News:

Wondering if this will always be free?  See why free is better.

Main Menu

httpBL

Started by Diego Andrés, February 17, 2010, 03:55:54 PM

Previous topic - Next topic

Kakers

I've used SMF for about 3 years now and I do prefer it over the other forums out there, the only downside is hearing about and experiencing the amount of spam/bots that the 1.1.11 SMF forums gets hit with. Currently I administrate two SMF boards and both were getting around 1 spam bot a day sign up, even with admin approval set up it becomes tiresome quickly. I have tried other mods like 'Are you Human?' and if I'm honest, it didn't make any difference to the levels of spam at all. It had progressed and gotten to the point where I had to banned the IPs for all the ISPs in 4 different countries via that .htaccess file!

I will admit I was a bit dubious about setting up this mod at first as I had only taken a quick glance at it while I was at work. I like many others were just looking for a quick fix and didn't really want to go through all the hassle of setting up accounts on sites and uploading files. I AM SO GLAD I DID!!! After 12 hours of having it installed I have not had any spam accounts sign up and even seen that there have been 6 bots or suspicious IPs that have been denied access to the forums. Now that I have set it up once doing it for the other forum should be quick and simple. I am going to see how it runs for the next few days and if all is well, I might be able to unblock those 4 countries. (Russia, Germany, Korea & China .... Not that I expect any of them will visit my site... but you never know).

I don't normally write reviews and such but... thank you for this Mod, It has made my life easier! ;)

snoopy_virtual

#241
Thanks for your kind words Kakers.

As I also administer a few forums and had the same problems with spam (that's the reason why I did this mod in the first place) I'm going to give you a couple of advises:

If you are installing the mod in a few different forums, you can use the same API key for all of them, so you don't need to register another account with "Project Honey Pot", but the mod works a little faster if the honey pot is installed in the same domain as the forum, so it's better if you install a different honey pot inside each forum. It's just a little more work, but it's worth the hassle.

I will recommend you as well to install in every forum my other mod StopSpammer:

http://custom.simplemachines.org/mods/index.php?mod=1547

Both mods are complementary and you will see a big difference when using both at the same time.

Each one uses a different database to see if they are spammers and uses a completely different method to check it.

Also mod StopSpammer is a lot easier to install than mod httpBL  ;D

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Kakers

Thanks for the advice, I will also try that mod.

I currently have the honeypot sat in the root '/' of my html directory where our wordpress blog sits. (I have now installed Bad Behaviour on our WP blog to use the honey pot!)  ;D The SMF forums are in a sub-directory '/forums/' The site normally gets about 6k hits a day, 1k unqiue hits. The forums get visited less then that however and having installed the WP and SMF mods I haven't noticed any decrease in speed. For this site I own the domain name but not the hosting.

The other forums are hosted on my domain/hosting so I will be creating a seperate hot pot for that one which will sit in the '/forums/' directory purely because the main page is html  ::)

shaitanfr

Something strange. I was contacted by a member who is blocked by httpBL. But his IP is not in the projecthonepot database. In my logs I can see his IP with S - Low Threat.
I chek and found others IP in the same configuration, blocked but not referenced on the database.





snoopy_virtual

Quote from: shaitanfr on July 11, 2010, 11:25:27 AM
Something strange. I was contacted by a member who is blocked by httpBL. But his IP is not in the projecthonepot database. In my logs I can see his IP with S - Low Threat.
I chek and found others IP in the same configuration, blocked but not referenced on the database.

It looks like an error somewhere.

Can you tell me one of the IPs and all the info you can see in your log about it (including the "extra info")?

I would like to investigate the issue.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

shaitanfr

#245
Yep,

For example:




snoopy_virtual

I don't really know how the web site in "Project Honey Pot" works. All I know is what I have read on their site and what I have seen while using their API to create this mod, so most of what I am going to tell you here is just guessing, but anyway I think it's a good guess.

As far as I know, the database with all the spammers information (the database used by the mod to check if an IP is spammer) is a dynamic one, changing every hour with all the information received from all the Honey Pots around the world. It's also a very big database and it has a lot of information. Not only about "Harvesters" and "Comment Spammers" but also about a lot of other "Suspicious" behaviours which the program cannot identify just now.

If you read their API manual: http://www.projecthoneypot.org/httpbl_api.php you can see they are working on it and in they have reserved some other values of the response from the database for future use, but I think they will identify only really dangerous behaviour and will leave as just "Suspicious" any kind of behaviour not too dangerous.

As I said this database is dynamic. All the process is fully automatic and it's hosted in a few mirror servers, so it's always on-line. (At least I have never seen this database off-line in the last 2 years).

As you can see, when the mod checked the IP 84.97.153.127 inside this database it got the response 127.29.3.1

The first number (127) just means that the response is correct.

The next number (29) is the number of days since this IP was last seen doing something wrong.

The next number (3) is the threat level of this IP. A very low number really. In Honey Pot's site they say a few times any IP with a threat level less than 10 is not really dangerous at all.

The last number (1) means this IP has not been seen doing "Harvesting" or "Commenting" work yet, and it's only "Suspicious".

You can also see that when, whoever was trying to see your site from this IP, was redirected to your "warning" page didn't give any answers to the captcha questions.

That means that either it was a trojan robot working inside the computer with that IP (one who doesn't know how to answer captcha questions) or it was a human who was very scared when he read he may have a virus and just closed the web page because he didn't know what else he should do.




On the other hand, when you check an IP inside Honey Pot's site you are using a completely different database. You are using the database which keeps Honey Pot's web site on.

This is not a fully automatic database and the information it has is very different from the first database. It doesn't get all the input automatically from the Honey Pots around the world, but also from comments the site users leave about different IPs.

Some things anyway come from the Honey Pots automatically. Mainly the actions done by "Harvesters", "Comment Spammers", etc, but here it has different information than the first database. Instead of just "numbers" about how many times an IP did something wrong, how many days ago, etc it has "text" information. For example from a "Comment Spammer" it tells you what kind of posts it writes in the forums, what links to malicious sites, etc

But a big difference is that this database only has "Proven facts", not just "Suspicious actions", so when you check the IP 84.97.153.127 here and you get nothing, it means that IP has been doing only something suspicious, but nothing really dangerous that can prove it is a spammer.

That is why it has only a 3 in the threat level.




As I said at the beginning all this is only guessing. It would be better if we ask this question in their own forum:

http://www.projecthoneypot.org/board/

The problem is that forum has very few movement. I have asked a few questions myself there and only a couple of them have been answered.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

shaitanfr

Ok, I understand. It's frustrating for me not to speak better English to respond.

QuoteYou can also see that when, whoever was trying to see your site from this IP, was redirected to your "warning" page didn't give any answers to the captcha questions.

I have an explanation:

In my sign you can see the link to "Cine-Passion". A free service that I host and used by different media center solutions. (thousands users every days)  So these are the machines and programs that connect to this service, this explains why there are no answers to the captcha.

It is a real problem for me to continue to use httpBL.
In fact I've never had problems with spam. I installed several anti-spam mods and although my sections are mostly accessible to guests in more than two years, only one spammer has managed to post spam, Xrumor the famous, and he could not save links in the message.

I also installed StopSpammer just before httpBL. I scanned my base member, only one spamer was registered, the email address left no doubt he is a spammer.
To conclude, I installed httpBL because I found it's a very great system, beautiful, but because of the nature the service that my site offers, I do not think I can continue to use it.

I hope you anderstand my answer :)

snoopy_virtual

Don't worry about your English. I understand you very well.  ;)

So, your problem is a lot of your visitors are robots coming from different media centre solutions, but these robots are not spammers.

Well, the httpBL system normally recognizes this kind of robots and let them pass.

The problem is they haven't got inside their database all the "legal" robots in the world. Only the more important ones.

At least, the robots from the main software companies (Google, Microsoft, Yahoo, etc) are always recognized, because the owners of these robots have told everybody about them so we know what they do and how to recognize them.

