diff --git a/controllers/forms.js b/controllers/forms.js
index a4994d22..f4de9211 100644
--- a/controllers/forms.js
+++ b/controllers/forms.js
@@ -71,7 +71,8 @@ router.post('/board/:board/deleteboard', /*geoAndTor, torPreBypassCheck, process
 
 //global management forms
 router.post('/global/editbans', useSession, sessionRefresh, csrf, calcPerms, isLoggedIn, hasPerms(1), paramConverter, editBansController); //remove bans
-router.post('/global/addban', geoAndTor, torPreBypassCheck, processIp, useSession, sessionRefresh, csrf, calcPerms, isLoggedIn, hasPerms(1), paramConverter, addBanController); //add ban manually without post
+//commented out for now, because we cant add a manual ban based on a non existing hash suffix (or fetch the full hash from a non existing post), and the user wouldnt know if it the post didn't exist so its pointless anyway. 
+//router.post('/global/addban', geoAndTor, torPreBypassCheck, processIp, useSession, sessionRefresh, csrf, calcPerms, isLoggedIn, hasPerms(1), paramConverter, addBanController); //add ban manually without post
 router.post('/global/deleteboard', useSession, sessionRefresh, csrf, paramConverter, calcPerms, isLoggedIn, hasPerms(1), deleteBoardController); //delete board
 router.post('/global/addnews', useSession, sessionRefresh, csrf, calcPerms, isLoggedIn, hasPerms(0), addNewsController); //add new newspost
 router.post('/global/deletenews', useSession, sessionRefresh, csrf, calcPerms, isLoggedIn, hasPerms(0), paramConverter, deleteNewsController); //delete news
diff --git a/controllers/forms/addban.js b/controllers/forms/addban.js
index d32080d6..a9c27efc 100644
--- a/controllers/forms/addban.js
+++ b/controllers/forms/addban.js
@@ -23,14 +23,14 @@ module.exports = async (req, res, next) => {
 		errors.push(`Modlog message must be ${globalLimits.fieldLength.log_message} characters or less`);
 	}
 
-    let redirect = req.headers.referer;
-    if (!redirect) {
-        if (!req.params.board) {
-            redirect = '/globalmanage/bans.html';
-        } else {
-            redirect = `/${req.params.board}/manage/bans.html`;
-        }
-    }
+	let redirect = req.headers.referer;
+	if (!redirect) {
+		if (!req.params.board) {
+			redirect = '/globalmanage/bans.html';
+		} else {
+			redirect = `/${req.params.board}/manage/bans.html`;
+		}
+	}
 
 	if (errors.length > 0) {
 		return dynamicResponse(req, res, 400, 'message', {
diff --git a/helpers/decodequeryip.js b/helpers/decodequeryip.js
index c13d4c02..bb2b8881 100644
--- a/helpers/decodequeryip.js
+++ b/helpers/decodequeryip.js
@@ -7,7 +7,7 @@ const escapeRegExp = require(__dirname+'/escaperegexp.js')
 module.exports = (query, permLevel) => {
 	if (query.ip && typeof query.ip === 'string') {
 		const decoded = decodeURIComponent(query.ip);
-		if (permLevel <= ipHashPermLevel && isIP(decoded)) { //if perms to view raw ip, allow querying
+		if (permLevel <= ipHashPermLevel && (isIP(decoded) || decoded.match(/[a-z0-9]{24}/i))) { //if perms to view raw ip or bypass, allow querying
 			return decoded;
 		} else if (decoded.length === 10) { //otherwise, only allow last 10 char substring
 			return new RegExp(`${escapeRegExp(decoded)}$`);
diff --git a/models/forms/addban.js b/models/forms/addban.js
index 345d1086..7869ecf5 100644
--- a/models/forms/addban.js
+++ b/models/forms/addban.js
@@ -13,21 +13,21 @@ module.exports = async (req, res, redirect) => {
 
 	const banPromise = Bans.insertOne({
 		//note: raw ip and type single because of
-        'type': 'single',
-        'ip': {
-            'single': isIP(req.body.ip) ? hashIp(req.body.ip) : req.body.ip,
-            'raw':  req.body.ip,
-        },
-        'reason': req.body.ban_reason || req.body.log_message || 'No reason specified',
-        'board': req.params.board || null,
-        'posts': null,
-        'issuer': req.session.user,
-        'date': actionDate,
-        'expireAt': new Date(actionDate.getTime() + (req.body.ban_duration || defaultBanDuration)),
-        'allowAppeal': req.body.no_appeal ? false : true,
-        'appeal': null,
-        'seen': false,
-    });
+		'type': 'single',
+		'ip': {
+			'single': isIP(req.body.ip) ? hashIp(req.body.ip) : req.body.ip,
+			'raw':  req.body.ip,
+		},
+		'reason': req.body.ban_reason || req.body.log_message || 'No reason specified',
+		'board': req.params.board || null,
+		'posts': null,
+		'issuer': req.session.user,
+		'date': actionDate,
+		'expireAt': new Date(actionDate.getTime() + (req.body.ban_duration || defaultBanDuration)),
+		'allowAppeal': req.body.no_appeal ? false : true,
+		'appeal': null,
+		'seen': false,
+	});
 
 	const modlogPromise = Modlogs.insertOne({
 		'board': req.params.board || null,
diff --git a/views/pages/managebans.pug b/views/pages/managebans.pug
index e4d1130d..282fc917 100644
--- a/views/pages/managebans.pug
+++ b/views/pages/managebans.pug
@@ -11,12 +11,6 @@ block content
 	br
 	+managenav('bans')
 	hr(size=1)
-	h4.no-m-p Add Ban:
-	.form-wrapper.flexleft
-		form.form-post(action=`/forms/board/${board._id}/addban`, enctype='application/x-www-form-urlencoded', method='POST')
-			input(type='hidden' name='_csrf' value=csrf)
-			include ../includes/addbanform.pug
-	hr(size=1)
 	h4.no-m-p Bans & Appeals:
 	form(action=`/forms/board/${board._id}/editbans` method='POST' enctype='application/x-www-form-urlencoded')
 		include ../includes/managebanform.pug