• Welcome to Simple Machines Community Forum. Please login or sign up.

httpBL

Started by Diego Andrés, February 17, 2010, 03:55:54 PM

Previous topic - Next topic

snoopy_virtual

Quote from: landyvlad on January 26, 2018, 11:19:25 AM
Would this impact the number of dodgy types sneaking past the mod and ending up in the 'requires approval' queue?  Because since the 2.0.15 upgrade that has gone up significantly.

No.

This is a minor bug that doesn't have any impact at all in the way the mod stop the spammers.

The only problem with this bug is that it fills your "error log" with hundreds of "error 8: Undefined variable: ip" etc.

But the mod works exactly the same either if you fix it or not.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

landyvlad

OK thanks mate.  Obviously just a coincidence.
The Russian spammers seem super active of late.

I'm wondering how these are ending up in the 'require approval' queue, rather than getting bounced earlier and I never see them?
They are flagged by both email and IP as spammers.

And I've increased the number of 'security questions' to fifteen or so, with three correct answers needed. 

Any ideas?
Please do not PM, IM or Email me with questions on astrophysics or theology.  You will get better and faster responses by asking homeless people in the street. Thank you.

To paraphrase Kindred: "There are no technical solutions to social problems."

landyvlad

Is there a version planned for SMF 2.1?

If not, what alternative is recommended for 2.1 ?
Please do not PM, IM or Email me with questions on astrophysics or theology.  You will get better and faster responses by asking homeless people in the street. Thank you.

To paraphrase Kindred: "There are no technical solutions to social problems."

ziycon

Using 2.0.15, never come across any issues before except today I'm getting the below.


URL /index.php?
: Field 'error' doesn't have a default value
File: /var/www/Sources/httpBL_Subs.php
Line: 298

Gotten about 20 of these errors today, not other mods installed.

spiros

Same for me, here is the code:

292: array(
293: $time, $ip, $threat, $last_activity,
294: $suspicious, $harvester, $comment, $url,
295: $user_agent, $errorNumber, $username,
296: $raw, $stopped
297: ),
==>298: array()
299: );
300:
301: if ($return)

Arantor

Give the error column a default value in the database, or make it nullable.
No good deed goes unpunished
All helpful urges should be circumvented

spiros

Thank you! That did the trick.

barrypoore

Hi,
I am trying to fix a website which has the forum on but are encountering an error. This error seems to only be on php7.2, when I go back to 5.6 the error is gone, could you please advise as 5.6 has now been dropped from the host and this is a very very active forum, thank you.

I only get this error when logged out and on the home page, the site is currently on my local server, the error is:

Too few arguments to function httpBL_look_for_empty_ip(), 0 passed in /xxx/xxx/xxx/xxx/xxx/docroot/KNEEtalk/sources/httpBL_Subs.php on line 680 and exactly 1 expected

SugarD-x

Quote from: barrypoore on October 19, 2018, 10:19:18 AM
Hi,
I am trying to fix a website which has the forum on but are encountering an error. This error seems to only be on php7.2, when I go back to 5.6 the error is gone, could you please advise as 5.6 has now been dropped from the host and this is a very very active forum, thank you.

I only get this error when logged out and on the home page, the site is currently on my local server, the error is:

Too few arguments to function httpBL_look_for_empty_ip(), 0 passed in /xxx/xxx/xxx/xxx/xxx/docroot/KNEEtalk/sources/httpBL_Subs.php on line 680 and exactly 1 expected
I actually just ran into an unrelated issue with PHP 7.2.x in regard to SMF 2.0.x. Apparently Only SMF 2.1.x supports PHP 7.2.x at this time, which httpBL is not currently compatible with yet.

riou

Quote from: barrypoore on October 19, 2018, 10:19:18 AM
Hi,
I am trying to fix a website which has the forum on but are encountering an error. This error seems to only be on php7.2, when I go back to 5.6 the error is gone, could you please advise as 5.6 has now been dropped from the host and this is a very very active forum, thank you.

I only get this error when logged out and on the home page, the site is currently on my local server, the error is:

Too few arguments to function httpBL_look_for_empty_ip(), 0 passed in /xxx/xxx/xxx/xxx/xxx/docroot/KNEEtalk/sources/httpBL_Subs.php on line 680 and exactly 1 expected


Believe the fix for that error was to swap that line to


$ip = httpBL_look_for_empty_ip($ip);

Kindred

Since smf itself does not support php 7.2, you should be using a different version
Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.<br /><br />"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

landyvlad

Recently (last month or so) I have been getting a LOT of spammers attempting to register.

I'm wondering how these are ending up in the "Stop Spammer" mod's 'require approval' queue, rather than getting bounced earlier by httpBL and I never see them? Most are flagged by both email and IP as spammers.  This can easily be a 10+ a day though, so even managing that is tedious.

Usual core forum anti spam features in use - 15 'security questions'  with three correct answers needed.

Any advice around this would be most welcome.  Thanks.



Please do not PM, IM or Email me with questions on astrophysics or theology.  You will get better and faster responses by asking homeless people in the street. Thank you.

To paraphrase Kindred: "There are no technical solutions to social problems."

SugarD-x

Quote from: landyvlad on December 03, 2018, 11:11:54 PM
Recently (last month or so) I have been getting a LOT of spammers attempting to register.

