News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

BotBanish Firewall Client

Started by Randem, November 17, 2017, 11:30:02 AM

Previous topic - Next topic

Randem

The first notification has been discontinued in version 3.0. It was there for in earlier versions some users did not allow the .htaccess file to be modified causing the same bot / IP to continuously gain access to the system causing multiple detections using up resources. Sometimes on a system where the bot was basically using a brute force attack that message would get thru because the user's system did not block the IP fast enough and we would still get the IP attacking the system. Nothing to worry about the second message indicated that it was taken care of.

The first message is generally a indication that the user should check this condition on their side.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Starbuck501


Randem

Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Starbuck501

I have version 2.2.05 installed on SMF 2.0.15.
Will this need uninstalling before installing version 3 or can it be installed over the earlier version?

Randem

Yes, Any previous versions will need to be uninstalled before installing the new version.
You will not lose any protection on the uninstall that will not be replaced on the install.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Starbuck501


Biology Forums

Excellent support, I'll be using this on my 2.0.x forum.

Randem

BotBanish 3.1.00 has been Released. This is a MUST Update!!!
We have switched communications from HTTP to HTTPS and prior version may not work.
Uninstall old version and install new version.
Check our support site for more information.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

-Rock Lee-

Very good job I'm glad you can improve your work! That's why I leave you the improvements of the Latin Spanish language.

<file name="$languagedir/Modifications.spanish_latin.php" error="skip">
<operation>
<search position="end" />
<add><![CDATA[
// BotBanish Settings

$txt['BOTBANISH_ACTIVE'] = '<b>BotBanish activo</b>';
$txt['BOTBANISH_APIKEY'] = 'BotBanish APIKEY';
$txt['BOTBANISH_SEND_EMAIL_ALERTS'] = 'Enviar alertas por correo electr&oacute;nico si se marcan / escribir alertas en el registro de errores';
$txt['BOTBANISH_CHECK_UPDATES'] = 'Buscar actualizaciones autom&aacute;ticamente (solo en Instalador de Paquetes)';
$txt['BOTBANISH_RENAME_TABLES'] = 'Cambiar el nombre de las tablas instaladas en la desinstalación si se marc&oacute; / Eliminar tablas';
$txt['BOTBANISH_LANGUAGE_SELECT'] = 'Seleccione el idioma';
$txt['BOTBANISH_DOC_ERRORS'] = 'Controle los errores del documento 400 Series y bloquee los ataques de inyecci&oacute;n PHP / SQL';
// End of BotBanish Settings
]]></add>
</operation>
</file>


<file name="$languagedir/Modifications.spanish_latin-utf8.php" error="skip">
<operation>
<search position="end" />
<add><![CDATA[
// BotBanish Settings

$txt['BOTBANISH_ACTIVE'] = '<b>BotBanish activo</b>';
$txt['BOTBANISH_APIKEY'] = 'BotBanish APIKEY';
$txt['BOTBANISH_SEND_EMAIL_ALERTS'] = 'Enviar alertas por correo electrónico si se marcan / escribir alertas en el registro de errores';
$txt['BOTBANISH_CHECK_UPDATES'] = 'Buscar actualizaciones automáticamente (solo en Instalador de Paquetes)';
$txt['BOTBANISH_RENAME_TABLES'] = 'Cambiar el nombre de las tablas instaladas en la desinstalación si se marcó / Eliminar tablas';
$txt['BOTBANISH_LANGUAGE_SELECT'] = 'Seleccione el idioma';
$txt['BOTBANISH_DOC_ERRORS'] = 'Controle los errores del documento 400 Series y bloquee los ataques de inyección PHP / SQL';
// End of BotBanish Settings
]]></add>
</operation>
</file>


I think I do not miss translating anything, I try to do my best, but if I miss something, you tell me 8)


Regards!
¡Regresando como cual Fenix! ~ Bomber Code
Ayudas - Aportes - Tutoriales - Y mucho mas!!!

Randem

Aloha Rock Lee,

Once again I am grateful for your assistance in the translations. I will update them in the next release.

Mahalo
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

melanieh75

I had botbanish on an SMF 2.0.15 forum. Just installed on Aug 3. Hadn't been to my forum in a few days so tried to visit today and got 403 error. I found my IP in the htaccess ban list.

Went to another machine (on different network) and uninstalled botbanish.  Then removed my IP from the htaccess file.
In the forum error logs, I see this for my IP:

QuoteBot / User Spoofing a known spider
BotBanish Client 3.1.00 (SMF)

I tried to get help on the botbanish web site/forum, but I'm also apparently banished there, too.

Any clue what this 'known spider' might be so I can rectify?

Thanks!

njtweb

How does this determine what spiders are considered bad?

Randem

Aloha melanieh75,

I would need more information about your system. The domain name, IP address, the htaccess file, the complete error message from the error log etc... If you could zip that information and get it to me I can take a look.

BotBanish will not ban itself. I.E. the IP Address on which it is installed unless the IP was removed from the BotBanish IP table on the client side. That is an internal safety check BotBanish would not check information coming from your IP Address.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Randem

Aloha njtweb,

I won't tell you how BotBanish determines a bad Spider but anyone can determine to have any spider that they like visit their site by following a few rules as notated here https://randemsystems.com/support/botbanish-general-questions-report-bugs-problems-etc/overriding-botbanish-detections/
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

delta5

If I install this mod, will I need to remove the stopforumspam mod? Also, will this mod interfere with the normal search engine spiders that are indexing the forum?

Thx

Randem

Aloha delta5,

No, you need not uninstall any other MODs before installing BotBanish. You will have to better define "Normal" Search Engine Spiders... What some consider normal others consider a nuisance. Either way you can control what is allowed/disallowed to hit your site https://randemsystems.com/support/botbanish-general-questions-report-bugs-problems-etc/overriding-botbanish-detections/

The main Google search engine spider is not affected
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

delta5

Hi guys,
I just installed your client on my forum at www.fedupwithliberals.com. It passed all the checks and installed without a problem. I enabled e-mail notices. Can you tell me what to expect or what I will see happen in general or in the logs? If you would like to monitor what happens, please let me know.

Delta5

Randem

#97
aloha delta5,

You should get notices telling you information on what IP or BOT was recently block and why it was blocked so that you can take further actions on allowing this IP or bot (if you so choose). Your messages will look something like this:


BotBanishClient: Known Bad Bot Resource Usage Attempt Stopped - Honeypot Bot

A BOT/USER has been terminated from accessing the system

IP Address: 208.255.142.150
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99

BotBanish Client 3.2.00 (SMF)



BotBanishClient: A Brute Force Registration Attack Attempt Stopped

A BOT/USER is attacking the system. It has been terminated

IP Address: 94.41.112.7
User Agent: Mozilla/5.0 (Windows NT 6.0; Win64; rv:35.0) Gecko/20100101 Firefox/35.0

BotBanish Client 3.2.00 (SMF)

Otherwise no one else will be aware that BotBanish is there guarding your system.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

delta5

Ok I'm seeing the brut force attempt, resourse usage attempt, and something about spoofing a legit spider?

Randem

Yes, there are many ways an attack can be made on your system. A spoofing spider is A BOT that pretends to be a good spider (like Goggle) so that you will allow it unrestricted access your system.
Scams - How to Protect Yourself
Why Professionals Should Not Use Free Email Accounts

Always ignore those who attempt to tell you what to think and believe those who will allow you think for yourself

Advertisement: