General ⇒ $this->Website ⇒ Stop Forum Spam ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum Index$this->Website

Stop Forum Spam Reply to topic


v10 has nice spam protection which already marks "valid" user agents like Chrome or Firefox as bots (because they are, else they would send a different HTTP header)

In our quest for more protection i added another feature.
It seems some bots try to access modules.php which result in the following path: /Your_Account/modules_php/op=new_user.html
aka ?name=Your_Account&file=modules_php&op=new_user
So, i made the file /modules/Your_Account/modules_php.php
<?php

$SQL = \Dragonfly::getKernel()->SQL;
if ($ip = \Dragonfly_Net::filterIP($_SERVER['REMOTE_ADDR']))
{
	$ip = $SQL->escapeBinary($ip['ipn']);
	$SQL->exec("INSERT IGNORE INTO {$SQL->TBL->security_ips} (ipn_s, type, details) VALUES ({$ip}, 0, {$SQL->quote($_SERVER['REQUEST_URI'])})");
	$SQL->query("DELETE FROM {$SQL->TBL->security_cache} WHERE ipn={$ip}");
}
exit('Banned');


1 day further and 88 IP's are banned. It's just nuts!

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial

Last edited by DJ Maze on Thu Dec 18, 2014 2:11 pm; edited 4 times in total


Good stuff.

Anyone able to backport this - or at least some of this - to v9, please?

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


If you have some apache logs which contain "modules.php" i can

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial


DJ Maze wrote
If you have some apache logs which contain "modules.php" i can

S'OK then, I don't seem to have that issue ... at least not yet!

I do have occasional attempts to open a folder, eg: .../Forums or .../Pro_News

They must make it up as they go along Wink

Thanks anyway! Season's Greetings!

Pro_News CM™ - Content Management for Dragonfly CMS™

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4


For anyone who is interested i made a page to list them: dragonflycms.org/banned.html

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial


1666 Banned IP's, where does it end?

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial

All times are UTC


Jump to: