News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Forum Firewall

Started by butchs, January 15, 2011, 11:00:37 AM

Previous topic - Next topic

Kindred

I don't believe that he is trying to remove the copyright...  he's trying to figure out how to put it into a non-standard theme. :)

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

leemg


eagled2

#1022
I'm looking for some assistance getting forum firewall setup. I've tried installing forum firewall a couple of times and the install completes fine, except in the core theme which i don't use, but when I try to edit the settings like enabling the mod after install I get a permission denied error with index.php.
This error is different from the similar one included on the mod page's images as the path being accessed does not show i'm looking at a report and it does not show invalid ip. The path just says index.php and the error only says permission denied. Also I get this when first trying to enable the firewall, or even just hitting save from forum firewall settings without changing anything.
In each case I have tested this I have used a newly installed copy of smf. I've installed manually using smf's installer and using softaculas through cpanel.
At first i had a couple other mods installed but when i got the error i wiped the database and directory and did a fresh install with no mods or custom themes. I've done this with smf 2.0.10 and 2.0.11.
I tried changing the permissions on the index.php file in the root and on all files added by the forum firewall mode to grant full access to user and group but that didn't help. Not sure what else would cause this permission error.
My web hosting is through ifastnet.com. Here is my web host details.
PHP Version: 5.3.29
MySQL Version:  5.6.26-cll-lve - MySQL Community Server (GPL)
Web Server: Apache hosted on linux, unsure what version but i can probably find out from my host if that's needed.

I also have the phpinfo mod installed on one forum which i can use to check what php features are enabled if needed.

Attached is a screenshot of the error:

butchs

Looks like a host issue.  Check my previous post on on: January 18, 2016, 07:06:21 PM.

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

eagled2

That linked to an even earlier post.  I'm guessing you mean this one:
Re: Forum Firewall
« Reply #139 on: January 29, 2011, 09:47:03 AM »
Do you have any thing in the SMF Error log?  If not, my guess it is on your server side and has nothing to do with the mod.

It could be the security settings by your host (ie using Modsecurity in Apache).  Or it could be a hosts firewall is blocking the content; if so, you will need to edit the mod settings in phpmyadmin

eagled2

I opened a ticket with my host to find out about any blocks on there side. I the mean time I'm looking for information on the mod settings you suggested changing from the database. I looked through this entire thread for anything that looked like it referenced that as well as all the tables in the database but could not find anything regarding what mod settings would need changed to allow this to work. As long as this thread is i'm sure i missed it somewhere. Can you direct me to where i can find specifics on what i would need to change if my host confirms they are blocking it?

eagled2

OK I heard back from my host and we confirmed that mod_security is enabled. If I turn off mod_security then the issue goes away but when enabling testing I get this warning:
SECURITY RISK:  ENSURE ALLOW_URL_FOPEN AND ALLOW_URL_INCLUDE ARE BOTH DISABLED TO PROTECT AGAINST RFI!

I'm guessing those are now allowed because I turned off mod security. Is there a way to make this mod work without disabling mod_security?

butchs

One of my past hosts edited mod security so it can work.

I do not recommend them and they can be turned off by your host.  Someone at SMF deleted all the helps I amassed in the first post.  I believe I know who it was...  I am sorry but it is frustrating to do so much work only to have it deleted. 
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

eagled2

I understand.  Thanks for the help.

vbgamer45

original html with faqs
<div class="inner" id="msg_2915098"><a href="http://custom.simplemachines.org/mods/index.php?mod=2815" class="bbc_link" target="_blank">Link to Mod</a><br><br><div align="center"><span style="color: red;" class="bbc_color"><span style="font-size: 18pt;" class="bbc_size"><strong>Forum Firewall</strong></span></span></div><div align="center"><span style="color: blue;" class="bbc_color">* protection against bad people doing bad things *</span></div><div align="center"><strong>Written by:</strong> <a href="http://www.simplemachines.org/community/index.php?action=profile;u=77887" class="bbc_link" target="_blank">butchs</a><br><br><a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&amp;business=UJTMMF8FKGLZ6&amp;lc=US&amp;item_name=butchs%2f%20continued%20updates&amp;currency_code=USD&amp;bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted" class="bbc_link" target="_blank"><img src="/web/20141216060303im_/https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" alt="" class="bbc_img"></a></div><br><hr><span style="font-size: 14pt;" class="bbc_size"><strong>Frequently Asked Questions (FAQs)</strong></span><br><a href="http://www.ipv6-address.org/" class="bbc_link" target="_blank">IS YOUR FORUM IPv6 COMPATIBLE?</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3139830#msg3139830" class="bbc_link" target="_blank">BLOCKED MYSELF</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3111015;topicseen#msg3111015" class="bbc_link" target="_blank">ROBOTS.TXT/ DDOS Help</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3131785;topicseen#msg3131785" class="bbc_link" target="_blank">ADJUSTING DOS PROTECTION HELP</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3123695;topicseen#msg3123695" class="bbc_link" target="_blank">BYPASS PROTECTION HELP</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg2925498;topicseen#msg2925498" class="bbc_link" target="_blank">HIT RATE</a><br><a href="http://www.simplemachines.org/community/index.php?topic=391926.msg3222622#msg3222622" class="bbc_link" target="_blank">CLOUDFLARE</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3416357;topicseen#msg3416357" class="bbc_link" target="_blank">FORUM FIREWALL &amp; AEVA MEDIA SLOWING DOWN MY FORUM</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3092408;topicseen#msg3092408" class="bbc_link" target="_blank">WHITELIST REGULAR MEMBERS</a><br><a href="http://www.simplemachines.org/community/index.php?topic=417490.msg3461927#msg3461927" class="bbc_link" target="_blank">What to do if you get:&nbsp; "&lt;a href='function.strpos'&gt;function.strpos&lt;/a&gt;]: Empty delimiter Error Log Message</a><br><hr>Forum Firewall offers 13 tests for the forum operator that protect against unwanted visitors.&nbsp; Forum Firewall is written as a supplement to existing site protection methods and should not be the only line of protection.&nbsp; An ideal protection scheme is as follows:<br><ul class="bbc_list" style="list-style-type: decimal;"><li>Proxy Firewall.</li><li>Htaccess protection such as blocking nasty ip addresses, CrawlProtect and GeoIP.</li><li>Forum Firewall (this mod).</li><li>Avatar Verification.</li><li><a href="http://custom.simplemachines.org/mods/index.php?mod=2502" class="bbc_link" target="_blank">Bad Behavior mod</a>.</li><li>Stop Spammer.</li></ul><br>The above protection will not stop a determined attacker but it just may send them looking for easier targets.<br><br><hr><br>Some features in this modification:<br><ul class="bbc_list"><li>Compatible with CloudFlare and other Proxys.</li><li>Log and/ or block violations.</li><li>DOS Protection to lower bandwidth with cool off &amp; email notification.</li><li>Admin Spoofing Protection.</li><li>IP Address Spoofing Protection.</li><li>Port Spoofing Protection.</li><li>Anti-spoofing cache.</li><li>Cross Site Scripting (XSS) Protection.</li><li>SQL Injection Protection.</li><li>Proxy Bypass Prevention.</li><li>Limited Country Code blocking.</li><li>Automatic scan of image files.</li><li>Provides spanish warning if it is detected in header (thanks snoopy_virtual).</li></ul><br><hr><br>SMF 1.x version does not have:&nbsp; Automatic scan of image files.<br><br><strong>It is recommended that you do not enable "Block Violations" until after you operated the mod for several days and you are fully confident that there are no infractions in the visitor logs that can deny you or your top members access.</strong><br><br><hr><div align="center"><strong>Terms of use</strong></div><hr><br>By downloading and/or using this MOD you agree to adhere to the following conditions for all versions of the Forum Firewall mod:<br><ul class="bbc_list"><li>Copyright info &amp; link must remain intact!&nbsp; They only can be removed via Author/Creators approval.</li><li>The Author/Creator is not responsible for any incompatibilities of this mod with your forum.</li><li>You are FREE to use and customize this MOD on your Forum(s) as per the conditions of these terms however, in no way can the Author/Creator of this MOD be held responsible under any circumstances.</li><li>Commercial resale of this mod is prohibited without express written permission from the Author/Creator.</li><li>You are FREE to redistribute this MOD in its original, released state ONLY!</li><li>Conversion, transfer or porting any portion of the Authors Creative Work, Ideas, procedures and process to any SMF fork without the Authors explicit written permission is strictly prohibited.</li><li>These terms can be changed or appended at any time by the Author/Creator without any prior notice.</li></ul><br></div>
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

butchs

Thank you.  I know I had more but at least it is better than nothing.

