News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

httpBL

Started by Diego Andrés, February 17, 2010, 03:55:54 PM

Previous topic - Next topic

lc62003

I see you plan to provide better instructions....that would be great! 

So...please pardon my noobiness.....where do you install the honey pot script?  In the root folder or something like root/forum folder? 

Exsharaen

Actually I'd like to use this mod, but considering that today I am blocked from your site and I recall I was blocked some years ago, I'll look around first :)

Anyway, just in case there's any Indonesian who want to use it...

$txt['httpBL_honeyPot_link_error'] = 'Tautan honeyPot salah. Periksa pengaturan MOD httpBL Anda.';
$txt['httpBL_honeyPot_key_error'] = 'Kunci API http:BL API salah. Periksa pengaturan MOD httpBL Anda.';
$txt['httpBL_title'] = 'MOD httpBL';
$txt['httpBL_description'] = 'MOD httpBL memeriksa IP tiap pengunjung, apakah sudah ada dalam basis data projecthoneypot.
Jika ada, mod ini mengarahkan pengunjung ke halaman warning.php dan mencegah akses ke forum.<br />
Di sini Anda dapat menyalakan/mematikan mod dan mengganti beberapa parameter.';

$txt['httpBL_config'] = 'Pengaturan MOD httpBL';
$txt['httpBL_enable'] = 'Nyalakan/Matikan MOD httpBL';
$txt['httpBL_enable_bad_API_key'] = 'Kunci API Anda keliru. Silakan periksa dan coba lagi.';
$txt['httpBL_honeyPot_link'] = 'Tautan ke Honey Pot Anda';
$txt['httpBL_honeyPot_link_sub'] = 'Jika Anda ingin menggunakan MOD httpBL, Anda harus memasang Honey Pot
pada server Anda. Jika Anda belum mendapatkannya, kunjungi
<a href="http://www.projecthoneypot.org/?rf=62759" target="_blank">www.projecthoneypot.org</a>,
unduh dan pasang di server Anda. Setelahnya, tuliskan tautan ke Honey Pot tersebut.
Tautan tersebut mungkin seperti ini:<br /><b>http://www.situssaya.com/honeypotsaya.php</b>';
$txt['httpBL_honeyPot_key'] = 'Kunci API http:BL Honey Pot Anda';
$txt['httpBL_honeyPot_key_sub'] = 'Jika Anda ingin menggunakan MOD httpBL, Anda harus memiliki kunci API 
http:BL dari Project Honey Pot. Jika Anda belum memilikinya, kunjungi
<a href="http://www.projecthoneypot.org/?rf=62759" target="_blank">www.projecthoneypot.org</a>,
daftar dan dapatkan kunci Anda, lalu tulis di sini. Harap diingat, mereka tidak akan memberikan kunci API jika
Anda belum memasang sebuah Honey Pot, jadi sebaiknya pasang dulu.';
$txt['httpBL_honeyPot_word'] = 'Kata kunci untuk tautan Honey Pot Anda';
$txt['httpBL_honeyPot_word_sub'] = 'Ini adalah satu-satunya kata pada tautan Honey Pot Anda yang akan dilihat oleh spammer.
Tulis sesuatu yang cukup menarik bagi spammer untuk mengekliknya, jangan sesuatu yang menyeramkan.
Jika Anda tidak tahu harus menulis apa, biarkan kosong. Mod ini akan memilihkan satu untuk Anda.';
$txt['httpBL_info_email_1'] = 'Kata pertama email Anda';
$txt['httpBL_info_email_2'] = 'Kata kedua email Anda';
$txt['httpBL_info_email_3'] = 'Kata ketiga email Anda';
$txt['httpBL_info_email_sub'] = 'Mod ini memerlukan alamat email Anda untuk memberi tahu Anda jika ada masalah dan
untuk memberi tahu pengunjung yang kurang beruntung memiliki IP yang dianggap sebagai spammer
dan tidak tahu cara keluar dari halaman <b>warning.php</b>, jadi mereka dapat meminta bantuan Anda.
Isikan dengan alamat email yang valid. Alamat ini dipecah dalam 3 kata sehingga tidak dapat dilihat robot.
Contoh, jika alamat email Anda adalah <b>[email protected]</b>, kata pertama adalah <b>info</b>,
kata kedua adalah <b>situssaya</b>, dan kata ketiga adalah <b>com</b>.';
$txt['httpBL_enable_bad_email'] = 'Periksa alamat email yang Anda tuliskan. Anda tidak dapat mengosongkan salah satu dari ketiga kata.';
$txt['httpBL_bad_last_activity'] = 'Jumlah hari untuk menganggap sebuah IP baik-baik saja';
$txt['httpBL_bad_last_activity_sub'] = 'Jika suatu IP pernah digunakan oleh spammer, namun tidak ada yang salah
sejak sejumlah hari berlalu pada pilihan ini, kita anggap tidak berbahaya lagi
dan izinkan pengunjung masuk.';
$txt['httpBL_bad_threat'] = 'Tingkat ancaman yang dianggap buruk';
$txt['httpBL_bad_threat_sub'] = 'Project Honey Pot memberi setiap IP tingkat ancaman yang berubah tiap hari,
tergantung apa yang IP ini lakukan dan sudah berapa hari berlalu sejak saat itu.
Semua IP dengan tingkat ancaman lebih tinggi dari angka yang Anda berikan tidak dapat masuk.
Tidak disarankan untuk mengganti 2 nilai terakhir sampai Anda tahu cara kerja mod ini.';
$txt['httpBL_viewlog_extra'] = 'Lihat informasi tambahan pada log';
$txt['httpBL_viewlog_extra_sub'] = 'Jika Anda menandai pilihan ini, Anda akan melihat semua informasi
pada log, namun mungkin informasinya terlalu banyak dan Anda kehilangan fokus.
Sesekali lebih baik melihat hanya hal yang penting saja.';
$txt['httpBL_config_sub_1'] = 'Jika Anda ingin melihat halaman "warning.php" dengan
pengaturan ini (halaman yang akan dilihat pengunjung dengan IP dianggap berbahaya)
klik tautan ini:';
$txt['httpBL_config_sub_2'] = 'Jika Anda ingin mengganti desain atau menerjemahkan halaman tersebut dan
tidak tahu caranya, silakan minta bantuan di forum dukungan (hanya dalam bahasa Inggris):';

