v10 has nice spam protection which already marks "valid" user agents like Chrome or Firefox as bots (because they are, else they would send a different HTTP header)
In our quest for more protection i added another feature.
It seems some bots try to access modules.php which result in the following path: /Your_Account/modules_php/op=new_user.html
aka ?name=Your_Account&file=modules_php&op=new_user
So, i made the file /modules/Your_Account/modules_php.php <?php
$SQL = \Dragonfly::getKernel()->SQL;
if ($ip = \Dragonfly_Net::filterIP($_SERVER['REMOTE_ADDR']))
{
$ip = $SQL->escapeBinary($ip['ipn']);
$SQL->exec("INSERT IGNORE INTO {$SQL->TBL->security_ips} (ipn_s, type, details) VALUES ({$ip}, 0, {$SQL->quote($_SERVER['REQUEST_URI'])})");
$SQL->query("DELETE FROM {$SQL->TBL->security_cache} WHERE ipn={$ip}");
}
exit('Banned');
1 day further and 88 IP's are banned. It's just nuts!
Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial
Last edited by DJ Maze on Thu Dec 18, 2014 2:11 pm; edited 4 times in total