News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

BotBanish Firewall Client

Started by Randem, November 17, 2017, 11:30:02 AM

Previous topic - Next topic

Randem

Please start another thread with this subject, this is off topic from the BotBanish Client.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Aleksi "Lex" Kilpinen

I think we are actually done, unless the errors come back again for some reason - if they do, then yes, lets continue in another topic. Sorry for the hijack Randem.
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

JimmyStanley

How would you say this compared to reCAPTCHA?

Randem

#203
JimmyStanley,

I would need a complete idea to know exactly what you are referring too... BotBanish Firewall Client and reCAPTCHA do two distinctly different functions.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

sonnyh

Hi,
I updated to the new version of BotBanish, and now receiving several 403 errors.
Several legitimate IPs have been blacklisted, which I removed from BotBanish, but they are still being blocked.
Do I have to go through .htacess too?

sonnyh

Quote from: sonnyh on October 13, 2019, 11:14:41 AM
Hi,
I updated to the new version of BotBanish, and now receiving several 403 errors.
Several legitimate IPs have been blacklisted, which I removed from BotBanish, but they are still being blocked.
Do I have to go through .htacess too?

I looked at the htaccess and the IPs that I un-blacklisted were still there.
Also there are several htaccess files with appended dates, are they needed? 

Randem

Aloha sonnyh,

The htaccess files with the dates appended are just backup files, when BotBanish was installed it created them. As far as the IP that were still in your htaccess file, were there two different set of IP denial areas in your htaccess file? Are you running on Apache 2.2 or Apache 2.4? BotBanish 3.4.00 will use the 2.4 version format if you are running on 2.4 and 2.2 if you are running on 2.2. If the IP addresses you mention are in the 2.2 format then BotBanish running on Apache 2.4 will not manage those entries and they will need to be managed manually. The next revision of BotBanish will offer a conversion of the 2.2 format to 2.4 format to make the htaccess file uniform.

As far as the 403 errors, where are the 403 errors? Are they in the Apache error.log file or are you seeing them in the SMF error log? Could you show the errors because they are permission errors.

BTW: Just removing the IP's from the BotBanish blacklist will not suffice, you would also need to add the IP's to the BotBanish whitelist to keep them from being blocked again on your system. Then those IP's will only be allowed on your system not everyone else's.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

sonnyh

Hi,
Just checked and am running 2.4.41.
403 error is what members that were denied access were receiving.
Should I clean up the htaccess?
Remove the 2.2 section?  If are the sections marked?
I do not want to mess anything up.

Randem

I need to see the error information to find out exactly where the 403 error exists.
I need to see the htaccess file to give you an answer...
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

sonnyh

Hello,
Attached is the htaccess
I am going to look at the error log and send that later.

sonnyh

Dumb question, how do I isolate the 403 errors from the SMF log?

Randem

Here is your updated htaccess file. Any reason you are blocking certain Windows versions and android devices?
I removed them from the file, these are not something BotBanish blocks.
As far as isolating 403 messages from the SMF error log, you might need to use phpMyAdmin to do the searching. Is that where you see the 403 messages? Who is generating those error messages? If not and your users are seeing the 403 error messages, I need to see the error that they see.
A 403 error message handled by BotBanish will redirect the error to a file titled BotBanish_AccessError.php in the root location, Make sure this file has permissions that the users can access it. I believe permissions 644 will do.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

sonnyh

Thank you, I replaced the htaccess
The 403 is seen by the blocked members when logging in.
It says: Forbidden
             You don't have permission to access this resource.

The only 403 log reference I could find is:

Forbidden urls (HTTP code 403)   
URL (9)   Error Hits   Referrers
/smf/index.php   29   -
/pma/scripts/setup.php   15   -
/phpMyAdmin/scripts/setup.php   15   -
/phpmyadmin/scripts/setup.php   14   -
/phpmyadmin/phpmyadmin/index.php   14   -
/phpMyAdmin/phpMyAdmin/index.php   14   -
/pma/scripts/db___.init.php   13   -
/phpmyadmin/scripts/db___.init.php   13   -
/phpMyAdmin/scripts/db___.init.php   13   -

BotBanish_AccessError.php is set to 666

sonnyh

Another error:

Database Error
Unknown column 'rpt_date' in 'field list'
File: /home/rmarsorg/domains/r5mars.org/public_html/smf/Sources/BotBanish_Subs_DB_SMF.php
Line: 655

Note: It appears that your database may require an upgrade. Your forum's files are currently at version SMF 2.0.15, while your database is at version 2.0. The above error might possibly go away if you execute the latest version of upgrade.php.


Randem

Strange, the rpt_date field was supposed to be added to the database table botbanishclient_website_visits at install time. Were there any errors at install time? What happened at install time?

As far as the 403 errors you did not give me a reference to where you found those 403 errors. Was it in your Apache error.log file (Server)?
If so then those uses are getting blocked by the server for accessing files that are in areas that are restricted for their access as it should. Your users should not be attempting to access /phpmyadmin/phpmyadmin/index.php or the other such folders and files unless you specifically gave them permissions to access this folder and file. From the looks of what you are showing in your list, the users are searching for vulnerabilities and should be blocked...
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

sonnyh

There were no errors at installation.  All items tested ok.
The database error just showed up.
No one should be assessing /phpmyadmin/phpmyadmin/index.php, unless something is pointing incorrectly. 

Randem

Check the URL's that the users are using when they get a 403. That should give you some idea as to why they are getting the error.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Randem

BotBanish 3.4.01 has been released and is a REQUIRED update for 3.4.00 for IP / BOT blocking.
Please update ALL prior BotBanish versions to the latest release for compatibility.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

sonnyh

Hello,
I just updated to 3.4.01.
Should I now delete prior versions of BotBanish?

Randem

Aloha sonnyh, just uninstall the old version and install the new one then delete the old version from SMF.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Advertisement: