Jump to content
Sign in to follow this  
FIMBLE

IP trap Version 3 released

Recommended Posts

Thank you, now done all appears okay


Os-commerce v2.3.3

Security Pro v11

Site Monitor

IP Trap

htaccess Protection

Bad Behaviour Block

Year Make Model

Document Manager

X Sell

Star Product

Modular Front Page

Modular Header Tags

Share this post


Link to post
Share on other sites

...... it will prevent automated scripts from attacking it as they are hardcoded mostly for "admin".

 

Regards

Nic

 

Nic, since incorporating the "admin" folder strategy with ip Trap, I have also used/kept the "personal" folder as bait. Both are in place I mean, with appropriate index files incorporated. I want to make sure I am OK with both in place.

 

Thanks


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Hi Steve,

Thats fine and will not cause any conflict with one another

Rgds

Nic

 

Thanks for confirming Nic. You mentioned automated scripts used for attacks. I think I observed that in my logs a while ago where the script, pretty much rapid fire had tried about every version of myshop.com/admin to gain access. After myshop.com/ there was myadmin, admin1, adminadmin, oscadmin and even /admin/admin. There were something 10 or so tries befor that attempt eventually got trapped when they got the "correct" combination that put your add on in play.


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Hello all,

 

Ive installed the Iptrap, trap is working

 

But i am having the following problems.

 

My ip is in the white list but i still am getting blocked (there are no spaces in the file :-))

I am not getting any mails and my email adress is set correctly.

 

I am however on a windows server (mijnhostingpartner.nl)

 

Website is pc-allin.nl/shop

 

regards Wim

Share this post


Link to post
Share on other sites

Hi Wim,

Do IP numbers get written to the IP_Trapped.txt file when they are banned?

If you are sure its installed correctly then it could be a permissions issue, the .txt files should have write permissions, on a Linux server this is 666, i am not sure what it is on a Windows box though

NIc


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

Hi Wim,

Do IP numbers get written to the IP_Trapped.txt file when they are banned?

If you are sure its installed correctly then it could be a permissions issue, the .txt files should have write permissions, on a Linux server this is 666, i am not sure what it is on a Windows box though

NIc

 

Hi Fimble

 

Yes ip is getting written into IP_Trapped.txt and i enterded my ip to the whitelist and yes all txt files in the banned dir have write permissions.

On my windows hoster i have givven write permisions to the user for php

 

But i am still banned with my ip in the white list ?

 

regards

Wim

Share this post


Link to post
Share on other sites

Hi Wim,

Make sure that your IP is not in the IP_Trapped.txt also, if it is it will over ride the Whitelist.txt

Nic

 

Ok here is how it is.

 

My ip is in the whitelist en not in ip trapped when i go to my admin dir i get banned and my ip is written into Ip-trapped

Also i get no mails what so ever ?

There are no spaces in the white list !

 

regards wim

Share this post


Link to post
Share on other sites

Hi,

 

Thank you very much for this contribution and all the useful information.

 

I would like advice with the following if anyone can help:

 

Recently I noticed from the who's online tool that users are visiting urls like this:

 

www.mysite.com/contact_us.php/admin/file_manager.php/login.php

www.mysite.com/easymap.php/admin/file_manager.php/login.php

www.mysite.com/shipping.php/admin/file_manager.php/login.php

 

The ip trap is not catching these so my question is.

Should I be concerned? They don't look like urls that a normal user should be visiting.

Should I add the user's ip address to the ip_trapped file?

 

Thank you in advance.

Edited by artstyle

Share this post


Link to post
Share on other sites

hello, great addon, works good easy to install

 

and some one post more info on the .htaccess file mods or update the contrib

 

also my concern is towards blocking wanted bots and SEO, can this effect search engine crawls which would be bad.

 

thanks

Share this post


Link to post
Share on other sites

Hi,

 

Thank you very much for this contribution and all the useful information.