$txt['httpBL_viewlog'] = 'Log MOD httpBL';
$txt['httpBL_viewlog_description'] = 'Setiap kali MOD httpBL menghentikan spammer atau
mendeteksi kesalahan internal menambah sesuatu ke log, Anda bisa melihatnya di sini.';
$txt['httpBL_log_no_entries'] = 'Tidak ada data pada log MOD httpBL';
$txt['httpBL_log_date'] = 'Tanggal';
$txt['httpBL_log_ip'] = 'IP';
$txt['httpBL_log_threat'] = 'T.A.';
$txt['httpBL_log_threat_long'] = 'Tingkat Ancaman - Tingkat ancaman IP ini di basis data Project Honey Pot.';
$txt['httpBL_log_activity'] = 'A.B.T.';
$txt['httpBL_log_activity_long'] = Aktivitas Buruk Terakhir - Jumlah hari berlalu sejak IP ini
melakukan sesuatu yang buruk.';
$txt['httpBL_log_suspicious'] = 'M.';
$txt['httpBL_log_suspicious_long'] = 'Mencurigakan - Hanya dicurigai sebagai spammer.';
$txt['httpBL_log_harvester'] = 'P.';
$txt['httpBL_log_harvester_long'] = 'Pemanen - Robot yang mencari alamat-alamat email untuk dikirimi spam.';
$txt['httpBL_log_comment'] = 'S.K.';
$txt['httpBL_log_comment_long'] = 'Spammer Komentar - Robot yang menulis ke blog dan forum, biasanya penuh dengan
tautan ke situs yang dipromosikan oleh spammer.';
$txt['httpBL_log_url'] = 'Halaman';
$txt['httpBL_log_url_long'] = 'Halaman yang dikunjungi IP ini saat terdeteksi dan diusir oleh mod.';
$txt['httpBL_log_user_agent'] = 'Peramban yang digunakan IP ini';
$txt['httpBL_log_error_message'] = 'Pesan Galat';
$txt['httpBL_log_no_error'] = 'Tidak ada galat';
$txt['httpBL_log_remove_all_confirm'] = 'Anda yakin ingin menghapus semua data log MOD httpBL?';
$txt['httpBL_log_remove_selected_confirm'] = 'Anda yakin ingin menghapus semua data log MOD httpBL terpilih?';
$txt['httpBL_yes'] = 'Ya';
$txt['httpBL_pages'] = 'Halaman';
$txt['httpBL_threat_low'] = 'Ancaman rendah';
$txt['httpBL_threat_medium'] = 'Ancaman sedang';
$txt['httpBL_threat_high'] = 'Ancaman berbahaya';
$txt['httpBL_threat_very_high'] = 'Ancaman sangat berbahaya';
$txt['httpBL_threat_colors'] = 'Arti warna:';


And again a typo:

Quote$txt['httpBL_log_activity_long'] = 'Last Bad Activity - The number of days since this IP was seen
doing domething wrong.';
something?

Anyway, since I haven't installed it yet, I don't know if my translation will break the page layout. I'll install an SMF offline and test my translation, but I need to take a dinner now :D

Thanks :)

snoopy_virtual

Quote from: Exsharaen on February 18, 2010, 08:39:28 AM
Actually I'd like to use this mod, but considering that today I am blocked from your site and I recall I was blocked some years ago, ...


This is more urgent, so I answer this first:

Re-start your router until you get a different IP and try again my site

I will answer the rest later.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: lc62003 on February 17, 2010, 08:59:07 PM
I see you plan to provide better instructions....that would be great! 

So...please pardon my noobiness.....where do you install the honey pot script?  In the root folder or something like root/forum folder?

I'm writing just now an extensive tutorial in English and Spanish. It's not finished yet, but I'm on it just now, so I suppose it will be finished in a few hours, and that question is already answered there.

You can find it (the part it's done at least) here:

http://www.snoopyvirtualstudio.com/tutoriales/index.php?estudio=httpBL_2

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

Cool!  Thanks!  BTW, great mod.  I have a half dozen sites to install.... ;D

Fabius85

Quote from: snoopy_virtual on February 17, 2010, 08:14:30 PM
Quote from: butchs on February 17, 2010, 06:46:46 PM
Quote from: snoopy_virtual on February 17, 2010, 05:46:25 PM
Also, the function getmobileproperties() doesn't belong to this mod. I don't even know it.

Sounds like smf4iphone.  But in the last version I wrote, the "getmobileproperties" function was installed at the end of the load.php file and should be found so I believe he is running an older version.  Since I do not have a mobile device and have absolutely no means of supporting the mod, I gave it to "Fabius85", I am sure he can help you if you move this question to the correct thread.

Dismal Shadow if you tell Fabius85 about this problem tell him as well that the page warning.php is using SSI.php to load all the SMF functions. He will understand what that means and can help him understand where is the problem.

Anyway, as butchs was saying maybe you were just using an old version of smf4iphone. Try if there is any update.
he was just using the older version of the mod, no matters with last update (as butchs said) ;)

snoopy_virtual

#26
@ Exsharaen

Thanks for the translation. That was quick.  ;)

I will start a full language package (as we do with mod Stop Spammer) as soon as I finish the tutorial.

Quote from: Exsharaen on February 18, 2010, 08:39:28 AM
And again a typo:

Quote$txt['httpBL_log_activity_long'] = 'Last Bad Activity - The number of days since this IP was seen
doing domething wrong.';
something?

Yes, it's a typo.

I suppose I wrote that when I finished with the coffee and started with the beer.  ;D

I will correct that in the next version, but I don't recommend nobody changing it in their Modifications.english.php file now, because if you change even one character in your files, whenever I do the next version, the installer is going to complain and throw an error message, and it won't update properly.

======================

Going back to this problem:

Quote from: snoopy_virtual on February 18, 2010, 08:51:50 AM
Quote from: Exsharaen on February 18, 2010, 08:39:28 AM
Actually I'd like to use this mod, but considering that today I am blocked from your site and I recall I was blocked some years ago, ...


This is more urgent, so I answer this first:

Re-start your router until you get a different IP and try again my site

I will answer the rest later.

This is a normal issue when you have a dynamic IP (as almost all of us have).

I have this problem sometimes, as normally, when I re-start my router I get a different IP, so sometimes I get an IP that is in the spammers DB and cannot enter my own site, so I just re-start the router again and that's it.

Anyway sometimes the IP doesn't change just re-starting the router and you need to leave the router off for a few minutes. Just check it has actually changed.

Of course, if after trying with some different IPs still you are blocked then the problem is you have a trojan and your computer is part of a botnet, but I suppose you must have good anti-virus, anti-trojans, etc.

Another thing you can do is go to http://www.projecthoneypot.org and check your IP to see why it's in the database.

projecthoneypot => IP data => Lookup IP => enter the IP you want to check

It gives you not only all the information about what have been done from that IP but also from IPs in your neighbourhood.

Even, once you are a member and have installed at least one honey pot, you have access to more pages inside their site and you can ask them to add your IP to the "white list".

But I don't do that any more, as they usually need a day to add you that list and it's a lot faster re-starting the router.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: lc62003 on February 18, 2010, 09:19:37 AM
Cool!  Thanks!  BTW, great mod.  I have a half dozen sites to install.... ;D

If you are installing it in some different sites (as I have done) you can use the same API key for all of them, but it's a lot better if you install a honey pot for each one of them, as the mod works faster if the honey pot is in the same domain as the forum.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

butchs

My caught spammer log is getting long.  Does it automatically trim it's self or goes forever?
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

snoopy_virtual

Quote from: butchs on February 18, 2010, 09:39:38 AM
My caught spammer log is getting long.  Does it automatically trim it's self or goes forever?

No, it's not automatic. You need to delete them manually if you want to.

Won't be a bad idea to add that in the next version, but just now I'm leaving them to grow in all my forums, as I want to study the entries later.

Remember what I said somewhere about not being sure yet about the best Settings.

When you install it the "Threat level considered bad" is set to 10, but I have change that manually in all my forums to just 1 to stop everybody in the DB and see the difference.

On top of that if a friend tell you he was trying to enter your forum and couldn't, knowing the date and the time, you can see what IP he was using and study in projecthoneypot what was wrong with that IP, and you won't be able to do that if you have deleted that entry.

Anyway I will consider adding that to the next version. Leaving the data in the log for x days.

Even adding an option to the settings for automatic trim or not and for how many days you want to keep the data.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Exsharaen

Well I can confirm that I have an antivirus and antispyware plus a firewall always turned on in a strict mode (I monitor any ingoing and outgoing network activities), and yes I have dynamic IP. The latest one, 125.164.136.108, is confirmed to be suspicious (FYI the first one I tried today to be blocked was 110 something, I forgot to note it down) although it might be obsolete.

Anyway, by translating I recall there's an option to set number of days to consider an IP being "good" again? Maybe I can alter that setting further and see which setting fits better...

Just call me lazy, but in fact I do feel lazy to restart the router everytime I am blocked, esp. that it's a wireless one, it's not in the same room as I'm using the Internet, and someone might be using it at the same time I am blocked, bla bla bla :P but I'll try again some time later (in fact I am really curious about your site :D)

For now, consider I am a little bit unlucky :)

snoopy_virtual

Quote from: Exsharaen on February 18, 2010, 12:05:45 PM
---
Just call me lazy,
...

OK, if you say so, I call you lazy.  ;D

Quote from: Exsharaen on February 18, 2010, 12:05:45 PM
---
The latest one, 125.164.136.108, is confirmed to be suspicious
...
For now, consider I am a little bit unlucky
...

You are really unlucky. I have been checking out that IP an the threat level is just 1  :D

OK. I have changed again the "Threat level considered bad" in my site up to 5.

Now you can pass. At least until you re-start your router and get a worst IP  :D

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Exsharaen

Quote from: snoopy_virtual on February 18, 2010, 12:55:12 PM
Quote from: Exsharaen on February 18, 2010, 12:05:45 PM
---
Just call me lazy,
...
OK. I have changed again the "Threat level considered bad" in my site up to 5.

Now you can pass. At least until you re-start your router and get a worst IP  :D

Thanks, I'm there now, although now I forget what I should search there :P I assume the support forum for your mod is here?

Don't mind me though, just reset the threat level. I don't want spammers to get in there just because of me :)

That reminds me, what is the highest setting for threat level? You said you lowered your site to 5, but I recall somewhere the threat level 1 will block everyone. Does "everyone" here refer to "everyone in the PHPot DB" or literally "everyone"?

I'll try to activate the mod tomorrow and see if I am blocked :P by the way, isn't there any exception for admins to not be blocked?

Thanks :)

PS: I hesitate to register at your forum after reading the TOS; I might not be so active, although somehow I am interested there :)

lc62003

OK, I have a question....hopefully about an interesting scenario.  One of my sites has a shoutbox.  Apparently the spam bot was already working the site when I installed the honey pot mod.  So in the MOD log it's showing the bot attempting to hit the shoutbox every thirty seconds or so....has been for 16 hours or more.  Needless to say the list is getting lengthy.  I've tried turning off the shoutbox, banning the IP, but nothing is making it go away.  Picture leaving the browser open and continually hitting the 'shout' button...since no further action is taken the page isn't refreshed to make the changes take effect.  Can you think of any way to make it go away?   :D

snoopy_virtual

#34
Quote from: Exsharaen on February 18, 2010, 01:33:10 PM
...
That reminds me, what is the highest setting for threat level? You said you lowered your site to 5, but I recall somewhere the threat level 1 will block everyone. Does "everyone" here refer to "everyone in the PHPot DB" or literally "everyone"?
...

Level 1 blocks everyone in the PHPot DB

Take a look at this:

http://www.projecthoneypot.org/threat_info.php

The highest I have seen so far in my logs is 73 but I am not sure how high it can go.

I have realized putting it down to 1 is too much. In PHPot page they say 10 is a safe enough number, but I wanted to experiment with different values to see what happen.

Quote from: Exsharaen on February 18, 2010, 01:33:10 PM
...
by the way, isn't there any exception for admins to not be blocked?
...

My god, Am I stupid or what?

I never thought about that. I need to put it in the next version ASAP

Quote from: Exsharaen on February 18, 2010, 01:33:10 PM
...
I hesitate to register at your forum after reading the TOS
...

I need to change that TOS. It was because 3 years ago we were having some people just looking for a laugh and we were fed up with them, but you are welcome, of course.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: lc62003 on February 18, 2010, 01:52:16 PM
OK, I have a question....hopefully about an interesting scenario.  One of my sites has a shoutbox.  Apparently the spam bot was already working the site when I installed the honey pot mod.  So in the MOD log it's showing the bot attempting to hit the shoutbox every thirty seconds or so....has been for 16 hours or more.  Needless to say the list is getting lengthy.  I've tried turning off the shoutbox, banning the IP, but nothing is making it go away.  Picture leaving the browser open and continually hitting the 'shout' button...since no further action is taken the page isn't refreshed to make the changes take effect.  Can you think of any way to make it go away?   :D

What shoutbox mod are you using?

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

Quote from: snoopy_virtual on February 18, 2010, 02:08:04 PM
Quote from: lc62003 on February 18, 2010, 01:52:16 PM
OK, I have a question....hopefully about an interesting scenario.  One of my sites has a shoutbox.  Apparently the spam bot was already working the site when I installed the honey pot mod.  So in the MOD log it's showing the bot attempting to hit the shoutbox every thirty seconds or so....has been for 16 hours or more.  Needless to say the list is getting lengthy.  I've tried turning off the shoutbox, banning the IP, but nothing is making it go away.  Picture leaving the browser open and continually hitting the 'shout' button...since no further action is taken the page isn't refreshed to make the changes take effect.  Can you think of any way to make it go away?   :D

What shoutbox mod are you using?


Simple Portal.   :)

snoopy_virtual

@lc62003

Try uninstalling my mod, wait for a few minutes, check that the bot IP is still banned and then install the mod again.

Maybe will work.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

lc62003

No dice.  Perhaps it will give up in a few days.   :-\

snoopy_virtual

I am not sure with Simple Portal, but can you uninstall just the shoutbox without uninstalling the full Simple Portal?

If you can, try uninstalling both the shoutbox and my mod, waiting for a while and install them again.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Advertisement: