305 replies to this topic

[DRIVE]

IP trap is matching my IP from the white list. I assume the white list that comes with IPT is loaded with many of the common bot/spider IP's since many use a lot of them (like google).

	$ipw = file ('../banned/Whitelist.txt');
  	$ip = $_SERVER["REMOTE_ADDR"]."\n";
	foreach( $ipw as $whiteip )

$ipw is a multi-line file. The way you structured "foreach" in secret.php wont do any accurate matching on my servers version of PHP. It is just reading it as a huge blob and saying that my ip is on the whitelist when it is not.

Works great for the IP_Trapped.txt though! I think the white/secret will have to be structured similarly to the iptrapped one but actually you need to get away from the \n deal and slurp the file in and do a foreach line or something.... eventually the file will be so large that it will bomb just because the function is a bit weak. At best it is doing a partial match... dont have much more time to trouble shoot it but partial matching will end up blocking a $#!+ load of wanted users

[DRIVE]

PS - on my server, even if it (my ip) is the only IP in whitelist it doesnt match it and blocks me. Even if I put two or three others or a couple dozen in there, it still does not match my IP. It only matches it when it does not exist in whitelist, and whitelist has enough of a listing that it does a partial match. Tested it backwards and forward. If I cut out several hundred of the preloaded whitelist IP's, it does not match it whether I put it in there or not.

PHP on that server is: 5.2.17 (Old Stable, not supported by PHP but still very common) http://php.net/downloads.php

So again:

My IP in Whitelist: blocked
My IP not in Whitelist: matches
My IP in in whitelist but white list reduced in size: blocked'

*ya, I made doubly sure that I was whacking it out of the blocked list when I tested

Edited by DRIVE, 14 July 2011, 13:33.

[caseoli]

Hi.

I have just loaded this addon to my osc 2.3.1 site but it fails to work.

1. If I type my website address plus /admin I get thrown back to my main start up page. There is no error code in my log files and the date is not being updated on the files.

2. If I type my website address and add on banned/IP_Trapped.txt I get 999.999.999.9999 which is the contents of the file.

3. I have not changed my htaccess file as this is protected by a package called SafeZone which is an addon from my hosting company

4. My application_top.php files has been amended to show
// include the list of project filenames
require(DIR_WS_INCLUDES . 'filenames.php');

// IP Trap V5
include(DIR_WS_INCLUDES . 'secret.php');

5. I don't have a catalog directory but have added the directories as supplied by you and renamed personal to admin

6. If I manually add my IP address I do get blocked out.

Any ideas please because the last site was hacked very badly and I note from the logs file that there have been attempts to look for the admin folder and some file names.

Thanks

Ian

Edited by caseoli, 22 July 2011, 16:22.

[caseoli]

Further to my problem. I have discovered the following error messages in my logs...

[Sat Jul 23 06:45:04 2011] [warn] mod_fcgid: stderr: PHP Warning: file(/banned/user_agents.txt) [<a href='function.file'>function.file</a>]: failed to open stream: No such file or directory in /home/linweb04/c/copyboards.co.uk-23133835/user/htdocs/includes/secret.php on line 32
[Sat Jul 23 06:45:04 2011] [warn] mod_fcgid: stderr: PHP Warning: Invalid argument supplied for foreach() in /home/linweb04/c/copyboards.co.uk-23133835/user/htdocs/includes/secret.php on line 34
[Sat Jul 23 06:50:29 2011] [warn] mod_fcgid: stderr: PHP Parse error: syntax error, unexpected '<' in /home/linweb04/c/copyboards.co.uk-23133835/user/htdocs/includes/secret.php on line 18

If I am reading the code correctly in this addon, a whitelist IP will get thrown back to the main index page for the website. This is clearly not happening.

Can anyone enlighten me please?

[caseoli]

I have managed to get it working after a fashion....

In the end I deleted the whitelist.txt file and now the site works as it should when the 'banned' directory is accessed.

Now all I need to do is find out how to get the whitelist to work so I can get access to my admin section without having to play around with the file structure....

Love the idea of this app though

[saupe31]

its because the whitelist in the pack has 1000s of ips on it for some reason

[mlavanish]

I was having similar problems with version 5.2 and 2.2 RC2. Banning was not working, and attempts to go to the trap redirected to the site index.

In the end I deleted all the IP addresses in the whitelist that had only 3 parts, and left all the 4 part addresses intact.

Now it seems to ban correctly, and the whitelist seems to work properly (I think). When my IP is on the whitelist and not the banned list I am redirected to the index.php.

Not sure what the problem is (could be too many addresses in there, or some other error), but there's a workaround that might work for some.

[Grant7]

Having problems with IP Trap version 5.2 and 2.2 RC2.

Followed all the instructions, uploaded all new files, made edit to includes/application_top.php, and renamed personal folder to admin.

When I access my site at mysite.com/admin it simply redirects me to mysite/index.php instead of banning me.

Help please?

Thanks!

[Grant7]

Further to my post above, when I add my ip address to /banned/IP_Trapped.txt I get the banned page, but when I try to access mysite/admin for some reason I am not added to the banned list.

Thanks.

[mlavanish]

Do what I did just prior to your post and you should be alright.

[beauty1gaddis]

I cleared my IP and made sure I could get to my store.

[Grant7]

mlavanish, on 30 July 2011, 06:19, said:

Do what I did just prior to your post and you should be alright.

I tried that, didn't work.

[Tom172]

I have installed IP Trap 5.2 on a 2.2rca shop. It looks as if everything just works fine, except the whitelist does not recognize me. I tried what someone advised earlier: remove the short IP addresses. With no result.

Even if my IP Address is the only one in whitelist.txt (and it is removed from ip_trapped.txt) it doesn´t recognize me.

This is no big problem. I am just asking for better understanding.

One other question is: For what reason would I want to have all these IP Addresses into the whitelist?

[websissy]

I recently installed IP_Trap on a client's 2.2rc2 site. The installation went well; but when I tried to test I found that (as others have reported), I was also being redirected to the store's ../index.php whenever I tried to visiit "catalog/personal" rather than being banned. After analyzing the code a bit, I realized there was a loop through the whitelist file built into "catalog/personal/index.php" that redirects the user back to "../index.php" if a match on the IP address is found in the "banned/Whitelist.txt" file. Yet, I was SURE my IP address must NOT be in that file and a quick check confirmed I was NOT there.

Puzzled by this situation, I then made a small patch to the "foreach" loop code which originally looked like this:

 foreach( $ipw as $whiteip )
 {
   $test = strcmp($whiteip,$ip);
	   if($test == 1)
   {
   header ("location:"."../index.php");
   exit;
   }
 }

 foreach( $ipw as $whiteip )
 {
   $test = strcmp($whiteip,$ip);
	   if($test == 1)
   {
//   header ("location:"."../index.php");
print $whiteip . ' ' . $ip;
   exit;
   }
 }

To my great surprise when I tested using this code I found my new "print" command produced the following...

8.6.48 75.161.49.58

In short, my IP address (75.161.49.58) was producing a false positive match in the Whitelist.txt file with the IP string (8.6.48) ?

Say WHAT?

So I then removed the (8.6.48) IP address from Whitelist.txt and tested again. To my surprise I was banned as I should have been earlier in the very next test.

I noted that one user theorized he thought the cause of false positives in the Whitelist.txt file issue was ANY 3 part IP address, while another suspected the cause of false positives might be the failure to include a standard DOS line-ending CR/LF pair at the end of each line in the Whitelist file. So checking further, I found that the foreach loop had NOT gotten false postives on ANY 3 part IPs that occured in Whitelist.txt BEFORE the 8.6.48 IP address appeared, I also double-checked using a hex-file-editor and confirmed that there was a standard DOS CR/LF pair character on the line in Whitelist.txt containing 8.6.48 AND on all lines before and after that.

After checking and confirming 8.6.48 was one of the IP blocks used by the google spider, I decided I could NOT leave that IP block out of Whitelist.txt. Lacking any further explanation for why the FOREACH loop concluded 8.6.48 was the same as 75.161.49.58, I decided to relace 8.6.48 with the 255 IP addresses from 8.6.48.1 to 8.6.48.255. That didn't work either because 8.6.48.1 was "judged" the same as 75.161.49.58! So much for the theory the problem had something to do with 3-part IP addresses!

Next, I tried changing my IP address to see what happened. That resulted in my NEW IP address matching an entirely different 3 part IP number in Whitelist.txt. Arghhhhh!

Then I took a deep breath, stopped, sat back and thought about the situation for a minute. By definition, if a visitor is wandering through these directories they're disobeying my stated robots.txt rules. AFAIK, NO spiders should EVER be allowed to disobey those rules. Frankly, I don't want to grant ANY spider... even Google's spider -- a "pass" if it's trying to search my forbidden areas. So in the end, I decided it was best to delete ALL rows in Whitelist.txt and thus block every visitor that tries to access those areas.

Conclusion for FIMBLE: At best, this Whitelist code is buggy as hell and needs to be totally rewritten so that it's reliable.

Question: Am I overlooking something critical here or thinking about this blocking disobedient spiders situation wrong? If so, can someone please explain why I need this Whitelist feature at all?

Thanks!

[togrok]

Hello,

Excellent IP Trap tool! The only problem is the Whitelist.txt doesn't work for me at all. I deleted all except mine and work, but no one would get banned. So, I removed my IP from the Whitelist and still I was directed to the index.php with only one IP in the list. I haven't tried removing all of them, but when I removed the file Whitelist.txt, it works perfectly. I would like to be able to use the whitelist function though. Please let me know if there is any correded code for some file in this Contribution.

Thanks,

Bob

[JeddeJ]

Just a quick question in the file IP_Trapped.txt, should all the IP addresses added get a new line?

Because all the IP's in my trap run together so how does the system know where to split them ? Or is it as simple as a number check on a string?

Although if that is the case then some IP's might get banned by accident.

[djdeuce]

I had the same problems. My website was redirecting me every time to the home page when trying to go to /personal. It also was not blocking me or even adding my ip to the iptrapped file. The main problem was the whitelist text file. At the very bottom there are spaces that need to be deleted. Once I deleted all those out it works. I also encountered a 500 internal server error when I first started and to fix that just change the permissions on all the files from 0777 to 0644. You can test it at my website to see it working; email me to unblock you. Good luck!
http://www.storageshedsonsale.com/

[djdeuce]

Whitelist does not like some ip addresses. If Whitelist does not like the ip address entered it will make the trap not work at all and redirect anyone going to /personal to the index page. Somehow it is being picky about how many characters are in each block. Here is an example of an ip that Whitelist allows and one that Whitelist does not.

72.167.191.30 <-- added to Whitelist and trap works
97.74.139.193 <-- added to Whitelist and trap redirects to index

Fimble please help

[djdeuce]

I now have a solution, but my problem was that I have a security scanner that ignores robots.txt and scans all directories. This spider hits the trap every time and the whitelist will not work for some of it's ips for reasons stated in my last post. I have no idea how to fix this contribution to not be picky about certain ips and I need to keep this spider out of the /personal folder. To do this I simply added this to the .htaccess file in /personal directory. You can add more deny lines for more ips to keep them out if needed.

order allow,deny
deny from 97.74.139.192
deny from 97.74.139.193
allow from all

[blue7hand]

Found Solution to problem quite a few people had, that by accessing /personal they would only get forwarded to the index file but not get blocked.
The solution that worked for me was simple: rename Whitelist.txt and IP_Trapped.txt to lower case.
Then change it in the same way in all places where those filenames appear, in these files:
includes/secret.php
personal/index.php

Now it works perfectly.
My host is linux, php

5.1.5

Good Coding,

Jörg

Edited by blue7hand, 31 December 2011, 01:21.