Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

IP trap Version 3 released


FIMBLE

Recommended Posts

Ok soooo I got it to work but IF and only IF my IP is at the top of the list. I added it to the bottom of the list (whitelist) and I was instantly blocked upon visiting /personal directory. When I added myself to the top of the list I was not blocked.

 

I would invite anybody who has this working to take their IP and put it at the bottom of the whitelist and see if they get the same results. FIMBLE, hopefully you can test and look into this.

 

 

Same here ... if my IP at bottom I can get banned. If at top it works as documented.

 

ed

Link to comment
Share on other sites

Question...

First I'd like to say thanks for a great add on....

Installed no problem...

Works when I tested....

No bans from any snoopers yet....

 

Anyhow.

What if we were to add the bad ip addresses listed on this website:

http://www.stopforumspam.com/

I use this database on another site and it helps prevent spammers from registering... and it works GREAT!

Can it be as simple as adding the list of ip addresses to the "banned" list?

Makes sense to me. What do any of you think?

Thanks.

 

No response? I'm very curious.

That "Can" you're about to open... has worms!

Don't say I didn't worn ya.

n. pl. cans of worms Informal - A source of unforeseen and troublesome complexity.

Link to comment
Share on other sites

I installed IP Trap 4 today (previously had 2.1 installed). But I found the whitelist doesn't work. I added my IP to it and I still get banned. I searched through this forum for a solution and found that someone said if you add your IP to the top of the list it'll work. I tried that and it didn't. Besides you should be able to add it anywhere, this shows that IP trap is not searching through the whole list, too.

 

I upgraded to v4 for the whitelist option. I have McAfee Secure on my site http://www.foryoursalon.com/ and they scan the whole site everyday. I'm getting banned emails for their ip's, isn't really affecting McAfee's scan that I can see but wanted to add their ip's to the whitelist.

 

Any help would be appreciated. :-)

 

- Ken

Link to comment
Share on other sites

hi

 

I also installed v4 today, and found the whitelist doesn't work. I've tried with my IP at both the top and the bottom, and neither made a difference.

 

>-- installed, according to instructions

 

>-- tested, by going to /ariadnetheweaver.org/personal

>-- got "you've been blocked" page.

 

>-- added my IP to whitelist.txt, uploaded the changed file.

>-- changed the banned.txt file so it did NOT include my IP address.

 

still can't visit /personal without being banned, despite my IP being on the whitelist..

Edited by Ariadnetheweaver
Link to comment
Share on other sites

hi

 

I also installed v4 today, and found the whitelist doesn't work. I've tried with my IP at both the top and the bottom, and neither made a difference.

 

>-- installed, according to instructions

 

>-- tested, by going to /ariadnetheweaver.org/personal

>-- got "you've been blocked" page.

 

>-- added my IP to whitelist.txt, uploaded the changed file.

>-- changed the banned.txt file so it did NOT include my IP address.

 

still can't visit /personal without being banned, despite my IP being on the whitelist..

 

Do you have a dynamic IP number ?

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

I installed IP Trap 4 today (previously had 2.1 installed). But I found the whitelist doesn't work. I added my IP to it and I still get banned. I searched through this forum for a solution and found that someone said if you add your IP to the top of the list it'll work. I tried that and it didn't. Besides you should be able to add it anywhere, this shows that IP trap is not searching through the whole list, too.

 

I upgraded to v4 for the whitelist option. I have McAfee Secure on my site http://www.foryoursalon.com/ and they scan the whole site everyday. I'm getting banned emails for their ip's, isn't really affecting McAfee's scan that I can see but wanted to add their ip's to the whitelist.

 

Any help would be appreciated. :-)

 

- Ken

 

 

It does not matter where in the list you place the IP number the result should be the same.

Things to check

Your IP number has been removed from ther banned file,

Your IP number is not dynamic

The files have permissions set to allow them to be opened by the script

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

This thread fits quite well as this is the ultimate upgrade to the IP Trap. Because of this update the IP Trap is now obsolete. For even greater protection one should use the PHPIDS for osCommerce 1.4 by Celextel, http://addons.oscommerce.com/info/7374 . It makes use of great features for securing you site as well as the IP Containment and Management System.

 

 

I think its great you have made this contribution, anything that further protects the osCommerce community is well worth adding, well done.

 

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

I think its great you have made this contribution, anything that further protects the osCommerce community is well worth adding, well done.

 

Nic

Nic,

 

I am humbled that despite my unruly behavior towards you, and all my attempts to ruffle you up, you prove to be quite the gentleman. I wish you the best of luck in all your endeavors and thank you for your efforts provided here. Without what you have done, I would not have done. There are lots of things out here, online and at various open source forums and such, that are not always what they seem. Rumors start, people, such as I, sometimes fall prey to them. Without open source and the communities that follow them many people would not have the benefits they do now. I apologize for being such a pain in *ss. I like to stir things up and get peoples juice flowing at times, but at the end of the day we are all here for similar cause. Well done to you Nic.

Link to comment
Share on other sites

If you add the list to the banned text file then they will be banned.

 

Thanks Fimble.

I'm not having any issues with spammers on my site... yet. But I manage a forum that a lot of spammers try and register on.

Just yesterday (5/27/10) there were 36 spammers that tried registering and all were blocked from registering because of the database from stopforumspam(dot)com

If and when I may need to... I'll add the list from that site to the blocked list.

Thanks again for a great contribution!

Edited by forummaker

That "Can" you're about to open... has worms!

Don't say I didn't worn ya.

n. pl. cans of worms Informal - A source of unforeseen and troublesome complexity.

Link to comment
Share on other sites

For those having problems making version 4 work (especially with whitelists), here are the fixes:

 

In catalog/personal/index.php, lines 9, 24, and 40:

  1. Change the single quotes surrounding the filename to double quotes
  2. Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT)
  3. Change "../../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../../")

In catalog/includes/secret.php, line 11:

  1. Change the single quotes surrounding the filename to double quotes
  2. Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT)
  3. Change "../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../")

Also, there is a problem if the very last entry in the whitelist doesn't have a trailing newline. That entry is skipped. So when you add IPs to the whitelist, be sure the last line has a newline.

 

For better security, I recommend creating an .htaccess file in the "catalog/banned" directory with the following line:

Deny from all

Check out Chad's News.

Link to comment
Share on other sites

  • 5 weeks later...

I installed IP trap version 4. when I try to access a blocked area I get the blocked page. working... but when I go to the site again I can still access it. Am i misunderstanding the function here? once an IP is in the blocked list it should be denied access to the whole site or is the function to simply redirect attempts at blocked areas? thanks....

Link to comment
Share on other sites

For those having problems making version 4 work (especially with whitelists), here are the fixes:

 

In catalog/personal/index.php, lines 9, 24, and 40:

  1. Change the single quotes surrounding the filename to double quotes
  2. Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT)
  3. Change "../../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../../")

In catalog/includes/secret.php, line 11:

  1. Change the single quotes surrounding the filename to double quotes
  2. Put a dollar sign ("$") in front of DOCUMENT_ROOT (change DOCUMENT_ROOT to $DOCUMENT_ROOT)
  3. Change "../" to "catalog/" (where "catalog" is the directory that your store is in -- if your store is in the root directory, then just delete the "../")

 

After installation, I put my ip in the banned txt file. Did receive the banned page. So then deleted my ip from the banned and inserted in the whitelist file. Now I receive an error message when accessing my site. The message is:

 

The page isn't redirecting properly

 

Did edit the personal/index.php and includes/secret.php to the above tip. So this is what it looks like now.

 

$ipw = file ("$DOCUMENT_ROOT/banned/Whitelist.txt");

 

Permissions is set at 755.

 

NOTE: I received same error as the second time. What I mean, I put store back to where it was before installing IP Trap. Worked fine. Then reinstalled, same problem.

Link to comment
Share on other sites

Sorry, but maybe I should include website which is located at brs-giftshop.dot.com

 

This refers to above post.

 

with google search, I found this. Should a line be included in catalog/includes/configure.php

 

define('DIR_FS_DOCUMENT_ROOT'

 

Because I do not.

Link to comment
Share on other sites

I installed IP trap version 4. when I try to access a blocked area I get the blocked page. working... but when I go to the site again I can still access it. Am i misunderstanding the function here? once an IP is in the blocked list it should be denied access to the whole site or is the function to simply redirect attempts at blocked areas? thanks....

 

Hello

Do you hve the line aded to your application_top.php?

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

whats your URL

 

My URL is http://brs-giftshop.com

 

I removed the // in front of require(DIR_WS_INCLUDES . 'secret.php'); and renamed the files to their original names again. I put my IP address in banned.txt and tried it. I was blocked. Then removed my IP from the banned.txt and inserted it into the whitelist.txt file and then was able to see my site.

 

So now am not getting any error messages at home page. So I am assuming it is fine. But feel to try the URL address.

Link to comment
Share on other sites

  • 1 month later...
  • 3 weeks later...

I installed and testing this addon yet when I block myself I am still able to access my website with no issues.. I went to the "personal" folder and got the banned page and got an email saying it banned myself.. Yet I was still easily able to browse my site..

A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...