Customizing SMF > Modifications and Packages

Forum Firewall

<< < (155/165) > >>

emwe:
Hello,

I have installed that mod on SMF 2.0.2 a few days ago and so far it looks good. Great work. Thank you for doing that.

But I have some little problems

1. Server Ports
I want to have the server available on ports 80 and 443. When I add 80|443 into the server port field I see warnings for both ports in the firewall (Invalid Port Access: 443! or Invalid Port Access: 80!). As long as I add only one port I get the warning only for the other port.
2. I get a lot of entries like this: Hack: %3d!
Header: GET /index.php?action=helpadmin%3Bhelp%3Dforumfirewall_good_ua HTTP/1.1 facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)
I assume this is because there is a  %3d in the SQL Injection rules.
However that URL is generated by another mod Social Buttons http://custom.simplemachines.org/mods/index.php?mod=3354.
Adding that useragent to the ua whitelist did not help. This is still logged.
Question: What do I risk if I remove %3d from the SQL Injection Rules?

butchs:

--- Quote from: emwe on August 14, 2012, 10:47:12 AM ---1. Server Ports
I want to have the server available on ports 80 and 443. When I add 80|443 into the server port field I see warnings for both ports in the firewall (Invalid Port Access: 443! or Invalid Port Access: 80!). As long as I add only one port I get the warning only for the other port.

--- End quote ---

Oh, I will look at that this weekend.  Could be an error in the code.


--- Quote from: emwe on August 14, 2012, 10:47:12 AM ---2. I get a lot of entries like this: Hack: %3d!
Header: GET /index.php?action=helpadmin%3Bhelp%3Dforumfirewall_good_ua HTTP/1.1 facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)
I assume this is because there is a  %3d in the SQL Injection rules.
However that URL is generated by another mod Social Buttons

--- End quote ---

If you use that mod you will need to remove "|%3d" from the SQL Injection rules.

In Hexadecimal %3d represents a '='.  Could be used against you.  But you have other protection measures.  Not sure if it is a big deal...  The again, you could change it from "%3d" to "&#61" which is a more preferred sanitization.

Texan78:

--- Quote from: butchs on August 07, 2012, 09:27:26 PM ---The setting on the mod is the "Trigger (#/sec) ".  So if your have Google set to 2.  It can hit you're site every 2 seconds.  The mod counts the hits in your cache.  So if you have your cache set to 20, Google can hit you 10 times.  That will give Google a minimum Trigger of 10/20 = 0.5.

Google ignores robots.tst.  So your setting there does not matter.   In 20 seconds the bot will visit you 2 times.  A minimum Trigger of 2/20 = 0.1.

If you have a crawl rate of .7, a bot will need to hit you 20 x .7 - 14 times to get blocked.  This Trigger is a good starting point.  I do not recommend going below it.

Set it to what you want.  I suggest:
robots.tst 10
Google 2
Trigger .7


If you uninstall the mod and reinstall it, the mod will try to read your robots.tst file.  Or just make your changes manually...

make sure you test before going live and start blocking.

--- End quote ---

Thank you for your help Butchs, I have used your suggestion and everything seems to be functioning smoothly. Now I can just tweak as needed as the forum grows should issues arise.

-Thanks!

butchs:

--- Quote from: butchs on August 14, 2012, 09:25:40 PM ---
--- Quote from: emwe on August 14, 2012, 10:47:12 AM ---1. Server Ports
I want to have the server available on ports 80 and 443. When I add 80|443 into the server port field I see warnings for both ports in the firewall (Invalid Port Access: 443! or Invalid Port Access: 80!). As long as I add only one port I get the warning only for the other port.

--- End quote ---

Oh, I will look at that this weekend.  Could be an error in the code.

--- End quote ---

Can you try this fix.  Search ForumFirewall.php

--- Code: ---foreach ($good_port as $good_ports) {
$pos = strpos($forumfirewall_port, $good_ports);
if ($pos === false) {
//  Good port is not being used so block
$forumfirewall_data['sql_reason'] = $forumfirewall_port;
$result[0] = '11';
unset($good_port, $good_ports);
forumfirewall_block($forumfirewall_data, $result);
return;
} }
--- End code ---

replace with:

--- Code: ---$ffports_validated = false;
foreach ($good_port as $good_ports) {
$pos = strpos($forumfirewall_port, $good_ports);
if ($pos !== false) {
//  Good port is detected
$ffports_validated = true;
} }
if ($ffports_validated === false) {
//  Good port is not being used so block
$forumfirewall_data['sql_reason'] = $forumfirewall_port;
$result[0] = '11';
unset($good_port, $good_ports);
unset($ffports_validated);
forumfirewall_block($forumfirewall_data, $result);
return;
}
unset($ffports_validated);
--- End code ---



tMicky:
For some reason, this Firewall Mod and the Bad Behavior Mod - have an issue with:
./Themes/Glacier/index.template.php - for both mods, I got Test Failed.

I haven't had issues with other mods and this Theme.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version