News:

Join the Facebook Fan Page.

Main Menu

httpBL

Started by Diego Andrés, February 17, 2010, 03:55:54 PM

Previous topic - Next topic

snoopy_virtual

Very nice job Wizzle.

I'm going to use it for the tutorial.

Keep the good work.


El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: aussieherps on March 08, 2010, 10:47:45 PM
Thanks Snoopy it wouldn't work as the members have already been asked to rejoin when moving from phpbb to smf forum.
...
Didn't realise there was so much difference in the tables and databases.
...

The problem you have now is not only this mod, but a lot of other things aren't going to work properly.

Why don't you try to explain your problem and ask for help on the specific support forum for 2.0?

http://www.simplemachines.org/community/index.php?board=147.0

I suppose in that forum they may have seen things like that happening a few times already and may be they can give you a full list of the changes you need to do manually to the DB.

I will need to have 2 DBs in front of me (one 1.x and the other 2.0) to see all.

One important for sure is inside the table smf_members (or whatever prefix you have). Inside there the column for the usernames of each member is called "memberName" in SMF 1.x but now in 2.0 they called it "member_name" so you need to go inside your DB (using phpMyadmin for example) and change that manually.

Good luck.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

aussieherps

Not enough experience to do that myself and will have to wait until I see my brother.
He is a programmer in lots af languages and knows php quite well.
Problem is he is a 2.5 hr drive from me.
http://aussieherps.com">snakes lizards spiders turtles and much more

snoopy_virtual

Quote from: aussieherps on March 09, 2010, 04:54:27 AM
Not enough experience to do that myself and will have to wait until I see my brother.
He is a programmer in lots af languages and knows php quite well.
Problem is he is a 2.5 hr drive from me.

When you see your brother tell him to contact me via Skype. If he's a programmer I can explain him in 2 minutes exactly what he need to do.

After that he will need to get tons of coffee and patience, because it's a long and boring job, but it can be done. And you better get it done, as nobody knows when SMF 2 is going to be stable. Can be a month or can be a year.

In the mean time I'm going to try to do a better search for an automatic script to do that job. As I told you the other day, I did a quick search in SMF downloads page and couldn't find any, but maybe somebody somewhere else has one already done. Who knows.

All the google specialists reading this: Do you think you could help here?

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Wizzlefits

Was wondering why I keep getting this log entry. It doesn't show on every hit, just every 3 or 4 blocked IP's.
And it's always the exact same entry. (3 Answers on the captcha
2 Good - 1 Bad )
As you can see by the time stamp, it's from the IP at the top.
Thanks!

snoopy_virtual

Quote from: Wizzlefits on March 10, 2010, 09:24:27 AM
Was wondering why I keep getting this log entry. It doesn't show on every hit, just every 3 or 4 blocked IP's.
And it's always the exact same entry. (3 Answers on the captcha
2 Good - 1 Bad )
As you can see by the time stamp, it's from the IP at the top.
Thanks!

Looks really weird. I mean the fact that in that entries all the values have changed to "1".

Almost all the entries I have are either "0 Answers" or "2 Good 0 Bad". The only entries with bad answers I got in my logs are the ones I have done on purpose when testing the mod and giving bad answers to see what happens. But all of them always keep the values of every column unchanged.

It can be either a mistake in my code or the mod interacting with other mod you may have.

One way or the other I would like to take a closer look into that to see why it's happening. Contact me through Skype or Yahoo whenever you have a minute and we'll talk about it.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

giveaway365.com

#166
Snoppy Sir,
gradually.. I have disabled stopspammer and going more strict with httpbl...

what would be ideal settings for httpbl?
Number of days to consider good an IP: 7?
Threat level considered bad:10?
Threat level considered VERY bad:20?
Hours until an IP needs to prove again it's human:24?

Suggestion:
Can you include the default recommended value also near the description in the next version.




snoopy_virtual

I am not very sure yet about which ones would be the best settings. That's why I haven't put yet any recommended ones nowhere.

I was hopping here in this forum we could talk about that comparing the experiences of all the people using the mod, so we could find which ones are best.

The settings I am using in all my forums are:

Number of days to consider good an IP: 90
Threat level considered bad: 1
Threat level considered VERY bad: 30
Hours until an IP needs to prove again it's human: 24

These settings seem to work OK for me, but as I say, maybe yours are better. I don't really know.

If any of you is using different settings could you please tell us which ones and how are they working for you?

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

giveaway365.com

As soon as I tried to pause stop spammer.... I got spammers in my forum !

Hence both Httpbl & stop spammers need to be installed.

Httpbl settings are :
90,20,30
And with stop spammer:
tick all except username.

snoopy_virtual

I agree: You need both mods working together. In fact I designed mod httpBL thinking always in the best way to stop the spammers that the other mod (Stop Spammer) cannot detect and vice-versa.

Still I think a "Threat level considered bad" as high as 20 is far too high. You are letting pass too many bad guys without even checking if they are humans or not.

Maybe the number I use there (1) is far too low and the best setting will be something in between. In fact, in Project Honey Pot they recommend to set that value to 10.

Please remember that the threat level scale is not linear but logarithmic. This means that to go for example from threat level 10 to threat level 11 you don't add something, but multiply it by something.

So the difference between let's say level 5 and level 6 is very small, but the difference between level 25 and level 26 is very high. And the higher you go up that scale the higher the differences between one level and the next.

You can see how they explain it in Project Honey Pot manual:

Quote
From http://www.projecthoneypot.org/threat_info.php

The Threat Rating is a logarithmic score -- much like the Richter's scale for measuring earthquakes. A Threat Rating of 25 can be interpreted as the equivalent of sending 100 spam messages to a honey pot trap.
Threat Rating   IP that is as threatening as one that has sent
25                     100 spam messages
50                     10,000 spam messages
75                     1,000,000 spam messages

Of course the best settings for each particular forum also depend on the kind of visitors it gets and the kind of forum it is.

For example, my forum is a free service where we get people from all over the world with computer problems and sort these problems for free, so I don't want to let anybody in without proving first at least they are humans if their IP have a threat level even as small as 1.

But your forum is a business where you want to attract customers and don't scare them too much with warning messages, so it's OK for you to let everybody in with a level less than 20 without even proving if they are humans or not, because this way you get more customers happy and this compensate the fact that sometime you get a bad robot mixed with them.




Anyway I have been thinking about another one of your suggestions:

Quote from: giveaway365.com on March 06, 2010, 10:41:03 AM
Snoppy Sir,
I have a suggestion.....
Instead of having this warning page, can we use a decent captcha which is available freely and user can put his logo and the captcha only to proceed.

In this warning page ... it seems that our website has a virus and good real user dont return...

So instead of writing so much about the virus and torgan horses , we just welcome them with our logo and below our logo a simple captcha .
Other conditions remain same like if the level is above 50 dont even show captcha etc etc.

When you suggested that I thought it was a bad idea, but after considering it more carefully I think you may have a point there.

The way I designed the warning page is too scary and humans may think they are in the wrong site, because the design have nothing to do with the rest of your site.

Adding everybody's logo to the top of the warning page will do no harm if robots see it (they cannot get any information from there) but will be less scary for humans.

So for the next version I will try to design a new warning page with the option of inserting your logo at the top, with less scary colors and maybe even with a CSS file where it will be easy to change the colors if you want to make it more similar to your own forum design.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

giveaway365.com

Dear Snoppy Sir,
Thanks for the information... it helps a lot. I have changed it to 10 & 25 now.
Lets see...
and thanks for relooking my suggestion...
There is no point to explain any one the reason behind solving a capcha. If they are good.. they will not see the capcha and if they are bad they have to solve the capcha. If they are very Bad they cannot see a capcha and cannot move ahead.

giveaway365.com

Snoppy sir,
Can I use Akismet Spam Protection Mod (http://mods.simplemachines.org/index.php?mod=544) along with httpbl & Stop Spammer?

butchs

Quote from: snoopy_virtual on March 16, 2010, 11:23:50 AM
The way I designed the warning page is too scary and humans may think they are in the wrong site, because the design have nothing to do with the rest of your site.

I am not sure if I like the unprotected (without defined('SMF') check) warning.php file.  Now the bots are poking fun at it.  Repeatedly I have seen them first sniff it then move on to other places.  I prefer to see them denied access to the page unless they are specifically sent there.

This bot was not in the httpBL log but did meet an untimely end when Bad Behavior caught it.
8)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

giveaway365.com

this means httpbl mod is not effective at all?
snoppy sir, i also want to point out that as soon as I only depended on httpbl and disabled stopspammer I got 20 comment spammers in my forum.... I had to instantly start the stop spammer and also had to depend on various Ban Triggers of smf to get it normal.

My current httpbl settings are 90,7,25

snoopy_virtual

Quote from: butchs on March 17, 2010, 08:30:47 AM
...
I am not sure if I like the unprotected (without defined('SMF') check) warning.php file.
...

I told you already twice the code inside warning.php do the defined('SMF') check

How can I write code using SMF functions without checking first if SMF is defined or not? It would be impossible.

Please read in the manual how SSI works.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: giveaway365.com on March 17, 2010, 08:16:32 AM
Snoppy sir,
Can I use Akismet Spam Protection Mod (http://mods.simplemachines.org/index.php?mod=544) along with httpbl & Stop Spammer?

I haven't try that one myself, so I don't know.

I would like to know though, so if you try it before I have time to do it myself, please tell me.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

giveaway365.com

I installed it ... installation went without problem. but it had many errors in the error log. hence I uninstalled it.

butchs

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

snoopy_virtual

Quote from: butchs on March 17, 2010, 03:48:48 PM
Quote from: giveaway365.com on March 17, 2010, 10:39:51 AM
this means httpbl mod is not effective at all?

NO! 8)

Agree. Not at all.

For example. I have a test forum where there are no real members. Only the 3 admins (me and 2 of my colleagues) are real, the rest of the members and all the posts in that forum are all fakes we (the admins) create to test different things.

As this forum is not important at all (only a test one) sometimes we turn off all anti-spammers security to see what happen, and the results we get are these:

With BOTH mod StopSpammer and mod httpBL OFF we get around 100 spammers a day.

With ONLY mod StopSpammer ON we get around 40 spammers a day.

With ONLY mod httpBL ON we get around 20 spammers a day.

With BOTH mod StopSpammer and mod httpBL ON we get some days just 1 spammer and some days none at all.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

butchs

No means I disagree with qiveaways comment.  That means I believe that your version of httpBL is effective.  One of the best out there. 

Please do not run off on a tangent putting words in my mouth.  YOU KNOW THAT I BELIEVE THAT HTTPBL IS EFFECTIVE! Why else would I have helped you?   >:(
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Advertisement: