Topic: httpBL

[snoopy_virtual]

Would this impact the number of dodgy types sneaking past the mod and ending up in the 'requires approval' queue?  Because since the 2.0.15 upgrade that has gone up significantly.

No.

This is a minor bug that doesn't have any impact at all in the way the mod stop the spammers.

The only problem with this bug is that it fills your "error log" with hundreds of "error 8: Undefined variable: ip" etc.

But the mod works exactly the same either if you fix it or not.

[landyvlad]

OK thanks mate.  Obviously just a coincidence.
The Russian spammers seem super active of late.

I'm wondering how these are ending up in the 'require approval' queue, rather than getting bounced earlier and I never see them?
They are flagged by both email and IP as spammers.

And I've increased the number of 'security questions' to fifteen or so, with three correct answers needed. 

Any ideas?

[landyvlad]

Is there a version planned for SMF 2.1?

If not, what alternative is recommended for 2.1 ?

[ziycon]

Using 2.0.15, never come across any issues before except today I'm getting the below.


URL /index.php?
: Field 'error' doesn't have a default value
File: /var/www/Sources/httpBL_Subs.php
Line: 298

Gotten about 20 of these errors today, not other mods installed.

[spiros]

Same for me, here is the code:

Code: [Select]

292: array(
293: $time, $ip, $threat, $last_activity,
294: $suspicious, $harvester, $comment, $url,
295: $user_agent, $errorNumber, $username,
296: $raw, $stopped
297: ),
==>298: array()
299: );
300:
301: if ($return)

[Arantor]

Give the error column a default value in the database, or make it nullable.

[spiros]

Thank you! That did the trick.

[barrypoore]

Hi,
I am trying to fix a website which has the forum on but are encountering an error. This error seems to only be on php7.2, when I go back to 5.6 the error is gone, could you please advise as 5.6 has now been dropped from the host and this is a very very active forum, thank you.

I only get this error when logged out and on the home page, the site is currently on my local server, the error is:

Too few arguments to function httpBL_look_for_empty_ip(), 0 passed in /xxx/xxx/xxx/xxx/xxx/docroot/KNEEtalk/sources/httpBL_Subs.php on line 680 and exactly 1 expected

[SugarD-x]

Hi,
I am trying to fix a website which has the forum on but are encountering an error. This error seems to only be on php7.2, when I go back to 5.6 the error is gone, could you please advise as 5.6 has now been dropped from the host and this is a very very active forum, thank you.

I only get this error when logged out and on the home page, the site is currently on my local server, the error is:

Too few arguments to function httpBL_look_for_empty_ip(), 0 passed in /xxx/xxx/xxx/xxx/xxx/docroot/KNEEtalk/sources/httpBL_Subs.php on line 680 and exactly 1 expected

I actually just ran into an unrelated issue with PHP 7.2.x in regard to SMF 2.0.x. Apparently Only SMF 2.1.x supports PHP 7.2.x at this time, which httpBL is not currently compatible with yet.

[riou]

Hi,
I am trying to fix a website which has the forum on but are encountering an error. This error seems to only be on php7.2, when I go back to 5.6 the error is gone, could you please advise as 5.6 has now been dropped from the host and this is a very very active forum, thank you.

I only get this error when logged out and on the home page, the site is currently on my local server, the error is:

Too few arguments to function httpBL_look_for_empty_ip(), 0 passed in /xxx/xxx/xxx/xxx/xxx/docroot/KNEEtalk/sources/httpBL_Subs.php on line 680 and exactly 1 expected

Believe the fix for that error was to swap that line to

Code: [Select]

$ip = httpBL_look_for_empty_ip($ip);


[Kindred]

Since smf itself does not support php 7.2, you should be using a different version

[landyvlad]

Recently (last month or so) I have been getting a LOT of spammers attempting to register.

I'm wondering how these are ending up in the "Stop Spammer" mod's 'require approval' queue, rather than getting bounced earlier by httpBL and I never see them? Most are flagged by both email and IP as spammers.  This can easily be a 10+ a day though, so even managing that is tedious.

Usual core forum anti spam features in use - 15 'security questions'  with three correct answers needed.

Any advice around this would be most welcome.  Thanks.

[SugarD-x]

Recently (last month or so) I have been getting a LOT of spammers attempting to register.

I'm wondering how these are ending up in the "Stop Spammer" mod's 'require approval' queue, rather than getting bounced earlier by httpBL and I never see them? Most are flagged by both email and IP as spammers.  This can easily be a 10+ a day though, so even managing that is tedious.

Usual core forum anti spam features in use - 15 'security questions'  with three correct answers needed.

Any advice around this would be most welcome.  Thanks.

A lot of times, new spammers take awhile to get entered into the database because someone has to report them as malicious first. MOD httpBL can also only do so much on its own with its heuristics. With IPv6 becoming more and more common these days, spammers are using it to bypass most anti-spam mods that haven't been updated to properly handle such protocols yet.

If I were you, I'd use this and StopSpammer in conjunction with a few other security mods or methods. Personally on my heavier forums, I'll mix those two with at least ReCaptcha and Bot Buster. More prevention methods and additional databases being used to catch and block the spammers tends to help as long as they are properly managed and don't conflict.

In that combination, I've had maybe one or two slip through in the last several years, which I promptly reported and removed. Additionally, I've only had three to four actual users at most get falsely caught in the captcha page for MOD httpBL by mistake, to which I simply just assigned them a secondary forum rank that didn't check them against the modification. (The ones accidentally caught by the captcha page were probably using old spammer IP addresses and/or usernames that were recycled).

[Illori]

httpBL stops them from registering completely. this mod does not do what you are seeing.

[landyvlad]

httpBL stops them from registering completely.

Yes I understand that's the theory but the problem is getting worse by the week despite having changed security questions etc.

So httpBL seems to be missing quite a few.

If I were you, I'd use this and StopSpammer in conjunction with a few other security mods or methods. Personally on my heavier forums, I'll mix those two with at least ReCaptcha and Bot Buster. More prevention methods and additional databases being used to catch and block the spammers tends to help as long as they are properly managed and don't conflict.

bot buster as in  https://custom.simplemachines.org/mods/index.php?mod=1599  ?

ReCaptcha as in https://custom.simplemachines.org/mods/index.php?mod=1044  ?

others?

[SugarD-x]

httpBL stops them from registering completely.

Yes I understand that's the theory but the problem is getting worse by the week despite having changed security questions etc.

So httpBL seems to be missing quite a few.

If I were you, I'd use this and StopSpammer in conjunction with a few other security mods or methods. Personally on my heavier forums, I'll mix those two with at least ReCaptcha and Bot Buster. More prevention methods and additional databases being used to catch and block the spammers tends to help as long as they are properly managed and don't conflict.

bot buster as in  https://custom.simplemachines.org/mods/index.php?mod=1599  ?

ReCaptcha as in https://custom.simplemachines.org/mods/index.php?mod=1044  ?

others?

Those are the ones I use with StopSpammer and Mod httpBL, yes.

[MartiMedia]

Hi @snoopy_virtual ,

I've used the httpbl with a lot of success, great mod, thanx for making that available to us!

I have one question:
I see a lot of errors in the log, with the following description:
'Cannot check. IP not normal. Allowed to pass'

What does that mean? Is any action required? And if not: how to disable these messages to flood the logs?
I can code a bit PHP, but I could use need a hint where to look..

Cheers,
Marti

[SugarD-x]

Hi @snoopy_virtual ,

I've used the httpbl with a lot of success, great mod, thanx for making that available to us!

I have one question:
I see a lot of errors in the log, with the following description:
'Cannot check. IP not normal. Allowed to pass'

What does that mean? Is any action required? And if not: how to disable these messages to flood the logs?
I can code a bit PHP, but I could use need a hint where to look..

Cheers,
Marti

Sounds like something is blocking your ability to connect to the Project Honey Pot database online.

[MartiMedia]

Thanx @SugarD-x , I'm talking about the httbl error log.. In the httpbl mod page (in the admin console) it shows:
'Mod httpBL is ON, it is up-to-date and the connection with HoneyPot is perfect.'

I thought it may have to do with guests trying to register with a hidden ip (from a VPN for example)..
Anyway I'd like to get rid of those errors, so they don't flood my log, which help to analyse other less frequent messages (hard to spot now).
Unless the 'Cannot check. IP not normal. Allowed to pass' is an error I have to take action upon of course ;-)

[SugarD-x]

Thanx @SugarD-x , I'm talking about the httbl error log.. In the httpbl mod page (in the admin console) it shows:
'Mod httpBL is ON, it is up-to-date and the connection with HoneyPot is perfect.'

I thought it may have to do with guests trying to register with a hidden ip (from a VPN for example)..
Anyway I'd like to get rid of those errors, so they don't flood my log, which help to analyse other less frequent messages (hard to spot now).
Unless the 'Cannot check. IP not normal. Allowed to pass' is an error I have to take action upon of course ;-)

Oh! I wonder if this could be a possible IPv6 issue then.