Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

IP trap Version 3 released


FIMBLE

Recommended Posts

hello all,

 

i have updated to v3 IP TRAP

 

i have found it hard to gtrap my ip when i go to

test here

 

no matter how may time i try.

 

it seems that the IP_Trapped.txt file is not being written or something. CHMOD 644

banned file set to 755

 

not sue what the issue is

 

i have tried everything?

 

Hi,

I tried the trap and it banned me, i tried a few pages and it seems to work.

The Permissions should be set to

banned folder - 755

the two .txt files inside should be 666

 

Thanks for the feed back

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Hi,

I tried the trap and it banned me, i tried a few pages and it seems to work.

The Permissions should be set to

banned folder - 755

the two .txt files inside should be 666

 

Thanks for the feed back

Nic

 

ok thanks is for any reason that it will not ban me? my IP is not in the Whitelist.txt???

i use FF not IE.

Thanks in advance!

 

Ben

Link to comment
Share on other sites

ok thanks is for any reason that it will not ban me? my IP is not in the Whitelist.txt???

i use FF not IE.

 

it should not matter what your browser is, i need to have a look at the code again, using the amount of E-Mails i am getting confirming banned people it seems a small minority are having a problem.

 

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

it should not matter what your browser is, i need to have a look at the code again, using the amount of E-Mails i am getting confirming banned people it seems a small minority are having a problem.

 

Nic

 

it has started to work just not for my ip, thanks

Thanks in advance!

 

Ben

Link to comment
Share on other sites

@ altoid

Thanks steve, i will probably need the help

Nic

 

Nic, for what it's worth I messed around a bit tonight with the contrib and got some interesting results.

 

I deleted Whitelist.txt from my directory, ran my store url and go the pHp missing file error, etc. stuff.

 

I re-uploaded Whitelist.txt and then ran the ****/personal URL and got the blocked action, ****/blocked.php.

 

I checked in IP_Trapped.txt and found my IP and the 999.999.999.999

 

I cleared my IP and made sure I could get to my store. I could.

 

I tried to do the ****/personal thing again, but got *****/index.php instead. ***** of course being my store url.

 

Don't know if that helps but I thought I'd pass it along.

 

Steve

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Link to comment
Share on other sites

Hi Steve

Thanks i appreciate the feedback, its always welcome so long as it is constructive and aids a better add on.

This action is correct so long as you are included in the whitelist.txt

Some users have had problems whereby they are not in the whitlist and get redirected back to the index.php

I obviously have to sort this out, point of interest is that it happens mainly in Australia.

 

A point to note is that you cannot exist in both files, if you are in the Whitelist and the IP_Trapped.txt the IP_Trapped.txt over rides and has priority.

I am busy with paid stuff at present, but will get round to an update soon.

 

Thanks once again Steve.

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

I have found this is good addon in version 2.1 but when i upgrade into version 3 it not working. I just tested and i find my ip have not banned when i type www.bnetb-tanahabang.com/personal two or three time. Any idea about this issue?

 

I was using other computer to test my IP trap and it is working, but when i try to test with my computer the IP trap doesn't work, and i have checked in the whitelist.txt and banned.txt that my IP was not there. Sorry for my bad english.

 

But this addon still some great contributions for me. Thank You

Rocdy

 

Beginner in php programming and still learning from this forums.

Special thanks for Oscommerce Community Forums that help me a lot. :-)

Link to comment
Share on other sites

  • 3 weeks later...

I'm also having the same problem. I've installed 3 times now and my personal folder redirects to the catalog of my site while not adding my IP to IP_Trapped. I have two probable causes I can think of:

 

1. I use a catalog directory. Is there any code change other than specified needed if you are not running your store from the root directory?

 

2. I have a redirect in htaccess that rewrites my root store address and index page to my store catalog folder for SEO. Could my redirects be causing it?

 

rewriteCond %{SERVER_PORT} !^443$

rewriteCond %{HTTP_HOST} !^www\.mystore\.com

rewriteRule ^(.*)$ http://www.mystore/catalog/$1 [R=301,L]

 

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/

RewriteRule ^(([^/]+/)*)index\.php$ http://www.mystore/catalog/$1 [R=301,L]

Link to comment
Share on other sites

HI

I do not think this is a cause.

Until i get this sorted out (it only seems to impact a very small percentage of users) i would reccomend using the earlier version without the whitelist, i am sooo busy with paid work at present i do not have time to look at this for the forseeable

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Hmm, this is odd. You cannot checkout on my site now without getting an error. Is there something I need to change for my ssl? I've taken this contribution off my site for now until I can figure this out. I'm guessing it is the secret.php addition to application_top making this error?

 

An error occurred while trying to report this transaction to the merchant. An e-mail has been sent to the merchant informing them of the error. The following is the result of the attempt to charge your credit card.

This transaction has been approved.

It is advisable for you to contact the merchant to verify that you will receive the product or service.

 

 

Anyone else have this error?