I'm wondering how these are ending up in the "Stop Spammer" mod's 'require approval' queue, rather than getting bounced earlier by httpBL and I never see them? Most are flagged by both email and IP as spammers.  This can easily be a 10+ a day though, so even managing that is tedious.

Usual core forum anti spam features in use - 15 'security questions'  with three correct answers needed.

Any advice around this would be most welcome.  Thanks.
A lot of times, new spammers take awhile to get entered into the database because someone has to report them as malicious first. MOD httpBL can also only do so much on its own with its heuristics. With IPv6 becoming more and more common these days, spammers are using it to bypass most anti-spam mods that haven't been updated to properly handle such protocols yet.

If I were you, I'd use this and StopSpammer in conjunction with a few other security mods or methods. Personally on my heavier forums, I'll mix those two with at least ReCaptcha and Bot Buster. More prevention methods and additional databases being used to catch and block the spammers tends to help as long as they are properly managed and don't conflict.

In that combination, I've had maybe one or two slip through in the last several years, which I promptly reported and removed. Additionally, I've only had three to four actual users at most get falsely caught in the captcha page for MOD httpBL by mistake, to which I simply just assigned them a secondary forum rank that didn't check them against the modification. (The ones accidentally caught by the captcha page were probably using old spammer IP addresses and/or usernames that were recycled).

Illori

httpBL stops them from registering completely. this mod does not do what you are seeing.

landyvlad

Quote from: Illori on December 04, 2018, 05:05:20 AM
httpBL stops them from registering completely.

Yes I understand that's the theory but the problem is getting worse by the week despite having changed security questions etc.

So httpBL seems to be missing quite a few.

Quote from: SugarD-x on December 04, 2018, 03:54:16 AM
If I were you, I'd use this and StopSpammer in conjunction with a few other security mods or methods. Personally on my heavier forums, I'll mix those two with at least ReCaptcha and Bot Buster. More prevention methods and additional databases being used to catch and block the spammers tends to help as long as they are properly managed and don't conflict.

bot buster as in  https://custom.simplemachines.org/mods/index.php?mod=1599  ?

ReCaptcha as in https://custom.simplemachines.org/mods/index.php?mod=1044  ?

others?


Please do not PM, IM or Email me with questions on astrophysics or theology.  You will get better and faster responses by asking homeless people in the street. Thank you.

To paraphrase Kindred: "There are no technical solutions to social problems."

SugarD-x

Quote from: landyvlad on December 17, 2018, 04:58:56 AM
Quote from: Illori on December 04, 2018, 05:05:20 AM
httpBL stops them from registering completely.

Yes I understand that's the theory but the problem is getting worse by the week despite having changed security questions etc.

So httpBL seems to be missing quite a few.

Quote from: SugarD-x on December 04, 2018, 03:54:16 AM
If I were you, I'd use this and StopSpammer in conjunction with a few other security mods or methods. Personally on my heavier forums, I'll mix those two with at least ReCaptcha and Bot Buster. More prevention methods and additional databases being used to catch and block the spammers tends to help as long as they are properly managed and don't conflict.

bot buster as in  https://custom.simplemachines.org/mods/index.php?mod=1599  ?

ReCaptcha as in https://custom.simplemachines.org/mods/index.php?mod=1044  ?

others?
Those are the ones I use with StopSpammer and Mod httpBL, yes.

MartiMedia

Hi @snoopy_virtual ,

I've used the httpbl with a lot of success, great mod, thanx for making that available to us!

I have one question:
I see a lot of errors in the log, with the following description:
'Cannot check. IP not normal. Allowed to pass'

What does that mean? Is any action required? And if not: how to disable these messages to flood the logs?
I can code a bit PHP, but I could use need a hint where to look..

Cheers,
Marti

SugarD-x

Quote from: MartiMedia on January 20, 2019, 02:18:07 PM
Hi @snoopy_virtual ,

I've used the httpbl with a lot of success, great mod, thanx for making that available to us!

I have one question:
I see a lot of errors in the log, with the following description:
'Cannot check. IP not normal. Allowed to pass'

What does that mean? Is any action required? And if not: how to disable these messages to flood the logs?
I can code a bit PHP, but I could use need a hint where to look..

Cheers,
Marti
Sounds like something is blocking your ability to connect to the Project Honey Pot database online.

MartiMedia

Thanx @SugarD-x , I'm talking about the httbl error log.. In the httpbl mod page (in the admin console) it shows:
'Mod httpBL is ON, it is up-to-date and the connection with HoneyPot is perfect.'

I thought it may have to do with guests trying to register with a hidden ip (from a VPN for example)..
Anyway I'd like to get rid of those errors, so they don't flood my log, which help to analyse other less frequent messages (hard to spot now).
Unless the 'Cannot check. IP not normal. Allowed to pass' is an error I have to take action upon of course ;-)

SugarD-x

Quote from: MartiMedia on January 21, 2019, 01:24:19 PM
Thanx @SugarD-x , I'm talking about the httbl error log.. In the httpbl mod page (in the admin console) it shows:
'Mod httpBL is ON, it is up-to-date and the connection with HoneyPot is perfect.'

I thought it may have to do with guests trying to register with a hidden ip (from a VPN for example)..
Anyway I'd like to get rid of those errors, so they don't flood my log, which help to analyse other less frequent messages (hard to spot now).
Unless the 'Cannot check. IP not normal. Allowed to pass' is an error I have to take action upon of course ;-)
Oh! I wonder if this could be a possible IPv6 issue then.

Advertisement: