Topic: httpBL

[snoopy_virtual]

Link to Mod

MOD httpBL v2.2
============

Author: snoopy_virtual Version: 2.2 Release: 17th February 2010 Languages: Compatible With: SMF 1.1.1 - 1.1.11 SMF 2 RC2

Comment this Mod My MODs           Contact Snoopy via Skype

Change Log

Road Map

(Before you ask for a new feature or report a bug check if it's already in the cue waiting to be done)

Features:

• This mod uses the http:BL API from Project Honey Pot to stop spammers from accesing your forum.

• This mod is completely compatible with M-DVD's MOD Stop Spammer. You can have both mods installed or only one of them to stop the spammers in your forum, but I would recommend you to have both.

• The main differences between both mods are:
  
  
  • MOD Stop Spammer checks the database from Stop Forum Spam while MOD httpBL checks the database from Project Honey Pot.
    
    A lot of spammers are already in both databases, but some spammers are only in one of them, so it won't be a bad idea anyway to check both databases.
  
  
  • MOD Stop Spammer cheks if the visitor is a spammer when they try to register inside the forum while MOD httpBL checks them as soon as they arrive to the forum and redirect them to a file called warning.php making the whole site invisible to them.
    
    This way even harvesters (robots that never post in a forum, but search for email addresses to send them spam later) and any other kind of malicious web robots cannot even see any part of the site.

Installation:

• 1.- Go to Project Honey Pot and register there to become a member of the project.

• 2.- Once you are a member, follow the instructions from their site to install a Honey Pot in your server.

• 3.- After you get your first honey pot activated, ask them for your own http:BL API key.

• 4.- Download and install MOD httpBL as any other mod.

If you need help installing this mod or you have any question about it, you can ask just here in the post you are reading.

Thanks to Project Honey Pot for your DB and APIs.

Thanks to praseodym for the idea. His mod is for Drupal, but I have adapted some of his functions to work with SMF as well.

==========================

Languages (normal & utf-8)

• English
• English_British
• Spanish_Es
• Spanish_Latin

Code: [Select]

$txt['httpBL_honeyPot_link_error'] = 'Wrong honeyPot link. Check your MOD httpBL configuration.';
$txt['httpBL_honeyPot_key_error'] = 'Wrong http:BL API key. Check your MOD httpBL configuration.';
$txt['httpBL_title'] = 'MOD httpBL';
$txt['httpBL_description'] = 'The MOD httpBL checks every visitor\'s IP to see if it\'s already
in projecthoneypot\'s DB. If this is true the mod redirects them to the warning.php page denying
them access to the forum.<br />Here you can turn the mod on and off and change some of its parameters.';