But if a robot is not recognized (because it's not in the database) it will always get a very low threat level (less than 10) if it's not doing something really bad.

For example, as you can see, this 2 you got only have a threat level of 3.

I can assure you, if an IP get a threat level of 40 or more, it is for sure a very dangerous spammer. Remember the threat level is not a linear scale, but a logarithmic one.

What I think you should do is to check your logs to see what is the threat level of all the IPs stopped by the mod with only "Suspicious" on, with no "Harvesters" or "Comment Spammers", and change your configuration to let pass all this robots and stop only the really dangerous.

A good configuration (good for almost everybody) will be to put the "Threat level considered bad" up to 10 and the "Threat level considered VERY bad" to 30.

This way everybody with a threat level less than 10 will pass.
With a treat level between 10 and 30 will see the captcha.
More than 30 will be stopped.

But as I say, it's up to you to see your logs to decide the best numbers for your site.

These numbers cannot be always the same for every web site. That's the reason why I put in the last version all this log system and all these different numbers in the configuration that were not there in earlier versions.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

shaitanfr

#249
But yes, it is the solution !

QuoteBut as I say, it's up to you to see your logs to decide the best numbers for your site.


I looked at my logs and only one service user has a score of 14 is the maximum. I can see its user agent and its activity that tell me that it's software.


( We ask the developers that their software return a user agent with requests )

All others have a score between 3 and 4
So here, I just have to adjust accordingly.
Again merci Monsieur.   :)

snoopy_virtual

Il n'y a pas problème  ;)

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Saint_Frater

I don't know if there is any french translation; here is my contribution:

// MOD httpBL START - Translation by Frater
// General
$txt['httpBL_title'] = 'MOD httpBL';
$txt['httpBL_honeyPot_link_error'] = 'Mauvaise URL honeyPot. Vérifiez votre configuration MOD httpBL.';
$txt['httpBL_honeyPot_key_error'] = 'Maivaise clé http:BL API. Vérifiez votre configuration MOD httpBL.';
$txt['httpBL_honeyPot_key_error_2'] = 'Echec de Connection. Cela veut dire que soit votre clé http:BL API est incorrect ou qu\'il y a problème avec votre configuration DNS.';
$txt['httpBL_caught'] = 'Spammers bloqué par MOD httpBL: ';

// Config page
$txt['httpBL_description'] = 'Le MOD httpBL v&eacute;rifie l\'adresse IP de chaque visiteur pour savoir si celle-ci est d&eacute;j&agrave; dans la base de donn&eacute;es projecthoneypot. Si c\'est le cas, la modication redirige ceux-ci vers la page warning.php interdisant l\'acc&egrave;s au forum.<br />Ici vous pouvez activer ou d&eacute;sactiver la modification et changer quelques un de ses param&egrave;tres.';
$txt['httpBL_config'] = 'Param&egrave;tre MOD httpBL';
$txt['httpBL_enable'] = 'Activer/D&eacute;sactiver MOD httpBL';
$txt['httpBL_enable_bad_API_key'] = 'La cl&eacute; API que vous avez &eacute;crite est mauvaise. V&eacute;rifiez soigneusement celle-ci et essayez &agrave; nouveau.';
$txt['httpBL_honeyPot_link'] = 'URL vers votre Honey Pot';
$txt['httpBL_honeyPot_link_sub'] = 'Si vous d&eacute;sirez utiliser httpBL, vous devez avoir un Honey Pot install&eacute; sur votre serveur. Si vous n\'en avez pas, vous devez allez sur <a href="http://www.projecthoneypot.org/?rf=62759" target="_blank">www.projecthoneypot.org</a> pour en cr&eacute;er un et l\'installer sur votre serveur. Apr&egrave;s cela, inscrire l\'URL de ce honeypot ici. Cela peut &ecirc;tre quelque chose comme:<br /><b>http://www.yourwebsite.com/yourhoneypot.php</b>';
$txt['httpBL_honeyPot_key'] = 'Votre cl&eacute; Honey Pot http:BL API';
$txt['httpBL_honeyPot_key_sub'] = 'Si vous d&eacute;sirez utiliser httpBL vous devez avoir aussi une cl&eacute; http:BL API r&eacute;&ccedil;ue du Project Honey Pot. Si vous n\'en avez pas rendez-vous a l\'URL <a href="http://www.projecthoneypot.org/?rf=62759" target="_blank">www.projecthoneypot.org</a> pour vous enregistrer et en obtenir une que vous inscrirez ici. Veuillez noter que vous ne recevrez pas de cl&eacute; si vous n\'avez pas installer votre Honey Pot, il vaut mieux commencer par cela.';
$txt['httpBL_honeyPot_word'] = 'Mot cl&eacute; de votre URL Honey Pot';
$txt['httpBL_honeyPot_word_sub'] = 'Ce mot cl&eacute; est le seul mot dans votre URL Honey Pot que les spammers verons. Ecrivez quelque chose qui va les attirer et les faire cliquer dessus et pas quelques choses qui va les effrayer. Si vous ne pouvez pas trouver de bon mot, laissez ce champ vide, httpBL va le choisir pour vous.';
$txt['httpBL_info_email_1'] = 'Premier mot de votre email';
$txt['httpBL_info_email_2'] = 'Second mot de votre email';
$txt['httpBL_info_email_3'] = 'Troisi&egrave;me mot de votre email';
$txt['httpBL_info_email_sub'] = ' httpBL a besoin de votre adresse address pour vous informer en cas de probl&egrave;me et aussi d\'afficher celle-ci aux malheureux humains qui on une adresse IP consid&eacute;rer comme spammer et qui ne savent pas comment sortir de la page <b>warning.php</b>, ainsi ils peuvent vous demander de l\'aide. Donc cette adresse doit &ecirc;tre valide. Nous l\'avons s&eacute;parer en 3 mots afin que les robots ne puissent pas la voir. Par exemple, si votre adresse est <b>[email protected]</b> le premier mot est <b>info</b>, le second est <b>yourwebsite</b>, et le troisi&egrave;me est <b>com</b>.';
$txt['httpBL_enable_bad_email'] = 'V&eacute;rifiez l\'adresse email que vous avez &eacute;crit. Vous ne pouvez pas laisser les champs vide.';
$txt['httpBL_bad_last_activity'] = 'Nombre de jours pour examiner une bonne IP';
$txt['httpBL_bad_last_activity_sub'] = 'Si une adresse IP a &eacute;t&eacute; consid&eacute;rer comme appartenant &agrave; un spammeur avant, mais que personne n\'a vu quelque chose de suspect depuis au moins ce nombre de jours, nous pouvons consid&egrave;re la requete comme non dangereuse et laisser le visiteur passer.';
$txt['httpBL_bad_threat'] = 'Niveau de menace consid&eacute;r&eacute; comme mauvais';
$txt['httpBL_bad_threat_sub'] = 'Project Honey Pot donne &agrave; toutes les adresses IP un niveau de menace qui &eacute;volue chaque jour en fonction de ce que l\'adresse IP fait et depuis combien de jours il l\'a fait. Chaque IP avec un niveau de menace inf&eacute;rieur au nombre que vous mettez ici passera sans m&ecirc;me &ecirc;tre v&eacute;rifi&eacute;.';
$txt['httpBL_very_bad_threat'] = 'Niveau de menace consid&eacute;r&eacute; comme TRES mauvais';
$txt['httpBL_very_bad_threat_sub'] = 'Tout IP avec un niveau de menace plus grande que le nombre que vous mettez ici seront bloqu&eacute;. Les adresses IP avec un niveau de menace entre les deux nombres auront un "captcha" et, s\'ils prouvent qu\'ils sont bien des &ecirc;tres humains, il leur sera accord&eacute; un laissez-passer pour quelques heures.';
$txt['httpBL_cookie_length'] = 'Nombre d\'heures avant de devoir prouver &agrave; nouveau que le visiteur est humain';
$txt['httpBL_cookie_length_sub'] = 'Comme les adresses IP changent tr&egrave;s souvent, lorsque les visiteurs voient les "captcha" et qu\'ils prouvent qu\'ils sont humains, ils sont autoris&eacute;s uniquement pour ce nombre d\'heures. Apr&egrave;s ce temps, il se peut que l\'adresse IP soit attribu&eacute;e a une autre ordinateur. Nous ne vous conseillons pas de modifier ces 4 derni&egrave;res valeurs jusqu\'&agrave; ce que vous connaissez la fa&ccedil;on dont fonctionne httpBL.';
$txt['httpBL_no_negative_here'] = 'Le nombre de jours et le niveau de menace ne peuvent pas &ecirc;tre des nombres n&eacute;gatifs ou 0.';
$txt['httpBL_no_higher_than'] = 'Le niveau de menace per&ccedil;u comme mauvais ne peut pas &ecirc;tre plus &eacute;lev&eacute; que le niveau de la menace consid&eacute;r&eacute; <b>tr&egrave;s</b> mauvais.';
$txt['httpBL_viewlog_extra'] = 'Voir des informations suppl&eacute;mentaires dans le log';
$txt['httpBL_viewlog_extra_sub'] = 'Si vous activ&eacute; cette option, vous allez voir toutes les informations dans le journal, mais c\'est peut-&ecirc;tre un peu trop et vous risquez de vous y perdre. Parfois, il vaut mieux ne voir que les choses importantes.';
$txt['httpBL_config_sub_1'] = 'Si vous voulez voir le look de votre "warning.php page" avec ces param&egrave;tres (la page vers laquelle sera redirig&eacute;e toute personne avec une IP consid&eacute;r&eacute;e comme dangereuse ), appuyez sur cette URL:';
$txt['httpBL_config_sub_2'] = 'Si vous voulez changer de design ou la traduction de cette page et vous ne s \'avez pas comment faire, ou si vous avez toute autre question sur le httpBL, vous pouvez demander de l\'aide dans le <a href = "http://www.simplemachines.org/community/index.php?topic=366399" target = "_blank">Forum de support officiel</a> ou d\'essayer de trouver plus d\'informations dans <a href = "http:// www.snoopyvirtualstudio.com/tutoriales/index.php?estudio=httpBL_2 "target =" _blank ">le tutorial</a>.';

// View log page
$txt['httpBL_viewlog'] = 'httpBL Spammers Log';
$txt['httpBL_viewlog_description'] = 'Chaque fois que httpBL bloque un spammeur ou d&eacute;tecte une erreur interne, il ajoute une entr&eacute;e &agrave; ce journal, vous pouvez le consulter ici. Voici est la liste des spammeurs arr&ecirc;t&eacute; par le httpBL soit parce que leur niveau de menace est plus &eacute;lev&eacute; que le niveau de menace consid&eacute;r&eacute;e comme <b>tr&egrave;s</ b> ou mauvaise parce qu\'il voyait les "captcha" et qu\'ils n\'ont pas prouver qu\'ils &eacute;taient des humains.';
$txt['httpBL_viewlogpass'] = 'httpBL Humans Log';
$txt['httpBL_viewlogpass_description'] = 'Ceci est la liste des humains bloqu&eacute; par httpBL, mais autoris&eacute;s apr&egrave;s qu\'ils aient prouv&eacute; qu\'ils n\'&eacute;taient pas des robots.';
$txt['httpBL_viewlogerror'] = 'httpBL Errors Log';
$txt['httpBL_viewlogerror_description'] = 'Ceci est la liste des erreurs internes d&eacute;tect&eacute;es par httpBL en essayant de v&eacute;rifier une adresse IP. Selon l\'erreur, certains d\'entre eux ont &eacute;t&eacute; bloqu&eacute;s et d\'autres peuvent avoir &eacute;t&eacute; autoris&eacute;s &agrave; passer. Pour voir tous les d&eacute;tails, vous devez appuyer sur le bouton <b>"Plus d\'informations"</ b>.';
$txt['httpBL_log_no_entries'] = 'Il n\'y a pas d\'enregistrements dans le httpBL spammeurs Log. Soit vous n\'avez pas encore surpris de spammeur ou bien vous avez effac&eacute; toutes les entr&eacute;es.';
$txt['httpBL_logpass_no_entries'] = 'Il n\'y a pas d\'enregistrements dans le httpBL Humans Log. Soit personne n\'a prouv&eacute; qu\'il &eacute;tait humain ou bien vous avez effac&eacute; toutes les entr&eacute;es.';
$txt['httpBL_logerror_no_entries'] = 'Il n\'y a pas d\'enregistrements dans le httpBL Errors Log. Soit aucune erreur ne s\'est pr&eacute;sent&eacute;e ou bien vous avez effac&eacute; toutes les entr&eacute;es.';
$txt['httpBL_viewlog_extra'] = 'Plus d\'informations';
$txt['httpBL_viewlog_normal'] = 'Moins d\'informations';
$txt['httpBL_log_show_legend'] = 'Afficher la l&eacute;gende';
$txt['httpBL_log_hide_legend'] = 'Cacher la l&eacute;gende';
$txt['httpBL_pages'] = 'Pages';
$txt['httpBL_log_date'] = 'Date';
$txt['httpBL_log_ip'] = 'IP';
$txt['httpBL_log_threat'] = 'Niv. M.';
$txt['httpBL_log_threat_long'] = 'Niveau de Menace - Le niveau de menace de l\'adresse IP dans la base de donn&eacute;es project Honey Pot.';
$txt['httpBL_log_activity'] = 'D. M. A.';
$txt['httpBL_log_activity_long'] = 'Derni&egrave;re Mauvaise Action - Le nombre de jours &eacute;coul&eacute;s depuis cette adresse IP a &eacute;t&eacute; vu faire quelque chose de mal.';
$txt['httpBL_log_suspicious'] = 'S.';
$txt['httpBL_log_suspicious_long'] = 'Suspect -  Juste suspect&eacute; d\'&ecirc;tre un spammeur.';
$txt['httpBL_log_harvester'] = 'H.';
$txt['httpBL_log_harvester_long'] = 'Harvester - Un robot qui navigue &agrave; la recherche d\'adresses e-mail pour les utiliser plus tard pour envoyer du spam.';
$txt['httpBL_log_comment'] = 'C.';
$txt['httpBL_log_comment_long'] = 'Spammer de Commentaires - Un robot qui post sur des blogs et des forums. Ces postes sont g&eacute;n&eacute;ralement plein de liens vers des sites promue par les spammeurs.';
$txt['httpBL_log_url'] = 'Page';
$txt['httpBL_log_url_long'] = 'La page que l\'adresse IP visitait quand httpBL expulser le visiteur';
$txt['httpBL_log_user_agent'] = 'Browser';
$txt['httpBL_log_error_message'] = 'Message';
$txt['httpBL_yes'] = 'Oui';
$txt['httpBL_threat_colors'] = 'Signification des couleurs:';
$txt['httpBL_threat_low'] = 'Menace faible';
$txt['httpBL_threat_medium'] = 'Menace moyenne';
$txt['httpBL_threat_high'] = 'Menace forte';
$txt['httpBL_threat_very_high'] = 'Menace tr&egrave;s &eacute;lev&eacute;e';
$txt['httpBL_log_remove_all_confirm'] = 'Etes-vous certains de vouloir supprimer tout les enregistrements httpBL Log? - Cette action aura effet sur l\'ensemble des logs, pas seulement sur celui de cette section.';
$txt['httpBL_log_remove_selected_confirm'] = 'Etes-vous s&ugrave;r de vouloir supprimer tout les enregistrements du journalh ttpBL s&eacute;lectionn&eacute;?';

// Errors
$txt['httpBL_log_no_error'] = 'Aucune erreur';
$txt['httpBL_no_errorNumber'] = 'Il n\'ya pas de num&eacute;ro d\'erreur';
$txt['httpBL_no_defined'] = 'Pas encore d&eacute;fini';
$txt['httpBL_answers_captcha'] = 'R&eacute;ponses sur le captcha';
$txt['httpBL_answer_captcha'] = 'R&eacute;ponse sur le captcha';
$txt['httpBL_good'] = 'Bonne';
$txt['httpBL_bad'] = 'Mauvaise';
$txt['httpBL_empty_ip'] = 'IP vide';
$txt['httpBL_wrote_hidding'] = 'a &eacute;crit sur un espace cach&eacute;';
$txt['httpBL_no_show_captcha'] = 'Niv. M. trop &eacute;lev&eacute;. Nous n\'avons pas affich&eacute; de "captcha"';
$txt['httpBL_no_reverse_ip'] = 'Impossible de v&eacute;rifier. l\'IP n\'est pas normal. Authoris&eacute;e &agrave; passer';
$txt['httpBL_log_key_error'] = 'Impossible de v&eacute;rifier &agrave; cause d\'une erreur de cl&eacute; API. Authoris&eacute;e &agrave; passer';
$txt['httpBL_no_127'] = 'Impossible de v&eacute;rifier. La response[brute] ne commence pas par 127. Authoris&eacute;e &agrave; passer';
$txt['httpBL_unknown'] = 'inconnu';
// MOD httpBL END

