Forum Firewall

Started by butchs, January 15, 2011, 11:00:37 AM

Previous topic - Next topic

butchs

Maybe??? Looking at what you provided I am not sure if the mod in it's current form can help you.  To determine that "for starters" I will need:

1.  Exact time, hit frequency and duration of each botnet visit.
2.  User Agent for each attacker.
3.  Any other things each UA does.  A Cpanel visitor log would be nice.

I am interested in the attack and maybe the mod can stop it now.  Maybe it will need adjustments.  The adjustments are something I could do.

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

societyofrobots

A continuation from the discussion here.

I have v2.0.1 of the forum installed, and I'm using Cloudflare. Turning on Forum Firewall generates these errors:

Guest
   
December 07, 2011, 11:00:08 PM
2a89d5561f16e6374cd253a9d9544dba
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=115488: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
December 07, 2011, 10:59:44 PM
fa65a07efc9f5124ed892762bc648d24
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=331;area=statistics8: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
December 07, 2011, 10:58:28 PM
dff33f707642938eaa06e7ee048fe77d
Type of error: Undefined
http://www.mysite.com/myforum/index.php?topic=7286.08: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
December 07, 2011, 10:57:43 PM
053190f8935a35f19fd2ad8c541e13f7
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=115588: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28


This is a list of mods I have installed:
1. Forum Firewall 1.1.5
4. Login Security 1.0.2.2
5. SimpleAds 1.0.1
6. Aeva ~ Auto-Embed Video & Audio 7.2
10. CloudFlare 1.0
11. Buddy List Page 1.0
12. Bookmarks 2.3
13. Pm_Informer 3.0
14. httpBL 2.5.1 <- installed, but disabled as it isn't working with CloudFlare
15. Smart Pagination 0.8
17. NiceTooltips 1.8
20. AjaxChat Integration 3.2.2b
22. Separate Replies and Views Column 1.91
23. Activity in Profile 1.1
24. Stop Spammer 2.3.9
25. Bad Behavior mod 1.5.6
26. TopicStarter Mod 1.7
27. Permission for Website Url Of Users 1.4
28. Avatar Verification 1.4.3


The attached file shows my Forum Firewall Settings. The errors only appear if I check 'Enable Testing'.

butchs

I will look into it.

Did you notice that guests are viewing profiles of members?  Do you really want bots to evade their privacy?

The robots.tst test does nothing.  You need to make a valid robots.tst file and then reinstall the mod.  Search for HELP here for more info.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

societyofrobots

Quote from: butchs on December 09, 2011, 05:42:18 PM
Did you notice that guests are viewing profiles of members?  Do you really want bots to evade their privacy?

The robots.tst test does nothing.  You need to make a valid robots.tst file and then reinstall the mod.  Search for HELP here for more info.
Thanks for catching this. I think these two issues are resolved now. (but not the HTTP_CF_CONNECTING_IP bug)

butchs

Just because you get a message in the error log it does not mean you found a bug.  The mod has nothing to do with permissions.  Chances are it is an XSS exploit attempt due to lack of guest access security.  I tried to repeat the url but my test server asks for a password.  I get no error.  Guests should be set to not to view others peoples profile in permissions.  FYI - I also tried it with guests allowed to view other peoples profiles and I do not get an error.

I recommend you look at member id 331 & 115488, make sure they are trusted.  Look at their image files and links.  Make sure they were not compromised.  Then change your ADMIN password.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

societyofrobots

#665
Quote from: butchs on December 10, 2011, 08:06:10 AM
Just because you get a message in the error log it does not mean you found a bug.
I meant to say 'issue' ;D

QuoteGuests should be set to not to view others peoples profile in permissions.
Yeap, I have disabled Guest permissions to view user profiles, but still get the error.

Quote
I recommend you look at member id 331 & 115488, make sure they are trusted.  Look at their image files and links.  Make sure they were not compromised.
331 is an account that hasn't been accessed since 2006 and only has 1 post. 115488 doesn't exist. My latest member is #12277.

QuoteThen change your ADMIN password.
done.

I re-enabled Forum Firewall for a few seconds, and the errors came in again (see below). Interestingly, the IP for the Guest does not resolve (see attached image). It's blank for every single error. What happens if Forum Firewall cannot resolve an IP? I've been seeing occasional unresolved IP's accessing my site for years . . . I just assumed the spammer had some way of masking his IP.
Guest
   
Today at 12:00:43 PM
6b27a7e95bf2d2172605b6e843db055c
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=36248: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 12:00:37 PM
decece01e9d6f62e915b2dc36a4f7b11
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=983;area=showposts8: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 12:00:22 PM
a247e3a5e4b4eabb316ad341f783ad3b
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=9748: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 12:00:20 PM
f1d8554430a1c43618390b6da668392c
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=5959;area=statistics8: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:42:09 AM
96dfa21db92b41b25a9987b15197d076
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=1671;area=statistics8: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:42:05 AM
c8d6873d4408c49083fc9f612ef83dd7
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=875;area=statistics8: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:41:53 AM
a15f5242f35b4e3b0a12615e7cf45eac
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=8758: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:41:50 AM
28d991a9b41f7a8aff943b12cd2e40ea
Type of error: Undefined
http://www.mysite.com/myforum/index.php?topic=13631.08: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:41:42 AM
f96c2d0e17542d89016a1cc77c0fe61e
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=8718: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:41:31 AM
0848c75e0947a877a6bf6822e3aade8b
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=87598: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28
Guest
   
Today at 11:41:28 AM
83cbb65cfa0efe00de855efeba70df78
Type of error: Undefined
http://www.mysite.com/myforum/index.php?action=profile;u=824;area=statistics8: Undefined index: HTTP_CF_CONNECTING_IPFile: /home/mys/public_html/myforum/Sources/Subs-ForumFirewall.php
Line: 28

butchs

Quote from: societyofrobots on December 10, 2011, 09:42:29 AM
331 is an account that hasn't been accessed since 2006 and only has 1 post. 115488 doesn't exist. My latest member is #12277.

Member 331 may be a problem I would delete it.

Quote from: societyofrobots on December 10, 2011, 09:42:29 AMI re-enabled Forum Firewall for a few seconds, and the errors came in again (see below).

That means the bot is still attacking you.

It would be nice if I could see the cpanel last 100 visitors log?  Can you save this for me.  I can give you an email to send it to.

The ip addresses should show up.  Try clicking on enable "Enable IP Validation" to stop ip spoofing.

I suspect it is a spoofed good search engine bot.  Here is how to stop it robots.tst (misspelled on purpose).

The bots still can bypass the CF proxy.  Here is how to set up bypass protection.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

keith021773

This seems to be a great mod.   Thanks for this!

I installed this mod about a week ago and have been testing it ever since.   There is alot of info in the visitor log and before I turn this mod on for real, I would like to post a pic of my visitor log just so someone can look and tell me that what they see is normal.   LOL    I error on the side of safety.   :)     Pic posted below.

Thanks all!

keith021773

This seems to be a great mod.   Thanks for this!

I installed this mod about a week ago and have been testing it ever since.   There is alot of info in the visitor log and before I turn this mod on for real, I would like to post a pic of my visitor log just so someone can look and tell me that what they see is normal.   LOL    I error on the side of safety.   :)     Pic posted below.

Thanks all!

butchs

Quote from: keith021773 on December 10, 2011, 01:22:42 PM
This seems to be a great mod.   Thanks for this!

I installed this mod about a week ago and have been testing it ever since.   There is alot of info in the visitor log and before I turn this mod on for real, I would like to post a pic of my visitor log just so someone can look and tell me that what they see is normal.   LOL    I error on the side of safety.   :)     Pic posted below.

Thanks all!

If you do not have a proxy like cloudflare disable bypass protection or you will block yourself.  Otherwise read this to fix things up.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

keith021773

Thanks Butchs.   I have been running it live for about 6 hrs now and the only one problem with one member.   Here is the header and reason.   What do you think it could be?

GET /index.php?type=rss;action=.xml HTTP/1.1 Apple-PubSub/65.28

Bad Cookie: &QUOT;ACCESS_TOKEN=AAACER49PZCP8BAMZZEHIYCXXPAWCKBASMIVPWZAT7JXVDZBKI1WUYF453XWAT5TMKBLJPMUTZAWZAWYGIJBSSGVIGGZBVBDCTY5POUALNXGZDZD&AMP;BASE_DOMAIN=DADDYPLACE.COM&AMP;EXPIRES=1323576000&AMP;SECRET=2CSSXIHESKKBVH30SA_CFW__&A

butchs

An access token contains the security information for a login session and identifies the user, the user's groups, and the user's privileges.  Not sure if it is good or bad. Nevertheless, that site should not use that name...  Looks ok at first glance but the token length seems a tad overkill...  That makes me suspicious.  Check it out and see if it is legit.  If you want to grant him access you will need to delete "base" from XSS.

This is why the mod is admin configurable.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

keith021773

He is legit.  He has been a member for along time..

I deleted that just like you said and I emailed him.   We will see.

Also, I appreciate you making this mod and I sincerely thank you for the quick responses and the time you take to help us.    Thanks!

societyofrobots

#673
Quote from: butchs on December 10, 2011, 11:09:30 AM
It would be nice if I could see the cpanel last 100 visitors log?  Can you save this for me.  I can give you an email to send it to.
Ok, I have the logs saved. PM your addy . . .

QuoteThe ip addresses should show up.  Try clicking on enable "Enable IP Validation" to stop ip spoofing.
Tried that, but no change.

QuoteI suspect it is a spoofed good search engine bot.  Here is how to stop it robots.tst (misspelled on purpose).
I added it about 24 hours ago (assuming I did it right). No effect as of right now. Should there be something written in the box titled 'Robots.txt action's'? I uninstalled and reinstalled and nothing ever appears.

QuoteThe bots still can bypass the CF proxy.  Here is how to set up bypass protection.
The only advantage to this is to prevent the bot from modifying admin level settings by blocking out non-admin IP's, right? I really don't trust my ISP nor CloudFlare so I'd rather not do this . . .

butchs

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

butchs

Quote from: societyofrobots on December 11, 2011, 01:09:22 AM
I added it about 24 hours ago (assuming I did it right). No effect as of right now. Should there be something written in the box titled 'Robots.txt action's'? I uninstalled and reinstalled and nothing ever appears.

Yes.  If you did it right the robots.tst action field will be populated.

With a robots file like this:
User-agent: *

Disallow: /smf/index.php?action=activate
Disallow: /smf/index.php?action=admin
Disallow: /smf/index.php?action=arcade
Disallow: /smf/index.php?action=calendar
Disallow: /smf/index.php?action=collapse
Disallow: /smf/index.php?action=coppermine
Disallow: /smf/index.php?action=deletemsg
Disallow: /smf/index.php?action=editpoll
Disallow: /smf/index.php?action=help
Disallow: /smf/index.php?action=helpadmin
Disallow: /smf/index.php?action=lock
Disallow: /smf/index.php?action=login
Disallow: /smf/index.php?action=logout
Disallow: /smf/index.php?action=markasread
Disallow: /smf/index.php?action=media
Disallow: /smf/index.php?action=mergetopics
Disallow: /smf/index.php?action=mlist
Disallow: /smf/index.php?action=modifykarma
Disallow: /smf/index.php?action=movetopic
Disallow: /smf/index.php?action=notify
Disallow: /smf/index.php?action=notifyboard
Disallow: /smf/index.php?action=pm
Disallow: /smf/index.php?action=post
Disallow: /smf/index.php?action=profile
Disallow: /smf/index.php?action=printpage
Disallow: /smf/index.php?action=recent
Disallow: /smf/index.php?action=register
Disallow: /smf/index.php?action=removetopic2
Disallow: /smf/index.php?action=reporttm
Disallow: /smf/index.php?wwwRedirect
Disallow: /smf/index.php?action=search
Disallow: /smf/index.php?action=sendtopic
Disallow: /smf/index.php?action=splittopics
Disallow: /smf/index.php?action=stats
Disallow: /smf/index.php?action=sticky
Disallow: /smf/index.php?action=trackip
Disallow: /smf/index.php?action=unread
Disallow: /smf/index.php?action=unreadreplies
Disallow: /smf/index.php?action=who

Disallow: /cgi-bin/
Disallow: /smf/coppermine_dir/
Disallow: /smf/Sources/
Disallow: /smf/Themes/

Disallow: /smf/*.msg

Crawl-delay: 5


'Robots.txt action's' will look something like this:
action=activate|action=admin|action=arcade|action=calendar|action=collapse|action=coppermine|action=deletemsg|action=editpoll|action=help|action=helpadmin|action=lock|action=login|action=logout|action=markasread|action=media|action=mergetopics|action=mlist|action=modifykarma|action=movetopic|action=notify|action=notifyboard|action=pm|action=post|action=profile|action=printpage|action=recent|action=register|action=removetopic2|action=reporttm|action=search|action=sendtopic|action=splittopics|action=stats|action=sticky|action=trackip|action=unread|action=unreadreplies|action=who
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

societyofrobots

Hi butchs

I manually added the code you sent into the 'Robots.txt actions' section, and not much later I got this in the Visitors log:
2175 66.249.71.195 2011-12-11 10:52:33 GET /~mys/myforum/index.php?action=profile;u=8795 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2174 66.249.71.195 2011-12-11 10:51:35 GET /~mys/myforum/index.php?action=profile;u=875 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2173 66.249.71.195 2011-12-11 10:51:22 GET /~mys/myforum/index.php?action=profile;u=2001 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2172 66.249.71.195 2011-12-11 10:50:36 GET /~mys/myforum/index.php?action=profile;u=8759;area=statistics HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2171 66.249.71.195 2011-12-11 10:49:43 GET /~mys/myforum/index.php?action=profile;u=874;area=statistics HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2170 66.249.71.195 2011-12-11 10:49:38 GET /~mys/myforum/index.php?action=profile;u=908;area=showposts HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2169 66.249.71.195 2011-12-11 10:48:40 GET /~mys/myforum/index.php?action=profile;u=8759 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!


The IP 66.249.71.195 belongs to Google, but not sure if it was spoofed or I'm accidentally blocking Google. My robots.txt file had been up for 2 days before I enabled Robots.txt Validation.

I *swear* I did my robots.txt file right . . . but Forum Firewall doesn't automatically load my robots.txt file during installation.

It's accessible as http://www.my site name here.com/robots.txt

This is exactly how it looks:

User-agent: *
Disallow: /robotforum/index.php?action=activate
Disallow: /robotforum/index.php?action=admin
Disallow: /robotforum/index.php?action=arcade
Disallow: /robotforum/index.php?action=calendar
Disallow: /robotforum/index.php?action=collapse
Disallow: /robotforum/index.php?action=deletemsg
Disallow: /robotforum/index.php?action=editpoll
Disallow: /robotforum/index.php?action=help
Disallow: /robotforum/index.php?action=helpadmin
Disallow: /robotforum/index.php?action=lock
Disallow: /robotforum/index.php?action=login
Disallow: /robotforum/index.php?action=logout
Disallow: /robotforum/index.php?action=markasread
Disallow: /robotforum/index.php?action=mergetopics
Disallow: /robotforum/index.php?action=mlist
Disallow: /robotforum/index.php?action=modifykarma
Disallow: /robotforum/index.php?action=movetopic
Disallow: /robotforum/index.php?action=notify
Disallow: /robotforum/index.php?action=notifyboard
Disallow: /robotforum/index.php?action=pm
Disallow: /robotforum/index.php?action=post
Disallow: /robotforum/index.php?action=profile
Disallow: /robotforum/index.php?action=register
Disallow: /robotforum/index.php?action=removetopic2
Disallow: /robotforum/index.php?action=reporttm
Disallow: /robotforum/index.php?action=search
Disallow: /robotforum/index.php?action=sendtopic
Disallow: /robotforum/index.php?action=splittopics
Disallow: /robotforum/index.php?action=stats
Disallow: /robotforum/index.php?action=sticky
Disallow: /robotforum/index.php?action=trackip
Disallow: /robotforum/index.php?action=unread
Disallow: /robotforum/index.php?action=unreadreplies
Disallow: /robotforum/index.php?action=who
Disallow: /robotforum/Themes/

Disallow: /robotforum/*.msg

Disallow: /uploads/


I also loaded two versions, one as robots.txt and the same as Robots.txt, just in case I got the caps wrong . . . but no luck . . .

What am I doing wrong?

butchs

#677
Quote from: societyofrobots on December 12, 2011, 12:42:27 AM
The IP 66.249.71.195 belongs to Google, but not sure if it was spoofed or I'm accidentally blocking Google. My robots.txt file had been up for 2 days before I enabled Robots.txt Validation.
...
What am I doing wrong?

You did nothing wrong!  I looked at your robots file and it looks correct.  FYI - you should set a crawl rate.  As I saw in the files you sent me and it looked like you are being attacked by spoofed good bots.  The robots test was made specifically for that attack.  Leave it on and sit back and wait.

Good bots follow robots text, bad bots do not.  To check it out go to google webmasters and test your robots file.  If should be ok so do not worry.  At worst you may have one or two good bot hits but after a few days the bad bot will go away, your bandwidth will drop and life on the internet will be so much better.
8)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

[Lucien]

Looks like a great mod Butchs! But i tried to visit your site/forum i get this message:

HTTP Error 403 Forbidden

You don't have permission to access

/smf/index.php on this server.

Your computer may be infected with a virus or a trojan. The Firewall has determined that you: Un-approved Country: NL!

If you get this message in error, please contact the ADM1N and provide the date and time of this message.


And i don't have virus or trojan, and why is my country unapproved? :)
I'm using SMF 2.0.2 and SimplePortal 2.3.4

butchs

As one would guess, the reason I create these mods because the bots keep attacking me!  So I use this mod to block all countries but my native Country.  Less to worry about...

Quote from: societyofrobots on December 12, 2011, 12:42:27 AM
2175 66.249.71.195 2011-12-11 10:52:33 GET /~mys/myforum/index.php?action=profile;u=8795 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2174 66.249.71.195 2011-12-11 10:51:35 GET /~mys/myforum/index.php?action=profile;u=875 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2173 66.249.71.195 2011-12-11 10:51:22 GET /~mys/myforum/index.php?action=profile;u=2001 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2172 66.249.71.195 2011-12-11 10:50:36 GET /~mys/myforum/index.php?action=profile;u=8759;area=statistics HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2171 66.249.71.195 2011-12-11 10:49:43 GET /~mys/myforum/index.php?action=profile;u=874;area=statistics HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2170 66.249.71.195 2011-12-11 10:49:38 GET /~mys/myforum/index.php?action=profile;u=908;area=showposts HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!
2169 66.249.71.195 2011-12-11 10:48:40 GET /~mys/myforum/index.php?action=profile;u=8759 HTTP/1.1 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Robot Attack!


Looks like VICTORY to me!
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Advertisement: