklisting JIDs, can I still manually add those specific JIDs and can existing users with these JIDs still user their accounts?

Background: I like to blacklist admin JIDs for all virtual hosts. With the main virtual host, these admin JIDs exist, with the other host, they don't exist. Also I noticed some JIDs like root and webmaster which are registered. I would like to blacklist these JIDs and (first of all) nicely talk these users out of their JID before deleting it.

Kindest regards,
Martin

»

> When blacklisting JIDs, can

Submitted by mfoss on Mon, 2009-11-23 11:19.

> When blacklisting JIDs, can I still manually add those specific JIDs

Yes, the 'register' option in mod_register only has effect when an XMPP client uses In-Band Registration to attempt to register an account. Other methods provided by ejabberd are not affected by that option, like shell ejabberdctl, or WebAdmin.

> and can existing users with these JIDs still user their accounts?

Yes, the option only affects account registration.

BTW; if you don't want the user "admin@localhost" to later register "admin111@localhost", instead of

{acl, strangename, {user_glob, "admin"}}.

you should put:

{acl, strangename, {user_glob, "admin*"}}.
»

Thanx!

Submitted by Roi on Tue, 2009-11-24 08:50.

Thank you so much for your help! I Hope that everything works fine now. :-)

»
Syndicate content

User login