News:

Join the Facebook Fan Page.

Main Menu

httpBL

Started by Diego Andrés, February 17, 2010, 03:55:54 PM

Previous topic - Next topic

GJSchaller

Thank you for all your hard work - you've saved me from pulling out what little hair I have left...  :o

A suggestion - on the Log page, it lists the IP addresses that are detected / blocked.  When one of my users noted that he was getting blocked (School connection, there must have been a bot in his school that flagged the whole network), I had to dig to figure out which IP was his.  I would like to suggest adding a column to the log of users associated with a given IP address, so that a quick visual scan will tell an Admin who may be blacklisted, that can later be excepted.

I know you're working on the exception part now, which is very nice.  Hopefully, including a list of users on the "short" log will make this even more useful.

Both myself and my forum users thank you!
Geoffrey J. Schaller
Knight Realms - Technical Officer
http://www.knightrealms.com/

snoopy_virtual

Quote from: GJSchaller on February 27, 2010, 10:33:00 AM
Thank you for all your hard work - you've saved me from pulling out what little hair I have left...  :o

A suggestion - on the Log page, it lists the IP addresses that are detected / blocked.  When one of my users noted that he was getting blocked (School connection, there must have been a bot in his school that flagged the whole network), I had to dig to figure out which IP was his.  I would like to suggest adding a column to the log of users associated with a given IP address, so that a quick visual scan will tell an Admin who may be blacklisted, that can later be excepted.

I know you're working on the exception part now, which is very nice.  Hopefully, including a list of users on the "short" log will make this even more useful.

Both myself and my forum users thank you!

You are welcome. I understand very well your feelings. I started doing all this work for myself, as I'm fed-up with the spammers in my forums and I realized with mod Stop Spammer (which of course I have also installed in all of them) on its own was not enough and I was pulling out my hair as well.  :D

Then, once the first version was ready, I decided to share it with everybody because I have always thought the more brains trying to sort a problem together the faster you find the solution.  ;)

Please notice, by default, the Log page is sorted by Date (newest ones first), but you can sort it by any column you want just clicking on the name of that column.

Clicking again the same column will change the order ("from smallest to highest" => "from highest to smallest")

So, if you want to find for example any given IP, just click on the "IP" column and you will see the entries for that particular IP all together.

Also, all the IPs are links to the "Track IP" page, so clicking on the actual IP number will show you which user has it, errors from that IP, etc.

Anyway I'm changing a little the Log page in the new version, adding a few more columns etc. I hope you will like it when it's finished.  ;)

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

GJSchaller

Yes, I was able to hunt down the IP needed - it was more of the idea of a quick look at the log would show "Hey, I blocked 42 spammers, and Tom... I should let Tom know and / or correct that." ;)
Geoffrey J. Schaller
Knight Realms - Technical Officer
http://www.knightrealms.com/

snoopy_virtual

Yes, one of the new columns I'm adding is the username. Of course, for a visitor the value there will be "Guest". And that column will be also "sortable".

Also I'm separating the log into 3 pages, with different things in each one, so it's easier to read and find the important info, but as I'm still working on it I think I should explain all that when it's done, because maybe I tell you one thing now and then I decide to do it different later after I see it working on an actual forum.  :D

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

#84
MOD httpBL v2.3
============






  • Author:
snoopy_virtual
  • Version:
2.3
  • Release:
1st March 2010
  • Languages:
  • Compatible With:
SMF 1.1.1 - 1.1.11
SMF 2 RC2

I haven't finished all the things I had planned for this new version, but, as a few of them are really very important I have decided to release it the way it is just now and leave the rest of them for a future version.

This is the change log where you can see all the changes and new features:




Quote
Version 1.0 - 17th August 2009

  oInitial release
  oCan be installed in any PHP page, not only SMF
  oCan block any spammer from viewing your site
  oIt checks IP in Project Honey Pot DB
  oIf match, the visitor is redirected to the "warning.php" page
  oKeeps a log of "IPs stopped" in a text file in your server
  oCompatible with any PHP program, so it's compatible with all SMF versions
Version 2.0 - 11th February 2010

  -Eliminated compatibility with other programs, making it now exclusive for SMF
  +Added a powerful install script which now does everything for you with just one click
  +Added an easy-to-use configuration interface to control the mod
  -Eliminated the text file log, too difficult to find and read
  +Added a log table in the database
  +Added a view-log interface to see the information stored in it
  ?Unistall old version and install new one
  ?Need to edit manually 2 small things in index.template.php
if you are not using the default one
Version 2.1 - 15th February 2010

  +Added compatibility with SMF 2.0 RC2
  +Added a color system in the view-log page to see threat l
evel of each IP stopped by the mod
  +Added an option to see the view-log page with only important
information or with all the extra data
  +Added some lines to the language files for the new features
  ?Unistall old version and install new one
  ?No need to edit manually any template file if you are updating from version 2.0
Version 2.2 - 17th February 2010

  +Added cached values if cache is enabled to reduce time
  +Added more methods to find the visitor's IP
  !Sorted issue with servers not using Mysql
  ?Unistall old version and install new one
  ?No need to edit manually any template file if you are updating from version 2.x
Version 2.3 - 1st March 2010

  !The mod now never checks the admin (bug reported by Exsharaen)
  +Added a value in config page for "threat level very very high"
  +Added a captcha in "warning.php"
  • If the threat level is below the "high level" the visitor pass
  • If the threat level is between the "high level" and the "very very high level"
    the captcha appears
  • If the threat level is higher than the "very very high level" it's stopped and
    doesn't see the captcha
  +Added a cookie valid for 24h. If the visitor sees the captcha
and proves is human, gets the cookie
  +Added a value in config page for "cookie lenght"
  +Added a counter with the number of spammers stopped by the mod
  +Added a a button in the view-log page to hide or show the legend
  +Added a a button in the view-log page to change quickly from
"normal view" to "see all the extra info"
  *View-log page now separated in 3 different ones:
  • Spammers stopped
  • Humans allowed in
  • Internal errors
  +Added a column in view-log for "username" with link to member profile
  +Added some more info in "see all the extra info" mode
  *Changed all the language files
  ?Unistall old version and install new one
  ?No need to edit manually any template file if you are updating from version 2.x

QuoteLegend

oFeature
*Change
+Added
-Eliminated
!Bug Fixed
?How to Update

I would like to explain a little more all the new features, but I think it's better if you just try this new version and see them for yourself while I concentrate in finishing the tutorial, as most of this new features are already self-explained as you are using them, and ask me here if you don't understand something.

Hopefully, by the time you find something you don't understand it will be already answered in the tutorial.

==========================

This is the list of things I had also planned for this version but I haven't had time yet to implement:




Quote
Things to do in the near future: (1st March 2010)


   *I need to finish the tutorial with the couple of small
things you need to edit in the file index.template.php
and the instruccions on how to use it.

   +I need to add an option in the config page ASAP
to decide what groups of members you don't
want to be checked never by the mod.

   +I need to add an option in the config page asking you
if you want the data to be deleted automatically from
the log after X days or not and how many days you
want to keep the data in the log.

   +When the mod finds an error it writes it in the log table.
It should also email the admin if the error is an important one.

   +I need to write a FAQ with some things I already know
they are going to start asking.


QuoteLegend

*To be Changed
+To be Added
-To be Eliminated
!Bug to be Fixed

As I was saying the first one I'm going to concentrate now is in finishing the tutorial.

Enjoy the new version.

Cheers

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

What does response[raw] mean?   :)

snoopy_virtual

Quote from: lc62003 on March 01, 2010, 04:28:09 PM
What does response[raw] mean?   :)

It's the raw response from PHPot before processing it to take the values for the threat level, the number of days since last bad action, etc. You can see more information here:

http://www.projecthoneypot.org/httpbl_api.php

Normally it has no use once you have process it and extract all the info (that's why I have put it inside the "extra" stuff) but if there is an error is good to have it there just in case.

Cheers.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

Thanks snoopy!  This mod looks even better than before.   8)  Great work!

snoopy_virtual

You're welcome.

BTW, the new log system can do nothing with all the entries already in the log. Just now you should have almost all of them in the "Spammers log" and just a few (if any) in the "Errors log".

But all the new entries from mow on should go like that:

- The mod is supposed to stop only dangerous spammers, so all the new entries with red colors should go to the "Spammers log".

- The mod is supposed as well to let pass as many humans as possible, so all the new entries with light colors (less dangerous) should go to the "Humans log".

- It should be very few or no entries in the "Errors log".

If anybody see too many red entries in the "Humans" or too many light entries in the "Spammers" or too many errors, there is something wrong, so please tell me so we can see what's wrong.




Another BTW, I have set all my forums like that:

Bad days => 90
Bad level => 1
Very bad level => 30
Cookie => 24h

I'm studying their logs and everything seems fine, but if any of you tries different values and sees they work better please let us know.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

MOD httpBL v2.3.1
==============






  • Author:
snoopy_virtual
  • Version:
2.3.1
  • Release:
1st March 2010
  • Languages:
  • Compatible With:
SMF 1.1.1 - 1.1.11
SMF 2 RC2

Well, that was quick.