$txt['httpBL_config'] = 'MOD httpBL settings';
$txt['httpBL_enable'] = 'Enable/Disable MOD httpBL';
$txt['httpBL_enable_bad_API_key'] = 'The API key you have written is wrong. Check it out carefully and try again.';
$txt['httpBL_honeyPot_link'] = 'Link to your Honey Pot';
$txt['httpBL_honeyPot_link_sub'] = 'If you want to use MOD httpBL you must have a Honey Pot
installed in your server. If you haven\'t got one you need to go first to
<a href="http://www.projecthoneypot.org/?rf=62759" target="_blank">www.projecthoneypot.org</a>
to ask for one and install it in your server. After that, write here the link to that Honey Pot.
It will be something like:<br /><b>http://www.yourwebsite.com/yourhoneypot.php</b>';
$txt['httpBL_honeyPot_key'] = 'Your Honey Pot http:BL API key';
$txt['httpBL_honeyPot_key_sub'] = 'If you want to use MOD httpBL you must have as well a
http:BL API key from Project Honey Pot. If you haven\'t got one you need to go first to
<a href="http://www.projecthoneypot.org/?rf=62759" target="_blank">www.projecthoneypot.org</a>
to sign up for one and write it here. Please notice they are not going to give you one if you
haven\'t installed a Honey Pot, so you better do that first.';
$txt['httpBL_honeyPot_word'] = 'Keyword of your Honey Pot link';
$txt['httpBL_honeyPot_word_sub'] = 'This is the only word in your Honey Pot link the spammers are
going to see. Write something to attract them and make them click on it and not anything scary for them.
If you cannot find out a good word just leave it blank. The mod will choose one for you.';
$txt['httpBL_info_email_1'] = 'First word of your email';
$txt['httpBL_info_email_2'] = 'Second word of your email';
$txt['httpBL_info_email_3'] = 'Third word of your email';
$txt['httpBL_info_email_sub'] = 'The mod needs your email address to tell you if there are any problems
and to show it to the human beings unlucky enough to have an IP considered as spammer and not knowing
how to get out of the page <b>warning.php</b>, so they can ask you for help. Then, it has to be a valid
email address. We have split it into 3 words so the robots cannot see it. For example, if your address is
<b>info@yourwebsite.com</b> the first word is <b>info</b>, the second one <b>yourwebsite</b>,
and the third one <b>com</b>.';
$txt['httpBL_enable_bad_email'] = 'Check the email address you have written.
You cannot leave blank any of the 3 words.';
$txt['httpBL_bad_last_activity'] = 'Number of days to consider good an IP';
$txt['httpBL_bad_last_activity_sub'] = 'If an IP used to belong some time ago to a spammer, but
nobody has seen it doing anything wrong since at least this number of days, we don\'t consider it
dangerous now and we leave the visitor pass.';
$txt['httpBL_bad_threat'] = 'Threat level considered bad';
$txt['httpBL_bad_threat_sub'] = 'Project Honey Pot gives every IP a threat level which is changing
every day depending on what this IP does and how many days ago it did it. Every IP with a threat
level greater than the number you put here won\'t be able to pass. Anyway we wouldn\'t recommend
you to change these last 2 values until you know the way the mod works.';
$txt['httpBL_viewlog_extra'] = 'View extra information in the log';
$txt['httpBL_viewlog_extra_sub'] = 'If you tick this options you are going to see all
the information in the log, but maybe it\'s too much and you will loose perspective.
Sometimes it\'s better to see only the important things.';
$txt['httpBL_config_sub_1'] = 'If you want to see the look of your "warning.php" page with
this settings (the page everybody with an IP considered dangerous is going to be redirected)
press this link:';
$txt['httpBL_config_sub_2'] = 'If you want to change its design or translate this page and you
don\'t know how, you can ask for help in the support forum:';

$txt['httpBL_viewlog'] = 'MOD httpBL log';
$txt['httpBL_viewlog_description'] = 'Every time the MOD httpBL stops a spammer or detects an
internal error adds an entry to this log you can see here.';
$txt['httpBL_log_no_entries'] = 'There is no entries in the MOD httpBL log';
$txt['httpBL_log_date'] = 'Date';
$txt['httpBL_log_ip'] = 'IP';
$txt['httpBL_log_threat'] = 'Th. L.';
$txt['httpBL_log_threat_long'] = 'Threat Level - The threat level of this IP in Project Honey Pot database.';
$txt['httpBL_log_activity'] = 'L. B. A.';
$txt['httpBL_log_activity_long'] = 'Last Bad Activity - The number of days since this IP was seen
doing domething wrong.';
$txt['httpBL_log_suspicious'] = 'S.';
$txt['httpBL_log_suspicious_long'] = 'Suspicious - Just suspicious of being a spammer.';
$txt['httpBL_log_harvester'] = 'H.';
$txt['httpBL_log_harvester_long'] = 'Harvester - A robot that surfs the internet looking for
email addresses to use them later to send spam.';
$txt['httpBL_log_comment'] = 'C.';
$txt['httpBL_log_comment_long'] = 'Comment Spammer - A robot that post to blogs and forums.
These posts typically are full of links to sites being promoted by the spammers.';
$txt['httpBL_log_url'] = 'Page';
$txt['httpBL_log_url_long'] = 'The page this IP was visiting when it was detected and expelled by the mod.';
$txt['httpBL_log_user_agent'] = 'Browser used by this IP';
$txt['httpBL_log_error_message'] = 'Error Message';
$txt['httpBL_log_no_error'] = 'No error';
$txt['httpBL_log_remove_all_confirm'] = 'Are you sure you want to delete all MOD httpBL log entries?';
$txt['httpBL_log_remove_selected_confirm'] = 'Are you sure you want to delete all selected
MOD httpBL log entries?';
$txt['httpBL_yes'] = 'Yes';
$txt['httpBL_pages'] = 'Pages';
$txt['httpBL_threat_low'] = 'Low threat';
$txt['httpBL_threat_medium'] = 'Medium threat';
$txt['httpBL_threat_high'] = 'High threat';
$txt['httpBL_threat_very_high'] = 'Very high threat';
$txt['httpBL_threat_colors'] = 'Meaning of colors:';

The only file a human visitor may ever see is the file warning.php telling him that his IP has been hijacked by a spammer and telling him what to do in this case, so apart from the above lines you need to translate this file if your visitors speak another language.

As all my websites are normally visited from people who speak either english or spanish, I have done this file warning.php in both these 2 languages, so if your visitors speak (let's say) either english or german, you will only need to replace the spanish part with the same thing in german.

I welcome new translations here, in this post you are reading

==========================

Características:

• Este mod usa la http:BL API de Project Honey Pot para impedir que los spammers puedan acceder a vuestro foro.

• Este mod es totalmente compatible con el MOD Stop Spammer de M-DVD. Puedes tener instalados los 2 mods o solo uno de ellos para parar a los spammers en tu foro, pero yo te recomendaría instalar los 2.

• Las principales diferencias entre los 2 mods son:
  
  
  • MOD Stop Spammer usa la base de datos de Stop Forum Spam mientras que MOD httpBL usa la base de datos de Project Honey Pot.
    
    Muchos spammers estan en las 2 bases de datos a la vez, pero algunos spammers solo están en una de ellas, por lo que no es una mala idea comprobar las 2 bases de datos.
  
  
  • MOD Stop Spammer comprueba si un visitante es un spammer cuando trata de registrarse en el foro, mientras que MOD httpBL lo comprueba en cuanto que llegan al foro y los redirecciona a un archivo llamado warning.php haciendo que toda la web les sea totalmente invisible.
    
    De esta forma incluso los recolectores (robots que nunca postean en los foros, sino que se dedican a buscar direcciones de email para mandarles spam) y otros tipos de robots maliciosos no pueden ver ninguna parte de vuestra página web.

Instalación:

• 1.- Ir a Project Honey Pot y registraros allí para haceros miembros del proyecto.

• 2.- Una vez que seais miembros, seguir las instrucciones de su página para instalar un Honey Pot en vuestro server.

• 3.- Cuando tengáis activado vuestro primer honey pot, pedirles vuestra propia http:BL API key.

• 4.- Bajaros el MOD httpBL e instalarlo como cualquier otro mod.

En caso de que necesites ayuda con alguno de estos pasos o que tengas alguna pregunta sobre el mod, puedes hacerlo aquí mismo es este post que estás leyendo.

Y si no hablas inglés, visita el foro de soporte de este mod en nuestro idioma.

==========================

Change Log:

Version 1.0 - 17th August 2009   o Initial release   o Can be installed in any PHP page, not only SMF   o Can block any spammer from viewing your site   o It checks IP in Project Honey Pot DB   o If match, the visitor is redirected to the "warning.php" page   o Keeps a log of "IPs stopped" in a text file in your server   o Compatible with any PHP program, so it's compatible with all SMF versions Version 2.0 - 11th February 2010   - Eliminated compatibility with other programs, making it now exclusive for SMF   + Added a powerful install script which now does everything for you with just one click   + Added an easy-to-use configuration interface to control the mod   - Eliminated the text file log, too difficult to find and read   + Added a log table in the database   + Added a view-log interface to see the information stored in it   ? Unistall old version and install new one   ? Need to edit manually 2 small things in index.template.php if you are not using the default one Version 2.1 - 15th February 2010   + Added compatibility with SMF 2.0 RC2   + Added a color system in the view-log page to see threat level of each IP stopped by the mod   + Added an option to see the view-log page with only important information or with all the extra data   + Added some lines to the language files for the new features   ? Unistall old version and install new one   ? No need to edit manually any template file if you are updating from version 2.0 Version 2.2 - 17th February 2010   + Added cached values if cache is enabled to reduce time   + Added more methods to find the visitor's IP   ! Sorted issue with servers not using Mysql   ? Unistall old version and install new one   ? No need to edit manually any template file if you are updating from version 2.0 or 2.1

Legend o Feature * Change + Added - Eliminated ! Bug Fixed ? How to Update

==========================

Road Map:

Things to do in the near future: (16th February 2010)     * I need to change the tutorial with the instruccions to install it, concentrating more in the way to ask Project Honey Pot for a http:BL API key and the couple of small things you need to edit in the file index.template.php, as the actual installation is now done as any other mod, via the Package Manager with just one click.       + When the mod finds an error it writes it in the log table. It should also email the admin if the error is an important one.       + I need to add a counter to see how many spammers the mod have stopped and display it somewhere.       + I need to Add a button in the view-log page (with some javascript) to hide or show the legend. After some days using the mod you don't really need to see it all the time.       + I need to Add a button in the view-log page to change quickly from "normal view" to "see all the extra info" without needing to change that in the config page every time.       + I need to write a FAQ with some things I already know they are going to start asking.

Legend * To be Changed + To be Added - To be Eliminated ! Bug to be Fixed

[snoopy_virtual]

While we were waiting for the mod being approved we were already trying to improve it in my site, so we are going to continue  here the conversation we had there.

If you don't know what we are talking about, check previous post in:

http://www.snoopyvirtualstudio.com/trankos/portal/index.php?option=com_smf&Itemid=36&board=30.0

[Wizzlefits]

Congrats Snoopy!!! 

And anyone reading this...
GET THIS MOD!!! It is freaking AWESOME!

And don't forget to pick up Stop Spammer

[snoopy_virtual]

Thanks Wizzlefits

And continuing what we were saying in my site, don't forget to tell me if with this new version 2.2 you still get anybody with "No IP"

I am just installing anyway CrawlTrack so I can do a few more tests myself about that.

[madfitz]

Snoopy, my last post (and attached image) in your site was with v2.2 installed (sorry, I thought I said that).

[butchs]

I had a 500 error with the old version.  Glad you fixed it?  Will advise if I ever see it again.

This mod is a must have.  Even if you do not have a spam problem this will cut back on spammer bandwidth!

[~DS~]

I am not sure if it that error is normal. See picture.

I am also having another error.

Code: [Select]

Fatal error: Call to undefined function getmobileproperties() in /home/user/public_html/forum.com/Sources/Load.php on line 1396when try going to warning.php

[snoopy_virtual]

@madfitz

You mean the one I just attached here?

When I saw it was still coming with the error "No reverse IP" I thought you still had version 2.1

I hadn't realized the IP now is not blank. It has now the word "unknown" and of course the function httpBL_reverse_ip() cannot reverse a word.

But I see it's still coming every half hour.

I am going to continue searching all the pages I know to see if I find any more information on the subject to see what can cause this problem.

In the mean time, why don't you give a try to the program Wizzlefits was talking about:

http://www.crawltrack.net

It's open source and maybe it will give you more information to see what is going on inside your site every half hour.

Apart from that, now that we are in a site visited for a lot more people than mine, maybe somebody else can give us more ideas.

======================

@butchs

What version gave you error 500 the 2.1?

[snoopy_virtual]

I am not sure if it that error is normal. See picture.

I am also having another error.

Code: [Select]

Fatal error: Call to undefined function getmobileproperties() in /home/user/public_html/forum.com/Sources/Load.php on line 1396when try going to warning.php

What picture?

Also, the function getmobileproperties() doesn't belong to this mod. I don't even know it.

[~DS~]

I am not sure if it that error is normal. See picture.

I am also having another error.

Code: [Select]

Fatal error: Call to undefined function getmobileproperties() in /home/user/public_html/forum.com/Sources/Load.php on line 1396when try going to warning.php

What picture?

Also, the function getmobileproperties() doesn't belong to this mod. I don't even know it.

Oops, forget to add the picture. Edited.

[snoopy_virtual]

I don't see any error in the picture. The only thing I see in your httpBL log is the sentence:

(There is no entries in the MOD httpBL log)

And this actually means there is no entries in the log, so you haven't catched yet any spammer.

I have installed it already in 6 forums, and in some of them it's catching only 1 a day, but in other ones it's catching a spammer every 2 or 3 hours.

So wait a few hours and try again to see the log.

========================

The another problem is more worrying.

As I was saying getmobileproperties() doesn't belong to this mod and I haven't seen it before in SMF.

Anybody knows it?

The name sounds really funny to me. Like a hack or something.

[~DS~]

I don't see any error in the picture. The only thing I see in your httpBL log is the sentence:

(There is no entries in the MOD httpBL log)

And this actually means there is no entries in the log, so you haven't catch yet any spammer.

I have installed it already in 6 forums, and in some of them it's catching only 1 a day, but in other ones it's catching a spammer every 2 or 3 hours.

So wait a few hours and try again to see the log.

========================

The another problem is more worrying.

As I was saying getmobileproperties() doesn't belong to this mod and I haven't seen it before in SMF.

Anybody knows it?

The name sounds really funny to me. Like a hack or something.

Sorry it was a iPhone mod, SMF4iPhone.
I removed it, now the  warning.php works.

[madfitz]

In the mean time, why don't you give a try to the program Wizzlefits was talking about:

http://www.crawltrack.net

It's open source and maybe it will give you more information to see what is going on inside your site every half hour.

Trying this now. What php file would you place the crawltrack tag?

[snoopy_virtual]

In the mean time, why don't you give a try to the program Wizzlefits was talking about:

http://www.crawltrack.net

It's open source and maybe it will give you more information to see what is going on inside your site every half hour.

Trying this now. What php file would you place the crawltrack tag?

I haven't installed it yet because I never install a program without reading all the documentation and (if it's open source like this one) looking a little inside the code (I even do that sometimes with the other ones as well  ) and I have been too busy today to finish with that, but I have already seen the answer to that.

Go to:

http://www.crawltrack.net/doccms.php

And scroll down to SMF   

[madfitz]

... but I have already seen the answer to that.

Go to:

http://www.crawltrack.net/doccms.php

And scroll down to SMF   

That will teach me to read the instructions

[butchs]

Yes 2.1.  So far I have not seen it in 2.2. 

[butchs]

Also, the function getmobileproperties() doesn't belong to this mod. I don't even know it.

Sounds like smf4iphone.  But in the last version I wrote, the "getmobileproperties" function was installed at the end of the load.php file and should be found so I believe he is running an older version.  Since I do not have a mobile device and have absolutely no means of supporting the mod, I gave it to "Fabius85", I am sure he can help you if you move this question to the correct thread.

[snoopy_virtual]

Yes 2.1.  So far I have not seen it in 2.2. 

Weird

From v2.1 to v2.2 I have changed these 3 things:

  1.- I have used the cache functions so now if you have cache enabled in your forum, everytime the mod do a dnslookup of an IP, it store the data in the cache for 120 seconds. This will make pages with lots of visitors load faster, but it won't affect at all to normal sites. And of course it won't affect you if you haven't cache enabled.

  2.- In version v2.1 I was using plain Mysql to display the page warning.php instead of the SMF functions db_query() or $smcFunc['db_query'] and I had put some default values just in case something went wrong. So the people using SqlLite or PostgreSQL were seeing in their warning.php always the default values.

I have found a way to sort that in v2.2 so everybody now should see in the page warning.php the values they put in the settings and not the default ones. By the way, everybody should edit the file httpBL_Subs.php to change my default values for theirs, just in case something goes wrong anyway with the db, but it's not too important. I will explain that better for normal users when I have time to continue the tutorial, so that can wait for now. (Advanced users can do it now).

Anyway this change (even if you are not using Mysql) only affects to the page warning.php, so I don't think it has anything to do with your error 500 either.

  3.- In version v2.1 I was using only $_SERVER['REMOTE_ADDR'] to find out the visitor's IP so we can check it out in the spammers db. Version v2.2 is using a lot more methods. See full list here:

http://www.snoopyvirtualstudio.com/trankos/portal/index.php?option=com_smf&Itemid=36&topic=309.msg1292#msg1292

I don't think this change can have anything to do also with error 500

Of course the problem is error 500 is too generic. It can be almost anything.

Any of the 3 changes were affecting you?

Was there any more information with the error 500? Normally no, so I suppose we will need to wait to see if it comes back again.

Cheers.

[butchs]

I am guessing that the updates in number 3.  When it happened I had several spammers get rejected.  Spammer rejection is slow at this moment.  Then again, it could be some of the things me a user were doing to test a program on the forum.  We will see in a day or so...  I really am not sure...   

[snoopy_virtual]

Also, the function getmobileproperties() doesn't belong to this mod. I don't even know it.

Sounds like smf4iphone.  But in the last version I wrote, the "getmobileproperties" function was installed at the end of the load.php file and should be found so I believe he is running an older version.  Since I do not have a mobile device and have absolutely no means of supporting the mod, I gave it to "Fabius85", I am sure he can help you if you move this question to the correct thread.

Dismal Shadow if you tell Fabius85 about this problem tell him as well that the page warning.php is using SSI.php to load all the SMF functions. He will understand what that means and can help him understand where is the problem.

Anyway, as butchs was saying maybe you were just using an old version of smf4iphone. Try if there is any update.