General ⇒ $this->Website ⇒ Stop Forum Spam ⇒ Community Forums ⇒ CPG Dragonfly™ CMS

Stop Forum Spam Reply to topic

DJ Maze Offline Joined: Apr 19, 2004 Posts: 6367 Location: http://tinyurl.com/5z8dmv 0 👍 / 0 👎	Thu Dec 18, 2014 1:08 pm v10 has nice spam protection which already marks "valid" user agents like Chrome or Firefox as bots (because they are, else they would send a different HTTP header) In our quest for more protection i added another feature. It seems some bots try to access modules.php which result in the following path: /Your_Account/modules_php/op=new_user.html aka ?name=Your_Account&file=modules_php&op=new_user So, i made the file /modules/Your_Account/modules_php.php `<?php $SQL = \Dragonfly::getKernel()->SQL; if ($ip = \Dragonfly_Net::filterIP($_SERVER['REMOTE_ADDR'])) { $ip = $SQL->escapeBinary($ip['ipn']); $SQL->exec("INSERT IGNORE INTO {$SQL->TBL->security_ips} (ipn_s, type, details) VALUES ({$ip}, 0, {$SQL->quote($_SERVER['REQUEST_URI'])})"); $SQL->query("DELETE FROM {$SQL->TBL->security_cache} WHERE ipn={$ip}"); } exit('Banned');` 1 day further and 88 IP's are banned. It's just nuts! Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS): Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial Last edited by DJ Maze on Thu Dec 18, 2014 2:11 pm; edited 4 times in total
layingback Offline Joined: Apr 19, 2004 Posts: 1414 Location: Andalucia 0 👍 / 0 👎	Thu Dec 18, 2014 1:48 pm Good stuff. Anyone able to backport this - or at least some of this - to v9, please? Pro_News CM™ - Content Management for Dragonfly CMS™ Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS): Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4
DJ Maze Offline Joined: Apr 19, 2004 Posts: 6367 Location: http://tinyurl.com/5z8dmv 0 👍 / 0 👎	Thu Dec 18, 2014 2:00 pm If you have some apache logs which contain "modules.php" i can Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS): Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial
layingback Offline Joined: Apr 19, 2004 Posts: 1414 Location: Andalucia 0 👍 / 0 👎	Fri Dec 19, 2014 10:02 am DJ Maze wrote If you have some apache logs which contain "modules.php" i can S'OK then, I don't seem to have that issue ... at least not yet! I do have occasional attempts to open a folder, eg: .../Forums or .../Pro_News They must make it up as they go along Thanks anyway! Season's Greetings! Pro_News CM™ - Content Management for Dragonfly CMS™ Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS): Linux / 1.3.39 - 2.4.9 / 5.5.42 - 5.6.16 / 5.4.37 - 5.5.11 / 9.4
DJ Maze Offline Joined: Apr 19, 2004 Posts: 6367 Location: http://tinyurl.com/5z8dmv 0 👍 / 0 👎	Wed Jan 21, 2015 4:44 pm For anyone who is interested i made a page to list them: dragonflycms.org/banned.html Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS): Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial
DJ Maze Offline Joined: Apr 19, 2004 Posts: 6367 Location: http://tinyurl.com/5z8dmv 0 👍 / 0 👎	Fri Feb 06, 2015 3:39 pm 1666 Banned IP's, where does it end? Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS): Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial
All times are UTC Post new topic Reply to topic Forum Index ⇒ $this->Website Page 1 of 1