Advertisement:

Author Topic: httpBL  (Read 375309 times)

Offline BellGab.com

  • Jr. Member
  • **
  • Posts: 170
    • The CoastGab Forum
Re: httpBL
« Reply #400 on: November 17, 2010, 06:28:36 AM »
this is one of the most innovative and important mods i've installed in the time i've used SMF.  i hope it works as advertised, and i believe it will.  great work.

Offline IdanC

  • Jr. Member
  • **
  • Posts: 214
  • Gender: Male
    • mila.fm
Re: httpBL
« Reply #401 on: November 17, 2010, 11:32:32 AM »
a small donation shall be made soon to show my appreciation  :)

excuse me for the lack of modesty, but i just wanted to prove i stand by my word, see transaction 4WF97435MB975280D  :)

keep up the good work!

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #402 on: November 18, 2010, 07:50:25 AM »
a small donation shall be made soon to show my appreciation  :)

excuse me for the lack of modesty, but i just wanted to prove i stand by my word, see transaction 4WF97435MB975280D  :)

keep up the good work!

Thank you very much.

With more people thinking as you maybe I could forget about working on other projects and concentrate more on these anti-spam mods.

Really appreciated it.
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Offline EL34

  • Jr. Member
  • **
  • Posts: 264
Re: httpBL
« Reply #403 on: November 21, 2010, 07:47:59 AM »
Yo Snoop,
Found a bug this morning.

There were 5 pages to the spammers log
There were 2 pages of the humans log

Clicking on page 2 of the humans log sends me to the spammers log
I can't view page 2 of the humans log.
Screen shot attached

Forum History -> EZBoard -> YABB -> SMF 1.1.19 -> SMF 2.0.14

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #404 on: November 21, 2010, 08:47:29 AM »
Yo Snoop,
Found a bug this morning.

There were 5 pages to the spammers log
There were 2 pages of the humans log

Clicking on page 2 of the humans log sends me to the spammers log
I can't view page 2 of the humans log.
Screen shot attached

I saw that bug a few weeks ago and it's already sorted in the next version I'm doing. In the mean time, before I finish testing and debugging this new version and I publish it, you can sort it manually:

========================

For SMF 1.x

Open the file /path/to/your/forum/Sources/httpBL_Config.php

Find the line:

Code: [Select]
$context['page_index'] = constructPageIndex($scripturl . '?action=httpBL;sa=viewlog;sort=' . $context['sort'] . ($context['sort_direction'] == 'down' ? ';desc' : ''), $_REQUEST['start'], $num_log_entries, $entries_per_page);

Replace it with:

Code: [Select]
$context['page_index'] = constructPageIndex($scripturl . '?action=httpBL;sa=' . $context['sub_action'] . ';sort=' . $context['sort'] . ($context['sort_direction'] == 'down' ? ';desc' : ''), $_REQUEST['start'], $num_log_entries, $entries_per_page);

========================

For SMF 2.x

Open the file /path/to/your/forum/Sources/httpBL_2_Config.php

Find the line:

Code: [Select]
$context['page_index'] = constructPageIndex($scripturl . '?action=admin;area=httpBL;sa=viewlog;sort=' . $context['sort'] . ($context['sort_direction'] == 'down' ? ';desc' : ''), $_REQUEST['start'], $num_log_entries, $items_per_page);

Replace it with:

Code: [Select]
$context['page_index'] = constructPageIndex($scripturl . '?action=admin;area=httpBL;sa=' . $context['sub_action'] . ';sort=' . $context['sort'] . ($context['sort_direction'] == 'down' ? ';desc' : ''), $_REQUEST['start'], $num_log_entries, $items_per_page);
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Offline EL34

  • Jr. Member
  • **
  • Posts: 264
Re: httpBL
« Reply #405 on: November 21, 2010, 05:11:47 PM »
Thanks, I'll do the manual edit as per your post
Forum History -> EZBoard -> YABB -> SMF 1.1.19 -> SMF 2.0.14

Lou69

  • Guest
Re: httpBL
« Reply #406 on: November 25, 2010, 02:36:15 PM »
You got 25 clams coming your way Snoopy, thanks for the excellent mod. PM sent to you with confirmation number.

I just upgraded to RC4 and upgraded to your 2.4 httpBL mod as well. Made the two edits noted on the previous 2 or 3 pages and all went well. Your previous version of the honeypot trapped over 500 bad actors in maybe 8 or so weeks.

 :)

best regards,

Lou


Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #407 on: November 25, 2010, 03:29:57 PM »
Thanks for the donation Lou. Every little helps...

I see now what mod you were talking about, so you don't need to answer now my other PM lol
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Lou69

  • Guest
Re: httpBL
« Reply #408 on: November 25, 2010, 05:37:02 PM »
.
.
You are very welcome.   :) 

Offline SOC Caesar

  • Semi-Newbie
  • *
  • Posts: 14
  • Gender: Male
    • Spectres of Convoy
Re: httpBL
« Reply #409 on: November 28, 2010, 07:52:27 AM »
Was thinking, if I wanted to put 'Spammers stopped by MOD httpBL: 2395' and keep it updating on a custom HTML or PHP block. Is this possible?
If not its no biggy, just a thought  ;)

Offline EL34

  • Jr. Member
  • **
  • Posts: 264
Re: httpBL
« Reply #410 on: November 28, 2010, 09:13:25 AM »
Sure, how I would do it is to use php to open the database table and grab the spammer count figure
Then you could post it on a web page.

I don't have any code handy, just wanted to say that it can be done.
Forum History -> EZBoard -> YABB -> SMF 1.1.19 -> SMF 2.0.14

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #411 on: November 28, 2010, 02:03:56 PM »
Was thinking, if I wanted to put 'Spammers stopped by MOD httpBL: 2395' and keep it updating on a custom HTML or PHP block. Is this possible?
If not its no biggy, just a thought  ;)

I have done it in my forum.

I was going to add this to the tutorial, but it seems I never find time to finish it, so I will explain it here. Check this:

http://www.snoopyvirtualstudio.com/foro/

At the top of the forum you can see a picture saying "Spammers Needed Urgently" if you see it in English or "Necesitamos Spammers Urgentemente" if you see it in Spanish.

Both in English or Spanish have a number at the bottom right corner where the amount of spammers caught is updated automatically.

To do this I have used this code:

Code: [Select]
  echo '
  <!-- BANNER -->
  <div align="center" style="background: #transparent;">
    <div style="position: relative; width: 700px; height: 185px; overflow: hidden;">
      <table width="100%" border="0" cellpadding="0" cellspacing="0">
        <tr>
          <td align="center" width="100%" valign="top">
            <a href="http://www.snoopyvirtualstudio.com/miel/" target="_blank"><img src="http://www.snoopyvirtualstudio.com/images/mod_A_S.english.png" title="" alt="warez forum" border="0" /></a></td>
        </tr>
      </table>
      <div style="position: relative; top: -35px; right: -289px; width: 95px; height: 17px; color: white; background: transparent; font-size: 15px; font-family: verdana, sans-serif; text-align: right; overflow: hidden;">
        <b>' . $modSettings['httpBL_count'] . '</b>
      </div>
    </div>
  </div>
  <!-- /BANNER -->';

Of course the actual code I use in my forum is a lot more complicated, because I count all the spammers caught by both mod httpBL and Stop Spammer, and not only in my forum, but in the 6 forums I administer, and also the output is slightly different if you are watching the page in English or Spanish.

I have reduced it there to give you only the English version and only with the spammers caught by mod httpBL in my main forum.

Feel free to copy the pictures if you like them and to copy and modify that code to whatever you want.

If you like the picture but want to modify the text, the background or whatever, here you have it in PhotoShop format:

http://www.snoopyvirtualstudio.com/descargas/MOD-httpBL/mod_A_S.psd.zip

Also, as you can see, my picture is a link to another of my forums. You should change the href="" to whatever you want or delete the link completely, replacing this:

Code: [Select]
          <td align="center" width="100%" valign="top">
            <a href="http://www.snoopyvirtualstudio.com/miel/" target="_blank"><img src="http://www.snoopyvirtualstudio.com/images/mod_A_S.english.png" title="" alt="warez forum" border="0" /></a></td>

With this:

Code: [Select]
          <td align="center" width="100%" valign="top">
            <img src="http://www.snoopyvirtualstudio.com/images/mod_A_S.english.png" title="" alt="warez forum" border="0" /></td>

Also, please, if you are going to use my picture, don't use the code exactly as it is there. It will take bandwidth from my server. Copy the picture, upload it to your server and replace:

Code: [Select]
            <img src="http://www.snoopyvirtualstudio.com/images/mod_A_S.english.png" title="" alt="warez forum" border="0" />

With:

Code: [Select]
            <img src="http://www.your.web.page.com/path/to/your/images/mod_A_S.english.png" title="whatever title you want" alt="whatever alt you want" border="0" />

====================

You also need to remember that the actual number of spammers caught is inside the variable:

$modSettings['httpBL_count']

So you can just use this number if you want to do the code completely different. No need to do any database query or anything like that.

====================

Whatever way you code this, you need to check that $modSettings has been declared global before you can use it, so if you are going to put this for example inside the file index.template.php inside the function template_main_above() you need to be sure inside the Theme you are using, the variable $modSettings is written inside all the globals at the beggining of the function.

If it's not, you need to add the line:

Code: [Select]
global $modSettings;

Just before whatever you put your code.

====================

I hope the explanation was clear enough.

Any doubts (as always) just ask.  ;)
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Offline SOC Caesar

  • Semi-Newbie
  • *
  • Posts: 14
  • Gender: Male
    • Spectres of Convoy
Re: httpBL
« Reply #412 on: November 28, 2010, 02:21:21 PM »
Thanks Snoopy, excellent info. Was looking at putting it in a portal block either html or php.
« Last Edit: November 28, 2010, 04:00:45 PM by SOC Caesar »

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #413 on: November 28, 2010, 05:13:31 PM »
In a portal as in TinyPortal or SimplePortal or any other portal published here in SMF as mod?

If the answer is yes you won't have any problem at all.

Just remember to declare $modSettings has global inside the block you are using (if it hasn't been already done there). And that's it.

If you are talking about a portal as Joomla, Mambo, Drupal, etc, it's a little more difficult but can be done as well using the SMF file SSI.php
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #414 on: November 28, 2010, 05:15:46 PM »
btw, you cannot do it HTML, it will need to be PHP, because you need to use the PHP variable $modSettings['httpBL_count'] which is the one with the number of spammers blocked inside it.
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Offline SOC Caesar

  • Semi-Newbie
  • *
  • Posts: 14
  • Gender: Male
    • Spectres of Convoy
Re: httpBL
« Reply #415 on: November 28, 2010, 09:52:58 PM »
Its with Simpleportal 2.3.3 and SMF 2.0RC4

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #416 on: November 28, 2010, 10:20:53 PM »
When you have it done give me a link to see the result. I'm curious now.  ;)

And if you find any problem in the process tell me and I will give you a hand.
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Offline SOC Caesar

  • Semi-Newbie
  • *
  • Posts: 14
  • Gender: Male
    • Spectres of Convoy
Re: httpBL
« Reply #417 on: November 30, 2010, 03:28:57 PM »
Thanks it works, just need to make a graphic now. Link to forum also sent.
Many thanks

Offline societyofrobots

  • Jr. Member
  • **
  • Posts: 198
Re: httpBL
« Reply #418 on: December 06, 2010, 07:14:05 PM »
I noticed this bug I can't figure out . . . I'm using v2.4 with SMF 1.1.12.

First, I have "Number of days to consider good an IP" set to 40, so why is this user being triggered? Why does it say 65 days at 5pm, but 71 days for the other times? I have 'Hours until an IP needs to prove again it's human" set to 48 hours, so why is it repeatedly triggered?
Quote
Date      IP            Th. L. L. B. A.   S.   H.   C.   User    
Today at 03:47:02 PM   195.112.221.78   15   71   Yes         Aber   
Today at 05:00:43 PM   195.112.221.78   15   65   Yes         Aber   
Today at 05:42:23 PM   195.112.221.78   15   71   Yes         Aber   
Today at 06:17:37 PM   195.112.221.78   15   71   Yes         Aber   
Today at 06:34:32 PM   195.112.221.78   15   71   Yes         Aber

Second, if I click httpBL Humans Log, and then click on any page number, it'll incorrectly jump to that page number for httpBL Spammers Log instead.

Offline snoopy_virtual

  • Sophist Member
  • *****
  • Posts: 1,155
  • Gender: Male
    • jcredondosnoopy on Facebook
    • Snoopy Virtual Studio
Re: httpBL
« Reply #419 on: December 07, 2010, 06:49:44 AM »
I noticed this bug I can't figure out . . . I'm using v2.4 with SMF 1.1.12.

There are a lot of different questions there. Let me try to answer them one by one:

First, I have "Number of days to consider good an IP" set to 40, so why is this user being triggered?

All the entries from this user are inside the "Humans log". That means the user has not been bothered at all. He has never seen the warning page or noticed anything wrong.

The entries are logged anyway so you can see somebody has been in your forum with some data inside the spammers DB in Project Honey Pot, but the log is telling you that, as the "number of days..." was bigger than 40, the mod didn't stop the user.

Why does it say 65 days at 5pm, but 71 days for the other times?

Unfortunately, the connexion with Honey Pot's DB is not 100% perfect all the time, so every now and then there is a mistake like that.

You need to remember there are thousands of people using that DB every day. Only here in SMF the last count was more than 1500 forums using it, and there are mods using that DB for almost all other forums, CMS programs (Mambo, Drupal, Joomla, etc), Blogs, etc.

If too many people try to access the DB at the same time it is possible one of the answers is wrong. That's the reason why this mod never do anything too drastic (like banning a user forever or giving a "free pass" card to somebody forever) but always try to confirm if it's true we are dealing with a spammer or a good guy.

I have 'Hours until an IP needs to prove again it's human" set to 48 hours, so why is it repeatedly triggered?

The cookie you are talking about is only given to users who have actually proven they are human.

This only happens when they see the warning page and they answer the 2 questions to prove they are human. Anybody in your forum in that situation won't see the warning page again for 48 hours.

This user you have here in your logs has never seen the warning page, so he hasn't really proved he's human. You cannot be really sure if it's actually the human user who is visiting your forum or if it's a trojan inside his computer, acting as the user but without the user's knowledge.

When the mod cannot be sure if a visitor is human or robot, it puts the data in the cache, instead of giving a cookie to the visitor, so it will be checked again when the cache expires (default is 5 minutes) not when the cookie expires.

When something like that happens in my forums I contact as soon as possible the users (if I can) to let them know they may have a trojan in their computer.

When the users answer me saying they have checked the computer and there is no trojan there, I move them (if I really trust them) to one of the "trusted" member groups I have in my forums, so they won't be checked by the mod ever again.

You need to remember (from version 2.4 onwards) I have added a new permission you can set for all the member groups you really trust, so the mod won't check them. But you need also to remember that sometimes people cannot really recognize a trojan inside their computer.

I have friends who have told me they haven't got any viruses in their computers but, when I have checked their computers myself, I have found some. I trust those friends for anything else, but I don't "trust" them recognizing viruses or trojans.

Second, if I click httpBL Humans Log, and then click on any page number, it'll incorrectly jump to that page number for httpBL Spammers Log instead.

That bug was reported a couple of weeks ago here.

I have it already sorted in the next version I am doing for this mod. This new version should have been already published but, every time it's almost finished, I find something else I need to change or fix, so it's taking me longer than I thought.

In the mean time, before I finish this new version, you can patch it manually following these instructions:

http://www.simplemachines.org/community/index.php?topic=366399.msg2857312#msg2857312
El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.