Link to comment
Share on other sites

Ok, so this is obviously something to do with my ssl. I changed the require statement in application_top. The trap works now and customers can check out in my shop again.......but the blocked.php gets an error and does not display correctly. Here is what i changed and the error I get now on blocked.php:

 

Changed:

// include the IP Trap

require(DIR_WS_INCLUDES . 'secret.php');

 

To:

// include the IP Trap

if ($request_type == 'NONSSL')

include(DIR_WS_INCLUDES . 'secret.php');

 

Error on blocked.php:

Warning: include(DIR_WS_CLASSESlanguage.php) [function.include]: failed to open stream: No such file or directory in /home/arrowshe/public_html/products/blocked.php on line 9

Warning: include() [function.include]: Failed opening 'DIR_WS_CLASSESlanguage.php' for inclusion (include_path='.:/usr/local/php52/pear') in /home/arrowshe/public_html/products/blocked.php on line 9

Fatal error: Class 'language' not found in /home/arrowshe/public_html/products/blocked.php on line 10

 

My shop works correctly like this and I think the IP trap is working....but for cosmetic reasons or if a real customer gets blocked and I need to unblock them, does anyone know how I can fix this? Any ideas Fimble?

 

Thanks!

-Travis

Link to comment
Share on other sites

Hi Travis,

The IP trap will have no impact upon any other aspect of your site, certainly not the log in or checkout systems.

The only thing that might cause this is if you used the XSS add ons, which have been known to block real customers from checking out, i did get a fair amount of messages about this, and it always turned out to be an XSS script which gave a similar message.

The logic of the trap is that a user has to call teh personal folder in their browser to activiate the trap, the chances of trapping an actual customer is remote.

 

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Hi Travis,

The IP trap will have no impact upon any other aspect of your site, certainly not the log in or checkout systems.

The only thing that might cause this is if you used the XSS add ons, which have been known to block real customers from checking out, i did get a fair amount of messages about this, and it always turned out to be an XSS script which gave a similar message.

The logic of the trap is that a user has to call teh personal folder in their browser to activiate the trap, the chances of trapping an actual customer is remote.

 

Nic

 

 

Hi Nic,

 

First, I'd like to say thanks for all the help you provide, not just for this mod. I come across your name almost everytime I'm stuck and search this forum. So thanks again...

 

As for your statement above, and what I've been reading on this thread so far... I thought I might share my own experience with this mod so far and see if it can help you or it can help me.

 

For our own IP number not getting banned, I've found that somehow as long as the Whitelist file is uploaded to the server, the trap knows it's us and won't ban even if our own IP number isn't listed in the Whitelist.txt file. I don't know why that is as I'm not good at coding and don't know enough to offer an opinion but my observation so far is sound. I've tried it many different ways and the trap works but not on our own IP. If I remove the Whitelist.txt file it will work on my IP too but not if I leave it.

 

As for the trap having no impact upon any other aspect of the site, log in or checkout systems... in my case, that is exactly what is happening, it has an impact.

 

I use Paypal IPN... and the customer is able to checkout, go to the Paypal site for the payment... gets redirected to my site when payment is completed but somehow, the trap prevents the message to get through that the payment was received. If you are familiar with teh workings of Paypal IPN, eventough the checkout_success.php page loads and the message that the order was completed successfully appears, the status on the order remains Preparing Paypal_IPN

 

As soon as I remove the code from application_top.php calling to the secret.php page, everything goes back to normal.

 

I've been trying to figure this out for quite a while but can't seem to figure out what it could be. I noticed that when I get redirected from Paypal back to my site to the checkout_success.php page, there is some kind of delay and the page flashes a bit as if trying to load something and redirecting to something else... pretty much like a fake index page would do... you'd see an hesitation in the loading of the page. That's what I get.

 

My apologies if this doesn't sound really knowledgeable... but I'm hoping it might give you some ideas and maybe help find a solution to my problem.

 

Thanks

Link to comment
Share on other sites

Hello Maria,

I appreciate you taking the time to put in this effort and post your findings, i find them informative and interesting. i have to admit i did not do as much debugging as i now apparently should have.

Still unsure of the PayPal module though.

I will look into reworking this as soon as i have the time.

Thanks once again i really appreciate you input

Regards

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

  • 2 weeks later...

Hi,

 

Thank you for your great contribution.

 

I looked at the code. I think there is a problem. Correct me if there are some other potential issues with the change.

 

line#12

foreach( $IPlist as $Whiteip ) {

$test = strcmp($Whiteip,$ipw);

}

if ($test > 0){

 

replace with:

$test = 1;

foreach( $IPlist as $Whiteip ) {

$test = strcmp($Whiteip,$ipw);

if ($test === 0)

break;

}

if ($test === 0){

 

 

Thank,

Link to comment
Share on other sites

Guys,

I have recoded the IP trap, before i release it can you please give it a try out to make sure that it does actually work now!

Click me to test it, you should be banned.

Regards

Nic

 

Nic...not banned. Went to here: http://www.development-server.net/j/

 

Looks like the index page.

 

For what it's worth I am aware my provider has a dynamic IP. Just tossing that out here.

 

Thanks

 

SK

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Link to comment
Share on other sites

not banned here either and I tried every browser I have plus I tried the different PC's I have to see if it could be something with the versions of the browsers or the Operating system.

 

Every time I was not banned and was always able to return back to the web page

Edited by drm1963
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...