I just released version 2.3 a few hours ago and butchs have already discovered a bug in it. We have sorted it together in a minute and here is the new version without it.

Luckily, this bug only affected at SMF 2 RC2. It didn't affect at all to SMF 1.1.x and anyway we have found it so quickly that only 3 people had already downloaded version 2.3

I know 2 of them have been lc62003 and butchs himself, and lc62003 uses SMF 1.1.11 so he has no problem.

I don't know who is the another person who downloaded it, but if it's you and you are reading this, if you use SMF 2 RC2 you need to update. If you use SMF 1.1.x it's exactly the same if you update or not. You won't see any difference.

Sorry for any inconvenience anyway.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

Actually....I am using 2.0 RC2 on 5 sites!   ;D  Thanks for pointing it out....I'll do the switch right away.   8)

butchs

I have 2RC2 and I found another bug with the human test.   I would not recommend that you install this version on a production site until we hash out the 2RC specific bugs.
:o
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Exsharaen

Well, now I can install this mod and not be blocked by my "unlucky IPs" :D As soon as I have more time I will play around with the settings and translate the missing lines (and warning.php as well). Anyway, I love the captcha option in warning.php so unlucky visitors (like me used to be :D) can pass validate themselves as... human :)

Thanks snoopy, you are the best ;)

snoopy_virtual

Quote from: Exsharaen on March 01, 2010, 11:07:48 PM
Well, now I can install this mod and not be blocked by my "unlucky IPs" :D As soon as I have more time I will play around with the settings and translate the missing lines (and warning.php as well). Anyway, I love the captcha option in warning.php so unlucky visitors (like me used to be :D) can pass validate themselves as... human :)

Thanks snoopy, you are the best ;)

You are welcome.

Anyway, not only the missing lines. I have changed a lot of the old ones as well. Sorry  ;)

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: butchs on March 01, 2010, 10:19:57 PM
I have 2RC2 and I found another bug with the human test.   I would not recommend that you install this version on a production site until we hash out the 2RC specific bugs.
:o

butchs is right. Be careful with that version if you have RC2

Is no problem with SMF 1.1.11, but with RC2 I'm not fully sure.

I only have a test forum with RC2 (the rest use 1.1.11) and it works for me OK in all of them, but in butchs forum is not working.

For those of you with RC2 it would be better to stay with version 2.2 until we test it a little more.

Of course if any of you is brave enough and want to try it (I mean on a test forum, not a production one) tell us what happen.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

Well.....now that it is on 4 RC2 active sites.....I don't see anything wrong, however I don't know what to look for either.   ;D  It's stopped several bots on all the sites.   :)  Is the human thing the issue? 

snoopy_virtual

Yes and no.

No with all humans. It's no problem if they are guests, but as soon as a member of your forum gets caught your log system stop working.

It's a problem when the log tries to write the link to the profile page of that member.

But as I said only in RC2

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

MOD httpBL v2.3.2
==============






  • Author:
snoopy_virtual
  • Version:
2.3.2
  • Release:
2nd March 2010
  • Languages:
  • Compatible With:
SMF 1.1.1 - 1.1.11
SMF 2 RC2

I hope this time is the good one.

I have found were was the bug reported by butchs about the forum members not displaying properly in the "Humans Log" in SMF 2 RC2

The bad news is, as I was looking for that mistake, doing some more tests sending my forums all possible IP values, etc,  I have found another bug which affects all SMF versions.

When I have enter my forum (as admin) but with a fake IP, (with a bad number in PHPot DB) trying to see what will happen in that case, the mod had let me in (as expected) but has put in the log every page I have visited like I was being stopped. The mod shouldn't had done that, as I was not being stopped, I was entering with no problem.

The good news is I have found both mistakes and I have sorted them in this new version 2.3.2 so now everybody need to update, either using SMF 1.1.11 or SMF 2.0 RC2

I hope we don't find any more bugs for a while  ;D

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

giveaway365.com

i uninstall old version and install new? i have 2.2 right now.
I think its the same mistake which I told you 2 - 3 days ago...

GJSchaller

I went to remove the old verison from my SMF 1.1.11 - the option to remove it is not listed.  It looks like I'll need to manually update it from 2.3 to 2.3.2 - is there anything special I need to do, or can I just write over the older files?
Geoffrey J. Schaller
Knight Realms - Technical Officer
http://www.knightrealms.com/

Advertisement: