IP Trap V2.1 & Anti-xss

[♥geoffreywalton]

Anybody got any thoughts why after entering cc details on authorize.net

 

https://secure.authorize.net/gateway/transact.dll

 

the ip trap is activated and the xss script is too?

 

I know some people do not like authorize.net but this is overkill!!

 

:-)

 

The ip trap script, block.php, displays a you are blocked page but it is not shown if I change punish = 2 to = 0 in secret.php script

 

$ua = ( isset($_SERVER['HTTP_USER_AGENT']) && ($_SERVER['HTTP_USER_AGENT'] != "")) ? $_SERVER['HTTP_USER_AGENT'] : "";

$ip = $_SERVER["REMOTE_ADDR"]."\n";

$punish = 0;

if ( $ua == "" )

{

$punish = 2;

}

 

The browser agent is not shown on the screen. Just had a thought is it single quotes around HTTP_USER_AGENT?

 

So once that was changed I then get told to "go away" by the XSS script. Looks like the rules in .htaccess redirects the page.

 

Took this out and everything worked

 

# extra anti uri and xss attack script 2 - sql injection prevention

#Options +FollowSymLinks

#RewriteEngine On

#RewriteCond %{QUERY_STRING} ("|%22).*(>|%3E|<|%3C).* [NC]

#RewriteRule ^(.*)$ log.php [NC]

#RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC]

#RewriteRule ^(.*)$ log.php [NC]

#RewriteCond %{QUERY_STRING} (java script:).*(;).* [NC]

#RewriteRule ^(.*)$ log.php [NC]

#RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if).* [NC]

#RewriteRule ^(.*)$ log.php [NC]

#RewriteRule (,|;|<|>|'|`) /log.php [NC]

 

Can you see what is being invoked?

 

I would prefer to re-enable ip trap and xss so any help would be appreciaed.

 

Thanks

 

Geoffrey