Forum Firewall

[Glasso]

buchs,

Your mods are fantastic, thank you very much for making them available.

1. I have installed forum firewall and most blocks are with an invalid IP. The IP reported by FF is a phrase such as 'Keep-Alive', 'unknown' etc. and not exactly a number. How can I avoid this since I tried connecting from a Nokia phone and it is blocked?

Typical blocks with invalid IP are like:

Code Select Expand

GET /forum/ HTTP/1.0 Mozilla/4.0 (compatible; MSIE 5.5; Windows 95) http://<removed>/

Similar thing with Bad Behavior where a connection is blocked from Nokia - I will post it on the relevant thread.

2. When I enable SQL Injection, though '-' is in the list of allowed characters, URLs with that symbol get blocked. Any solution to this?

I am using SMF 2.0 RC5

Thanks.

[Jesna]

Thanks for a great mod

Im getting this error on my page

Fatal error: Call to undefined function ffcopyright() in /home/whsforum/public_html/forum/Themes/default/index.template.php on line 525

In the bottom where there should be; Protected by Forum firewall

My line 525 is this:
', theme_copyright(), FFCopyright(), '

Is there any there can see a problem here

It shows it correct when im in the admin/forum firewall

Im using smf 1.1.13 Danish language, so was thinking if its something to do with the danish part??

/Jakob

[butchs]

Glasso I answered your question in the BB support thread.


Jesna I did not know there was a Danish translation?     Try this:
Open "$themedir/index.template.php
      Search for "

Code Select Expand

global $context, $settings, $options, $scripturl, $txt;

echo"

Replace with "

Code Select Expand

global $context, $settings, $options, $scripturl, $txt, $sourcedir;

require_once($sourcedir . '/ForumFirewall.php');

echo"

EDIT:  YOU DO NO NEED TO DO THIS IF YOU ENABLE THE MOD.   I will fix it in a future version.

[butchs]

Butchs, if you don't mind taking a look at the Forum Firewall log with a bunch of 'keep-alive's in the IP field, please PM me your email id.

What happened in BB is not the same as FF.  BB does not look at the ip address field.  It checks the "Connection " where Keep-alive is supposed to reside.

Keep-alive's will not be allowed to pass the FF ip test in FF since they are not valid ip address.  I have seen many examples where 'keep-alive's in the IP field have been used in a site hack attack.  Allowing it to pass in FF will only be a vulnerability.

The attached file provides an example of a blocked ip address where FF stopped cold one of the many bots that have been hammering the register/login functions that so many people who do not use FF complain about.

[Glasso]

Oh I see, so this is fairly common error and wrong values get passed in the IP field intentionally or unintentionally.
Thanks for clarifying.

[hartiberlin]

Does it work together with SMF 2.0RC5 / PortaMX 1.0RC4 and PortaMX SEF
enabled ?

Many thanks.
Regards, Stefan.

[Jesna]

I have only enabled "Enable Testing". My log/visitors is clean. Is that because I havent enabled anything else yet? or will there first be something in the log when I enable "Block Violations" ?

/Jakob

[butchs]

Does it work together with SMF 2.0RC5 / PortaMX 1.0RC4 and PortaMX SEF
enabled ?

Not sure but, it works with SMF 2.0RC5 and SimplePortal.

[butchs]

I have only enabled "Enable Testing". My log/visitors is clean. Is that because I havent enabled anything else yet? or will there first be something in the log when I enable "Block Violations" ?

You should at least check:
"Enable Testing", "Logging", "DOS Attack" and "Enable IP Validation"

Run it for a few days and make sure you will not ban your critical members or yourself then select "Block Violations" to block access.

The mod has built i n help click the "?" for more information.

[butchs]

Update posted today.  Some of the fixes are:

1)  Copyright now showing correctly when mod is not enabled.
2)  Added 7 day auto trimming of the visitor log for SMF 1.1.x users when "Logging" is on.
3)  Minor improvements.

2.0RC2 users need not update unless they have errors in their log or wish to fix the copyright issue.

[MCK]

Thanks for your continued time invested in this mod. If possible, could you include perhaps a check box to control whether or not the credits are shown? It would be up to the person to honor your licensing of course but this is not so much different than how it is now if only a little more manual & tedious.

[Jesna]

Thanks butchs 

[butchs]

MCK sorry for all the updates.  I think I should be done debugging for a while now...   

Time to work on a new version and I will look into a better way to handle the licensing.

[MCK]

No worries. The updates are for our benefit so I appreciate your efforts and thank you. Will look forward to your next update. Regards

[lovearat]

I just found this awesome mod!! Thank you for all the work you did/do!!

[ppscslv]

Hi! I have a big problem: after I installed Forum Firewall on 1.1.13 SMF after I login I can't acces the admin panel:

An Error Has Occurred!
Session verification failed. Please try logging out and back in again, and then try again.
Nor I can't post anything. How can I remove/disable the package? And yes, the violation rule was activated.

[qtime]

can you edit the files? If so, you can remove the code

[busterone]

look in your database for the table smf_settings or (whatever your prefix is)_settings  if you went with something besides the default db prefix.
change the value for forumfirewall_enable_block from 1 to 0
That will get you back in the forum.

[butchs]

An Error Has Occurred!
Session verification failed. Please try logging out and back in again, and then try again.

That error is a SMF 1.1.13 bug issue and has nothing to do with this mod.

[An0nymousHelper]

Hey! So i've been using the mod for a while now and love it, it's great! But i've noticed that there is a person i guess trying trying to attack my site, but for some reason it doesn't show there IP it shows "Keep-Alive" What does this mean? Here are two screen shots:





Thats just two of them and there are quite a few more. If anyone knows what this is it would be greatly appreciated if you could let me no! Thanks!