Jump to content

Archived

This topic is now archived and is closed to further replies.

GLWalker

IP Banishment

Recommended Posts

I have been trying to install this but keep getting the same errors:Warning: file(/catalog/banned/bannedips.txt) [function.file]: failed to open stream: No such file or directory in /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php on line 5

 

Warning: sort() expects parameter 1 to be array, boolean given in /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php on line 6

 

Warning: reset() [function.reset]: Passed variable is not an array or object in /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php on line 7

 

Warning: Invalid argument supplied for foreach() in /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php on line 10

 

Warning: fopen(/catalog/banned/bannedips.txt) [function.fopen]: failed to open stream: No such file or directory in /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php on line 26

 

Warning: Cannot modify header information - headers already sent by (output started at /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php:5) in /mnt/w0207/d18/s05/b02d72b0/www/catalog/catalog/secrets/index.php on line 40

What am I doing wrong?


If the only tool you have is a hammer, all your problems look like nails

Share this post


Link to post
Share on other sites
You misunderstand the logic:

 

$found = 0;
foreach( $sandtrap as $blockip ) {
 $tester = strcmp($blockip,$ip);
 if ( $tester == 0 ) {
$found = 1;
break;
 }
 if ( $tester > 0 ) {
array_push($sandtrap,$ip);
sort($sandtrap);
reset($sandtrap);
break;
 }
}

The IP's are sorted alphabetically.

 

You're comparing the stored IP's to the IP of whomever just fell into the trap.

 

So, in the loop, if the compare = 0, the IP address was found, you set the flag (the flag keeps from adding duplicate IP's) and break from the loop.

 

As soon as the compare > 0 (the stored IP address is greater than the one you're checking), you know the IP address wasn't found so you add it and break from the loop.

 

You really don't give a hoot when the compare < 0.

 

The idea there is to speed things up. As long as they're sorted alphabetically, it works and you don't have to do the compare on every banned IP address.

 

Why it wasn't workingfor you, I haven't a clue.

 

I copied the code directly from a web page I had it on where it worked flawlessly for several years.

 

I had the same exact issue - none of my test IP's were being written to the IP ban txt file. Making the change listed ( !=0 ) fixed the issue. I checked and double checked and even tried it on my local test server - same result. I think it may be dysfunctional as written in some cases based on platform versions or some other setting somewhere. It may not be as fast but I'll take working over not at all for now. Hopefully one of you coding gurus can figure out what's up...

Share this post


Link to post
Share on other sites

There is a contrib you could look at: http://addons.oscommerce.com/info/5914


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Hello, i'm new here and don't have much experience and this community helped me a lot.

 

I was wandering if there are any drawbacks if i was to store the banned ips to a mysql database rather then text file ?

 

Thanks.

Share this post


Link to post
Share on other sites
I was wandering if there are any drawbacks if i was to store the banned ips to a mysql database rather then text file ?

 

the only disadvantage i can think of is that viewing and editing the list would be a little more work. with a .txt file you can just ftp it and bring it up in your editor. if it's in the database then you'd either have to write some code to view/edit the records in the table or use phpmyadmin to do that.

 

it might be slightly faster (especially for large lists) to use the db, but the only "users" of the code that would need to sort and re-write the file would be the bad bots. so i don't mind letting them take the time hit.

Share this post


Link to post
Share on other sites
Hey there .. caught this post and thought i`d post some input.

 

I made a custom admin page for banning ip's. Can add and remove ip's ... which are written to the FS_BLOCKED_IPS_FILE congiration table value.

I just have it called blocked.txt

 

Anyway here is the code which actually writes the ip to the text file

 

 

require('includes/application_top.php');

 

// Get updated vars from form

if ($_POST['ip']):

$ip = $_POST['ip'];

$rows = count($ip);

$del_ip = $_POST['del_ip'];

$date_blocked = $_POST['date_blocked'];

 

What you are using the data for shouldn't let this be a problem but you should get in the habit of sanitizing EVERY get and post or you will be opening youself up to far worse than just having runaway bots everywhere. In addition, be sure to install the mod for that.

 

Good luk

Share this post


Link to post
Share on other sites

I will use phpmyadmin for now, but i think i will add a page to the admin so i can view, delete, add ips to the list.

 

Also if you use Anti XSS mod, instead of using another text file and log.php you can send it to your ip trap file, this you can log all the attempts in one database.

Share this post


Link to post
Share on other sites

Hi

 

The Users Ip was not collected on my server

 

I changed

 

$ip = "$REMOTE_ADDR"."\n";

 

to

 

$ip = $_SERVER["REMOTE_ADDR"]."\n";

 

Which works OK

 

I Also added 9999.9999.9999.9999 to the IP_Trapped.txt

 

Works great now. Thanks.

 

Regards

 

Ken

Share this post


Link to post
Share on other sites

Per the inspiration provided within this post I have created an IP Containment and Management System http://addons.oscommerce.com/info/7334 . This topic has been here for some time and realizes a shift towards the idea of being able to block visitors that browse to areas they are specifically asked not to. Thanks to Germ, Glcustoms and Insomniac2 for getting these ideas moving. Without the post contained here I may have not found the inspiration to rebuild this idea completely. Others have tried, but offered little more than what was already posted here, and without a single credit towards the greats who originally made it happen. I could not stand by and let the ideas presented here be lifted as the works of another. Tthe ideas that came from here were geared toward such a meaningful purpose; to truly help others with no personal gain.

 

My IP Containment and Management System http://addons.oscommerce.com/info/7334 is not at all like what is found within the post here, it is a spawn of the ideas and code presented. It is a total refinement based strictly on osCommerce coding standards. It does not rely on outside scripts and no need to edit any text files when true customers get caught. Everything is database administered through the sites admin panel. It has checks in place so that it will not capture the same IP Address more than once. This is a great way to ensure someone who has been accidentally blocked, perhaps for being a curious fellow, will not be blocked again once placed on the allowed status. Throughout the years there have been many similar contributions, but none were as simple and resource limited as this one. This thread has mentioned in a few places that what they did was very resource intensive. Now there is no need to worry of that as this new contribution uses an existing function that is already running to do its work.

 

Thanks for the ideas and inspiration everyone.

Share this post


Link to post
Share on other sites

To set the record straight, the person who first took the ideas prsented here and made a contribution out of them did send me a PM asking if I thought it would be OK.

 

Since I didn't really do anything but use someone elses idea (credit was given where credit was due, although the original site where I found the idea no longer exists) and make some of my own embellishments.

 

I replied that I didn't care.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

×