snoopy_virtual

I should have talked about this already inside the tutorial, so anybody trying to translate this mod will have it a little easier, but it seems I never find the right time to do it.

OK, I will try to give a quick explanation here and I will put it more clear in the tutorial whenever I can:

To translate this mod completely there are actually 2 different things which need to be translated:


  • The sentences inside the mod's configuration (which only admins can see)
  • The sentences inside the warning page (which everybody with a bad IP will see)

What you (Saint_Frater) have translated just now is the first part. The sentences inside the /Themes/default/languages/Modifications.whatever_language_it_is.php which control all the sentences inside the "Admin" => "MOD httpBL" => "Configuration", "Logs", etc.

As I said, only admins can see this, so it will help any French admin who want to configurate properly this mod but doesn't speak good english, and no, it wasn't translated yet to French, so thanks a lot for the contribution.

The second part, the sentences inside the warning page, had already been translated to French by shaitanfr (see here: http://www.simplemachines.org/community/index.php?topic=366399.msg2690621#msg2690621 ) so actually French is the first language this mod has been fully translated already.

Thanks again to both of you (shaitanfr and Saint_Frater).

Keep the good work.  ;)

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Saint_Frater

no problem

as this mod is very useful, I think it should be usable to everyone, he speaks English or not ...

Trishah

I have a member who wants to login to our forum from work at Yankee Stadium but HoneyPot keeps blocking him.  He can login from from home.  I've read through everything I can find and went to PHP site and tried to find info there about how I can wither whitelist his work IP on there or just for my website but I can't find the answer.  The IP address is:  12.71.69.114

How do I "white list" him?

mjmfighter

Hey,

First off, great mod.  Blocked a couple of spammers already.  but i have a problem with the warning page.  This shows up at the top of the warning page when viewed

array( 'tag' => 'random', 'type' => 'unparsed_content', 'content' => '$1', 'validate' => create_function('&$tag, &$data, $disabled', ' $data = strtr($data, array(\'
\' => \'\')); $data = random_bbcode($data); '), ), array( 'tag' => 'random', 'type' => 'unparsed_equals_content', 'content' => '$1', 'disallow_children' => array('email', 'ftp', 'url', 'iurl'), 'disabled_after' => ' ($1)', 'validate' => create_function('&$tag, &$data, $disabled', ' $data[1] = strtr($data[1], array(\'
\' => \'\')); $data[0] = random_bbcode($data); '), ),


How can i fix this?

snoopy_virtual

Quote from: Trishah on August 18, 2010, 08:33:16 PM
I have a member who wants to login to our forum from work at Yankee Stadium but HoneyPot keeps blocking him.  He can login from from home.  I've read through everything I can find and went to PHP site and tried to find info there about how I can wither whitelist his work IP on there or just for my website but I can't find the answer.  The IP address is:  12.71.69.114

How do I "white list" him?

Hi Trishah,

To white list an IP you need to log into http://www.projecthoneypot.org with your username there and tell them.

Unfortunately, they don't have an automated button to do that (unless you are logging exactly from the same IP you want to white-list) so you will have to enter their "contact us" section http://www.projecthoneypot.org/contact_us.php and send them an email explaining the situation.

Normally, every time I need to send them an email, they answer me pretty soon.

Anyway, if you check exactly why this IP is black listed (see here: http://www.projecthoneypot.org/ip_12.71.69.114 ) you will see that somebody has been sending emails selling viagra from that IP, so if this is the address of your friend's work, I will suggest it would be better to inform the guy in charge of computer security there.

I suppose, if that's the IP of Yankee Stadium, they must have somebody responsible for computer security.

It looks like either one of the computers inside the stadium is infected with a trojan sending that emails or one of the workers is using one of the computers to make some extra money.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

snoopy_virtual

Quote from: mjmfighter on August 19, 2010, 09:46:45 AM
Hey,

First off, great mod.  Blocked a couple of spammers already.  but i have a problem with the warning page.  This shows up at the top of the warning page when viewed

array( 'tag' => 'random', 'type' => 'unparsed_content', 'content' => '$1', 'validate' => create_function('&$tag, &$data, $disabled', ' $data = strtr($data, array(\'
\' => \'\')); $data = random_bbcode($data); '), ), array( 'tag' => 'random', 'type' => 'unparsed_equals_content', 'content' => '$1', 'disallow_children' => array('email', 'ftp', 'url', 'iurl'), 'disabled_after' => ' ($1)', 'validate' => create_function('&$tag, &$data, $disabled', ' $data[1] = strtr($data[1], array(\'
\' => \'\')); $data[0] = random_bbcode($data); '), ),


How can i fix this?

Hi mjmfighter,

There is nothing inside the warning page I did with any connexion with that array there.

Have you modified the original warning page somehow?

What version of SMF and what version of the mod are you using?

Can you give me a link to your warning page so I can look at it myself?

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

mjmfighter

i am using SMF 2.0 RC3 and have not modified the page in any way.

here is the link to my warning page hxxp:cnkgaming.com/site/warning.php [nonactive]

snoopy_virtual

Quote from: mjmfighter on August 19, 2010, 12:55:12 PM
i am using SMF 2.0 RC3 and have not modified the page in any way.

here is the link to my warning page http://cnkgaming.com/site/warning.php

I think I have found the problem.

When I tried to see your warning page I saw the error message you said, but you didn't gave me the full message.

Apart from those lines about arrays you were talking about, there is another line more, with the real error message:


<b>Notice</b>:  SSI.php was unable to load a session!
This may cause problems with logout and other functions - please make sure SSI.php is included before
*anything* else in all your scripts! in
<b>/usr/www/*****/public/site/SSI.php</b> on line <b>172</b>


This means your warning page cannot work properly because it cannot find the file SSI.php or because you have a SSI file corrupted.

The file SSI.php is an important part of SMF and it has to be always in the same folder as the index.php of your forum (in your case the folder /usr/www/*****/public/site/ ) and without this file this mod is not going to work properly.

Please make sure you uploaded to your server that file to the proper folder when you were installing SMF. If you didn't (or just in case you uploaded a corrupted one) take a fresh copy of SMF 2.0 RC3 from here: http://download.simplemachines.org/

You will find inside the file SSI.php you need and you will be able to check if you have any other important files missing.

After you do that, check if you can see now your warning page properly and if the mod is working and tell us.

You can check if the mod is working just activating it, waiting a few hours and checking the mod logs. Depending on how many visitors you have, in some forums the mod stop one spammer every 24 hours, but in most forums the mod normally stop one spammer every hour or even every few minutes.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Advertisement: