[DJ Maze]

Is everyone that uses current CVS satisfied of how the security system works?

Shure there are config options missing and such but i ask this if the current available features are enough.

Personally i like the anti-flooding system that i've invented. Since january there are already 364 IP's banned due to flooding.
The system is so perfectly designed that some good bots are starting to obey the HTTP headers we are sending to them which realy makes it usefull by only banning unknown bots.

If someone noticed good people/bots were banned then report it
For now i hear nothing so probably it all works as expected.

[sultan]

Working quite well so far.

[Beldak]

Works pretty goodfrom what I can tell! Caught a few flooders already as well.

Perhaps remove the "details" link for any of the options that don't have more details? (Right now clicking on details for E-Mail Domains, Flooding, or Unknown User-Agents, doesn't do anything).

This definately beats having to always mod the .htaccess manually.

[run0]

yeah you did a great job! only problem i've had is one visitor reported being blocked, he was using a mac with firefox. I'll try to find the thread that I posted it in

[pretzy]

Seemes to work very well indeed, updating it definitely stopped a couple of suspect bots on my site,altho i did ban their IP's manually.

Great system, thanks guys

[xfsunoles]

run0 wrote:

yeah you did a great job! only problem i've had is one visitor reported being blocked, he was using a mac with firefox. I'll try to find the thread that I posted it in

thats already fixed by latest CVS?

[DJ Maze]

For safari browser? yes...
dragonflycms.org/cvs/h...=9.26-9.25

[run0]

o cool thanks

[skoeter]

Using latest DF version and somehow people get banned without warning... even worse I wanted to login today and found the Banned through bad ip screen pointing at my nose.... have been ofline for several hrs AND have had no warning... finally got in by deleting the last table line through phpMyAdmin but it has happened to more members... a ban out of the blue!!
So just been deleting all Flood bans and looked for the file to change the text on that screen I faced.... a simple addition so people read

You are banned due a bad IP
if you believe this to be an error contact the siteadmin at 'myemail'

I think that will solve a lot, thanx. I will also make it a habbit to delete (flood)bans every day 'Remove 24H Old Bans'

I DO like the IP issue in it, frequently people/bot try to add malicious links/URL (viagra etc) and I simply add their IP to the list LOL Now unregistered can add the links I do allow without registration ;0)

[darkgrue]

I think one of the biggest problems I have with the current security features is that I'm not exactly sure what it's doing, or in some cases, what it's trying to tell me. So I'm unsure as to whether it's actually working as intended, or I'm experiencing a bug.

Better documentation (is there any at all?) of the features and the settings/display would be a huge help. It'd also better enable me to evaluate their effectiveness.

[BadCO]

I'm with darkgrue on this one - documentation would be really, really useful.

[Beldak]

People get banned still far too easily. I have to turn off the Flooding option, otherwise half my userbase would be banned...

Something is still very buggy with the flooding portion.

[NanoCaiordo]

I'm currently testing and debugging the flooding while adding few more options and fixing few little bugs. But none of those bugs accelerate the banning process.

As of today it includes an IP shield, logs, debugging and the possibility to add new bots. All of those are pretty stable.

New changes will not ban an user by mistake as well as the current version. However will log all requests so we all will know why they get banned. All this is just to prove that banned users are opening 3 pages in less then 2 seconds.

Using the current version we are able to permit all this (flooding off).
With the new version we will know why they get banned if flooding is on.
If debug is on then system will log any requests coming from the same ip like proxies or browser plugins and anything that accept or not cookies.

If debug on will add one query for every page visit just like what happen already with any user agent that doesn't accept cookies (bot or browser) all the rest doesn't require NO ONE additional query to what the system does already.

Anyways a documentation will be given at the CVS commit.

[Beldak]

Sounds good Nano

Would be nice to check the logs and find out the exact reason the ban got triggered. Good work!

[Ronin]

Excellent! Thanks Nano