 

I would like advice with the following if anyone can help:

 

Recently I noticed from the who's online tool that users are visiting urls like this:

 

www.mysite.com/contact_us.php/admin/file_manager.php/login.php

www.mysite.com/easymap.php/admin/file_manager.php/login.php

www.mysite.com/shipping.php/admin/file_manager.php/login.php

 

The ip trap is not catching these so my question is.

Should I be concerned? They don't look like urls that a normal user should be visiting.

Should I add the user's ip address to the ip_trapped file?

 

Thank you in advance.

 

Hi

The IP trap will only catch that if you set the personal folder to admin once you have moved the real admin folder to a new name.

Those files being called by the user should not exist on your site anyhow as they are and i have no doubt the user has "other" intentions than shopping on your site!

IP Trap is just that it sits and waits, re active as it were, it is pro active once it has trapped an IP otherwise it will sit there !

Nic


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

 

also my concern is towards blocking wanted bots and SEO, can this effect search engine crawls which would be bad.

 

 

 

Hello,

thank you,

Good bots; so long as you have your robots file accurately placed and it has the correct information in it will obey it and never stray into your disallowed area.

If the robots.txt is not accurate or located correctly then you are at risk of banning one.

Nic

 

 


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

Hi

The IP trap will only catch that if you set the personal folder to admin once you have moved the real admin folder to a new name.

Those files being called by the user should not exist on your site anyhow as they are and i have no doubt the user has "other" intentions than shopping on your site!

IP Trap is just that it sits and waits, re active as it were, it is pro active once it has trapped an IP otherwise it will sit there !

Nic

 

Hi Nic,

 

Thank you very much for your reply.

I am watching my site and it seems that this is happening very often. I am manually adding ip addresses to the ip_trapped file but I can't keep up with them!

I have renamed the admin file and renamed the personal file to admin. The ip trap is not catching this (I think) because they are not going to www.mysite/admin but to www.mysite.com/shipping.php/admin/categories.php/login.php?cPath=&action=new_p and www.mysite.com/dynamic_sitemap.php/admin/categories.php/login.php?cPath=&acti

 

In this thread

http://forums.oscommerce.com/topic/372284-ip-trap-variable/

 

the advice given to a member having a similar problem was to add this code to the top of both application top files:

 

if (strpos($_SERVER['REQUEST_URI'], ".php/login.php") !== false) {

die("oops you got nabbed"); // choose what you want to do with this request

}

 

Do you recommend this? Is there anything else I can do to disallow visitors from going to urls like that?

 

Thanks again for your reply,

Alexandra

Share this post


Link to post
Share on other sites

Hi,

 

dear FIMBLE

I think your contributions is very good & useful.

 

As a nonexpert I installed IP Trap_5.1 on my system osCommerce 2.2-MS2;

i.e. I (tried) to follow your instruction, made the 2 sm. changes and uploaded

all files to my web site.

[by the way I left my admin-file as it is, i.e. I did not rename it and upload

the personal-file into my catalog-file,too.]

 

Now, when I go to http://www.mysite.com/catalog/personal/

I get the following error message (instead of a white page?):

Warning: fopen(../banned/IP_Trapped.txt) [function.fopen]: failed to open stream: Permission denied in /www/htdocs/xxxxxx/catalog/personal/index.php on line 64

 

Warning: flock(): supplied argument is not a valid stream resource in /www/htdocs/xxxxxx/catalog/personal/index.php on line 65

 

Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/xxxxxx/catalog/personal/index.php:64) in /www/htdocs/xxxxxx/catalog/personal/index.php on line 88

Immediately I get also the e-mail saying that the IP (my IP) has been blocked.

But I can still open my Web site and the admin-Board.

[The only exception: I can not open the File Manager on th admin-board, getting the error page HTTP

404.]

My IP is also not written on the text-file IP_Trapped.txt.

 

I hope you can tell me what I made wrong.

Thank you very much for your kind help.

Share this post


Link to post
Share on other sites

Hi,

 

dear FIMBLE

I think your contributions is very good & useful.

 

As a nonexpert I installed IP Trap_5.1 on my system osCommerce 2.2-MS2;

i.e. I (tried) to follow your instruction, made the 2 sm. changes and uploaded

all files to my web site.

[by the way I left my admin-file as it is, i.e. I did not rename it and upload

the personal-file into my catalog-file,too.]

 

Now, when I go to http://www.mysite.com/catalog/personal/

I get the following error message (instead of a white page?):

 

Immediately I get also the e-mail saying that the IP (my IP) has been blocked.

But I can still open my Web site and the admin-Board.

[The only exception: I can not open the File Manager on th admin-board, getting the error page HTTP

404.]

My IP is also not written on the text-file IP_Trapped.txt.

 

I hope you can tell me what I made wrong.

Thank you very much for your kind help.

Share this post


Link to post
Share on other sites

Just wanted to say that I have just finished adding this add-on and it works perfectly. Easy to follow and the test worked and I received a email letting me know the banned IP Number.

 

Thank you for helping us keep our Websites safe. It is greatly appreciated. :D

Share this post


Link to post
Share on other sites

I have just installed IP Trap V5, but are unsure about whether it works or not.

 

When adding an IP_adress for the IP_Trapped.txt I am being denied acces and get the blocked.php to see and receive an email. ANd when I an removed from the IP_Trapped.txt I have full access.

 

But I have tried to access my site and being reloading different pages again and again many times, byt I am not being trapped.

 

How do I "force" a trap, what do I have to do to be proved that the trap is working.

 

I can access the IP Trap by accessing the .../personal, and I see the trap and my IP-address i placed in the IP_Trapped.txt.

 

My site is: www.tiggi.dk

 

 

Kindly

 

Jorgen

Edited by klitmoeller

Share this post


Link to post
Share on other sites

Hate to stir the pot, but I'm having trouble with it writing to the IP_Trapped file. Everything appears to operate as it should, but the trapped file is never altered. I can manually edit and put my IP in and then get blocked as it should, but the index.php just won't change the file.

 

I've set the IP_Trapped file to 666 but to no avail. Even set the banned directory to 777 just to test it out (briefly), but no go.

 

Any ideas?

Share this post


Link to post
Share on other sites

I have just installed IP Trap V5, but are unsure about whether it works or not.

 

When adding an IP_adress for the IP_Trapped.txt I am being denied acces and get the blocked.php to see and receive an email. ANd when I an removed from the IP_Trapped.txt I have full access.

 

But I have tried to access my site and being reloading different pages again and again many times, byt I am not being trapped.

 

How do I "force" a trap, what do I have to do to be proved that the trap is working.

 

I can access the IP Trap by accessing the .../personal, and I see the trap and my IP-address i placed in the IP_Trapped.txt.

 

My site is: www.tiggi.dk

 

 

Kindly

 

Jorgen

 

Hi Jorgen

I have just tried your sites IP trap and it is working ok, banned me and kept me banned.

Please let me know if there is another issue

Nic


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

I installed the most recent version of the contribution, but it is not working for me. Its a super easy install so I am unsure of where my problem lies.

 

When I try to access the personal folder I get redirected to index.php. Has anyone else had this issue?

 

My website is littlestork.ca

 

Thanks,

Johan

Share this post


Link to post
Share on other sites

@jonanv & @artstyle

This is the behaviour of an IP added to the Whitelist, @jonanv i just tried yours and got blocked and stayed blocked, it is working for me.

Nic


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

@jonanv & @artstyle

This is the behaviour of an IP added to the Whitelist, @jonanv i just tried yours and got blocked and stayed blocked, it is working for me.

Nic

I tried upgrading from the previous version and I didn't find it worked. I tried a fresh install and it just redirects me to the index page and doesn't ban me. The whitelist was fresh from the contribution. I didn't add my ip in the whitelist.

 

I also tried jonanv's site using just personal at the end of his site's url . I got redirected to the index page and I didn't get banned.

Edited by artstyle

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×