Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

IP trap Version 3 released


FIMBLE

Recommended Posts

I am about to release version 3 of the IP Trap,

Updated features

Cleaned code,

Added a Whitelist, with Search engine IP numbers loaded

Redesigned the Blocked.php page.

Added correct syntax for robots.txt

Updated install file.

 

Any comments, questions first see the readme in the contribution then ask here.

 

http://addons.oscommerce.com/info/5914

 

 

Enjoy

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

I am about to release version 3 of the IP Trap,

Updated features

Cleaned code,

Added a Whitelist, with Search engine IP numbers loaded

Redesigned the Blocked.php page.

Added correct syntax for robots.txt

Updated install file.

 

Any comments, questions first see the readme in the contribution then ask here.

 

http://addons.oscommerce.com/info/5914

 

 

Enjoy

Nic

 

I have found this is good addon in version 2.1 but when i upgrade into version 3 it not working. I just tested and i find my ip have not banned when i type www.bnetb-tanahabang.com/personal two or three time. Any idea about this issue?

Rocdy

 

Beginner in php programming and still learning from this forums.

Special thanks for Oscommerce Community Forums that help me a lot. :-)

Link to comment
Share on other sites

I have found this is good addon in version 2.1 but when i upgrade into version 3 it not working. I just tested and i find my ip have not banned when i type www.bnetb-tanahabang.com/personal two or three time. Any idea about this issue?

 

 

Hi

I just tried it on you site and got myself banned ... it works!

I tried to load a few different pages and got the blocked.php page each time.

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Hi Leslie

How are you, long time no hear!

The last few days i have has server issues, resulting in my host carrying out a set or restores, i noticce a few things have changed!

 

If you give it a moments then try it again please.

 

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Hi Leslie

How are you, long time no hear!

The last few days i have has server issues, resulting in my host carrying out a set or restores, i noticce a few things have changed!

 

If you give it a moments then try it again please.

 

Nic

I still get the home page (tried several times in a row). Even tried FF with same result.

Link to comment
Share on other sites

Hi, same here, when I go to: http://www.development-server.net/j/personal I get blocked.php, however I can still visit http://www.development-server.net/. However as far as I can tell, it works fine on my site. You can try it, Leslie: my store

 

Hi

Thank you for the input, yes you would be able to see the root directory as the trap is set up in the "j" folder.

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Just after installing I tested, and got the banned + the email reporting it.

 

But when going back to index.php I had access.

 

I checked IP_Trapped.txt for my ip address, and it wasn't there.

 

Worked out that it was a write permission problem, so CHMOD'd file to 666.

 

And all is now fine and working.

 

I may have missed it when installing, but don't remember see it, but hope it helps other to get it working.

 

c00ps

Link to comment
Share on other sites

a question about the code

since secret.php is called from application_top.php

why don't we use configure.php variables for the various adress written in hardcode instead ?

 

{

header ('Location: http://www.yoursite.net/catalog/blocked.php');

exit;

 

 

could for instance use DIR_WS_HTTPS_CATALOG etc etc

 

tell me ?!

MS2

Link to comment
Share on other sites

a question about the code

since secret.php is called from application_top.php

why don't we use configure.php variables for the various adress written in hardcode instead ?

 

{

header ('Location: http://www.yoursite.net/catalog/blocked.php');

exit;

 

 

could for instance use DIR_WS_HTTPS_CATALOG etc etc

 

tell me ?!

 

I thought of this, its also able at present with a minor change, portable to non osC sites, so i decided it will be best like this

and you can drop your attitude thanks

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

To add more security, this will be in the next update.

For those on a Linux server add the following to prevent your banned / IP_Trapped.txt and your Whitelist.txt being visible when called for in a browser

 

Add

 

SetEnvIfNoCase Request_URI IP_Trapped\.txt ban

<Files ~ "^.*$">

order allow,deny

allow from all

deny from env=ban

</Files>

 

SetEnvIfNoCase Request_URI Whitelist\.txt ban

<Files ~ "^.*$">

order allow,deny

allow from all

deny from env=ban

</Files>

 

 

 

To your .htaccess file, the one inside your catalog folder.

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

and you can drop your attitude

 

what do you mean ?

 

i was justing asking if it wouldnt be easier so people make no mistakes in the url with / and \ for instance

MS2

Link to comment
Share on other sites

tell me ?!

 

Maybe a languages thing, but that above is considered to be condescending here.

If it was not meant this way i apologise.

 

Personally i prefer to keep as is due to the fact it is easily ported to another style of code.

 

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

I have been working with Isabella (Biancoblu) who has been testing this for me pre release, and post release, and has been an invaluable help.

She has an index solution that can be used to protect your banned folder which does not have an index.

I have given her access to the IP Trap uploads so maybe she will upload this to be included

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

look at my racord it makes 5 years i m an active member here if i was condescending i would be out from oscommerce project since a long time..

no the ? is for the question and ! is to say if it works could be cool :-)

 

;)

MS2

Link to comment
Share on other sites

Hi CooPs

I have a feeling i left that part out of the install file. it is in the early ones!

The permissions for the

banned / IP_Trapped.txt and the banned / Whitlist.txt sould be set to 666.

Nic

Hi Nic

 

I wish to let you know the previous version worked for me. I can't get banned when I go to your new url.

Link to comment
Share on other sites

I have been working with Isabella (Biancoblu) who has been testing this for me pre release, and post release, and has been an invaluable help.

She has an index solution that can be used to protect your banned folder which does not have an index.

I have given her access to the IP Trap uploads so maybe she will upload this to be included

Nic

 

Nic, I have uploaded the package you mentioned to your IP Trap.

 

This is a way of blocking the listing of folders by uploading a fake index to the folder in question.

When you call the folder in a browser the fake index will load so you won't be able to see the list of files contained in the folder.

The page will show the date and time of visit, the visitor's IP number, the folder they tried to view, and browser info. Infos will be emailed to you.

***WARNING: do not use in folders that already contain an index.php file!***

 

Nic, again thanks for your IP trap and all your other great contributions.

 

Isabella

~ Don't mistake my kindness for weakness ~

Link to comment
Share on other sites

Hi Nic

 

I wish to let you know the previous version worked for me. I can't get banned when I go to your new url.

 

Nic, as with Leslie my previous version worked. That was 2.1 for me.

 

I can access http://www.development-server.net/j/personal, it takes me to http://www.development-server.net/j/index.php

 

The same thing happens on my site, when I put in the ****/personal URL I go to my index page instead.

 

Outside of that thanks for your work, I know enough about code use (in vb for applications) to know it can be an adventure. :)

 

I'd be glad to help with testing if you want.

 

Thanks

 

Steve

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Link to comment
Share on other sites

hello all,

 

i have updated to v3 IP TRAP

 

i have found it hard to gtrap my ip when i go to

test here

 

no matter how may time i try.

 

it seems that the IP_Trapped.txt file is not being written or something. CHMOD 644

banned file set to 755

 

not sue what the issue is

 

i have tried everything?

Thanks in advance!

 

Ben

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...