I simply do not understand why someone decide to wipe out all the first posts.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

eagled2

Me either.  It's vital info

butchs

Until I get a chance to make it in the mod section the help topics I created can be found if you search for HELP.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Kindred

Ummm... No one at smf has deleted anything from the first post
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

butchs

My first post had help topics now it is an exact duplicate of the text at the mod page.  This was done for all my mods and I did not do it.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Kindred

Ah...  yes,the system automatically updates the first post to match the mod description. No one did it...   
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

bravoure

Quote from: busterone on January 25, 2011, 09:03:25 PM
I just discovered that the firewall logs will not delete. I went to scheduled tasks and attempted it twice. Both times, the message was task completed, but when I looked at the log, all entries were still there.  I thought it might be something on my site since it was upgraded several times, so I tried it on my test forum, and got same result. Both are RC4. The test forum is a clean install with just Firewall mod, Stop Spammer and httpBL installed., no members, just me.  :)

No biggie, I just truncated the table in database for my main site to get same result.  I just posted it in the event anyone else has same issue. I am still unsure if it is just my forums or the mod.

For that problem: replace part of code in ScheduledTask.php :

function scheduled_forumfirewall()
{
global $modSettings, $sourcedir, $mbname, $txt, $smcFunc, $scripturl;

$datestamp = date('Y-m-d H:i:s', strtotime('-'.((int) $modSettings['forumfirewall_timelimit']).' day'));

$result = $smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_forumfirewall
WHERE date < {string:datestamp}',
array(
'datestamp' => $datestamp,
)
);

return true;
}
function scheduled_ffchallenge()
{
global $modSettings, $sourcedir, $mbname, $txt, $smcFunc, $scripturl;

$datestamp = date('Y-m-d H:i:s', strtotime('-'.((int) $modSettings['forumfirewall_timelimit']).' day'));

$result = $smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_ff_challenges
WHERE date < {string:datestamp}',
array(
'datestamp' => $datestamp,
)
);

return true;
}


with the following

function scheduled_forumfirewall()
{
global $modSettings, $sourcedir, $mbname, $txt, $smcFunc, $scripturl;

$datestamp = strtotime('-'.((int) $modSettings['forumfirewall_timelimit']).' day');

$result = $smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_forumfirewall
WHERE date < {int:datestamp}',
array(
'datestamp' => $datestamp,
)

);

return true;
}
function scheduled_ffchallenge()
{
global $modSettings, $sourcedir, $mbname, $txt, $smcFunc, $scripturl;

$datestamp = strtotime('-'.((int) $modSettings['forumfirewall_timelimit']).' day');

$result = $smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_ff_challenges
WHERE date < {int:datestamp}',
array(
'datestamp' => $datestamp,
)
);

return true;
}


and scheduled tasks for forumfirewall will work

aegersz

having recently built my own Linux firewall/router/proxy I'm curious what benefits a mod like this brings ?

as far as my live forum goes, I get the odd spammer but we shut them down quickly.

why would I need this above and beyond what my own OS firewall and server host's firewall offer ?

am I more exposed than I think I am ?
The configuration of my Linux VPS (SMF 2.0 with 160+ mods & some assorted manual tweaks) can be found here and notes on my mods can be found here (warning: those links will take you to a drug related forum). My (House) music DJ dedication page is here

butchs

It too me a little over a year of hard work to write this software.  Honestly, I have no idea what you did so I cannot answer your question.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

brynn

Hi Friends,
When I first started my forum, someone else set it up for me (4 years ago) and also hosted it for me.  Now I've moved on to a new host, and there are many things I need to learn, to continue managing my forum.

This is one of the mods about which I understand very little.  I've looked through the files, and read the readme.  But it doesn't tell me much about how to use it.  Even with the help info (question mark icons next to each setting in the control panel), I'm still struggling with a lot of those settings.

Is there somewhere I can read about all the features, which explains it for someone who is new to forum security?  I tried the link to SMF Helper website, hoping there might be some tutorials or something.  But it doesn't seem to be exist anymore.

I could ask my questions here, I suppose.  But I really need more of an introduction, or even a guide which I could study.  Can anyone suggest where I can start learning about this?

Thank you very much.

Advertisement: