9.1.x security system works?

DJ Maze · Posted: Tue Jun 13, 2006 6:14 pm Post subject: 9.1.x security system works?

Is everyone that uses current CVS satisfied of how the security system works?

Shure there are config options missing and such but i ask this if the current available features are enough.

Personally i like the anti-flooding system that i've invented. Since january there are already 364 IP's banned due to flooding.
The system is so perfectly designed that some good bots are starting to obey the HTTP headers we are sending to them which realy makes it usefull by only banning unknown bots.

If someone noticed good people/bots were banned then report it Wink

For now i hear nothing so probably it all works as expected.

sultan · Nice poster Offline Joined: Nov 01, 2005 Posts: 68

Working quite well so far. Wink

Beldak · Posted: Tue Jun 13, 2006 10:35 pm Post subject: Re: 9.1.x security system works?

Works pretty goodfrom what I can tell! Caught a few flooders already as well.

Perhaps remove the "details" link for any of the options that don't have more details? (Right now clicking on details for E-Mail Domains, Flooding, or Unknown User-Agents, doesn't do anything).

This definately beats having to always mod the .htaccess manually.

run0 · Supporter Offline Joined: Jun 28, 2004 Posts: 1559

yeah you did a great job! only problem i've had is one visitor reported being blocked, he was using a mac with firefox. I'll try to find the thread that I posted it in

pretzy · Posted: Wed Jun 14, 2006 12:03 am Post subject: Re: 9.1.x security system works?

Seemes to work very well indeed, updating it definitely stopped a couple of suspect bots on my site,altho i did ban their IP's manually.

Great system, thanks guys Smile

xfsunoles · Posted: Wed Jun 14, 2006 12:11 am Post subject: Re: 9.1.x security system works?

run0 wrote:

yeah you did a great job! only problem i've had is one visitor reported being blocked, he was using a mac with firefox. I'll try to find the thread that I posted it in

thats already fixed by latest CVS?

DJ Maze · Posted: Wed Jun 14, 2006 2:00 am Post subject: Re: 9.1.x security system works?

For safari browser? yes...
dragonflycms.org/cvs/h...=9.26-9.25

run0 · Supporter Offline Joined: Jun 28, 2004 Posts: 1559

o cool thanks

skoeter · Posted: Tue Jul 03, 2007 5:39 pm Post subject: Re: 9.1.x security system works?

Using latest DF version and somehow people get banned without warning... even worse I wanted to login today and found the Banned through bad ip screen pointing at my nose.... have been ofline for several hrs AND have had no warning... finally got in by deleting the last table line through phpMyAdmin but it has happened to more members... a ban out of the blue!!
So just been deleting all Flood bans and looked for the file to change the text on that screen I faced.... a simple addition so people read

You are banned due a bad IP
if you believe this to be an error contact the siteadmin at 'myemail'

I think that will solve a lot, thanx. I will also make it a habbit to delete (flood)bans every day 'Remove 24H Old Bans'

I DO like the IP issue in it, frequently people/bot try to add malicious links/URL (viagra etc) and I simply add their IP to the list LOL Now unregistered can add the links I do allow without registration ;0)

darkgrue · Posted: Tue Jul 03, 2007 7:41 pm Post subject: Re: 9.1.x security system works?

I think one of the biggest problems I have with the current security features is that I'm not exactly sure what it's doing, or in some cases, what it's trying to tell me. So I'm unsure as to whether it's actually working as intended, or I'm experiencing a bug.

Better documentation (is there any at all?) of the features and the settings/display would be a huge help. It'd also better enable me to evaluate their effectiveness.

BadCO · Diamond Supporter Offline Joined: Sep 29, 2004 Posts: 115

I'm with darkgrue on this one - documentation would be really, really useful.

Beldak · Posted: Thu Jul 05, 2007 2:08 pm Post subject: Re: 9.1.x security system works?

People get banned still far too easily. I have to turn off the Flooding option, otherwise half my userbase would be banned...

Something is still very buggy with the flooding portion.

NanoCaiordo · Posted: Thu Jul 05, 2007 2:37 pm Post subject: Re: 9.1.x security system works?

I'm currently testing and debugging the flooding while adding few more options and fixing few little bugs. But none of those bugs accelerate the banning process.

As of today it includes an IP shield, logs, debugging and the possibility to add new bots. All of those are pretty stable.

New changes will not ban an user by mistake as well as the current version. However will log all requests so we all will know why they get banned. All this is just to prove that banned users are opening 3 pages in less then 2 seconds.

Using the current version we are able to permit all this (flooding off).
With the new version we will know why they get banned if flooding is on.
If debug is on then system will log any requests coming from the same ip like proxies or browser plugins and anything that accept or not cookies.

If debug on will add one query for every page visit just like what happen already with any user agent that doesn't accept cookies (bot or browser) all the rest doesn't require NO ONE additional query to what the system does already.

Anyways a documentation will be given at the CVS commit.

Beldak · Posted: Thu Jul 05, 2007 3:44 pm Post subject: Re: 9.1.x security system works?

Sounds good Nano Smile

Would be nice to check the logs and find out the exact reason the ban got triggered. Good work!

Ronin · Posted: Thu Jul 05, 2007 11:01 pm Post subject: Re: 9.1.x security system works?

Excellent! Thanks Nano Very Happy