Jump to content

Archived

This topic is now archived and is closed to further replies.

obcbeatle

IP Trap Question

Recommended Posts

I modified the index.php file that came with IP Trap with my info on lines 15, 50 & 52. But now what? The instructions say upload to my personal folder. By that does it mean upload and replace my existing osC root index.php (after I back it up) ? If so, I did that, but got errors so put back my original index.php. I'm just not sure I'm following the directions correctly. Sorry for the ignorance. Thanks!

 

PS: Line 52 says CHANGE THIS TO YOUR OWN URL. I did but I currently have no blocked.php file. Does blocked.php get created/written or do I have to create it? Again sorry for my confusion.

Share this post


Link to post
Share on other sites

Hello

You trap consists of a few folder and php files.

The directory tree should be preserved, which means that the includes / secret.php goes to your ready existing includes folder, essentially you are adding a file to the includes folder the banned and personal folder goes either inside your catalog folder or if you do not have one then it goes in the root directory.

 

Then you need to edit the application_top.php with one line of code.

The only thing i can think of is that you are trying to upload the update i added a while back on its own?

If this is correct then you have to download the previous complete package and install and then update.

 

 


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

here is a link to the add on forum

http://forums.oscommerce.com/index.php?showtopic=340290

Ahhh...per your previous post it sounds like I did NOT get the complete package! What I downloaded had no reference to creating files or the structure (secret.php, etc). I'm still looking for the complete package. I will post here if I can't find it and/or when I have success. Thanks for the help and the quick reply!

Share this post


Link to post
Share on other sites

Ahhh...per your previous post it sounds like I did NOT get the complete package! What I downloaded had no reference to creating files or the structure (secret.php, etc). I'm still looking for the complete package. I will post here if I can't find it and/or when I have success. Thanks for the help and the quick reply!

 

OK...got IP Trap installed. I put my IP in IP_Trapped.txt to test, but was still able to access my osC. Is there a better way to test this? Thanks!

Share this post


Link to post
Share on other sites

OK...got IP Trap installed. I put my IP in IP_Trapped.txt to test, but was still able to access my osC. Is there a better way to test this? Thanks!

 

Hiya,

Well done for getting this far :-)

Now if its installed correctly, and dont miss that bit you have to add to the application_top.php!

You should only need to go to www.yoursite.com/personal ( replace yousite with your actual site URL, and i m assuming that the site is not in the catalog folder still, if it is then the url will be www.yoursite.com/catalog/personal)

This will / should get you banned

Nic


Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Share this post


Link to post
Share on other sites

Hiya,

Well done for getting this far :-)

Now if its installed correctly, and dont miss that bit you have to add to the application_top.php!

You should only need to go to www.yoursite.com/personal ( replace yousite with your actual site URL, and i m assuming that the site is not in the catalog folder still, if it is then the url will be www.yoursite.com/catalog/personal)

This will / should get you banned

Nic

Excellent! 2 browsers I tried (Safari and Firefox) got banned from my ip (I received the emails) and MSIE, while not failing yet, is being blocked (interesting how MSIE keeps trying and has yet to timeout). Anyway...thanks for your assistance! Now on to the .htaccess add-ons...

Share this post


Link to post
Share on other sites

Did you get any further with this?

 

I downloaded the IP trap and all it had was a personal/index.php and a install.txt

 

I've uploaded it a tested it. I got the following message:

 

Warning: file(DOCUMENT_ROOT/../../banned/Whitelist.txt) [function.file]: failed to open stream: No such file or directory in /home/offthera/public_html/catalog/personal/index.php on line 9

 

Warning: Invalid argument supplied for foreach() in /home/offthera/public_html/catalog/personal/index.php on line 11

 

Warning: file(DOCUMENT_ROOT/../../banned/IP_Trapped.txt) [function.file]: failed to open stream: No such file or directory in /home/offthera/public_html/catalog/personal/index.php on line 19

 

Warning: Invalid argument supplied for foreach() in /home/offthera/public_html/catalog/personal/index.php on line 21

 

Warning: fopen(DOCUMENT_ROOT/../../banned/IP_Trapped.txt) [function.fopen]: failed to open stream: No such file or directory in /home/offthera/public_html/catalog/personal/index.php on line 35

 

Warning: flock() expects parameter 1 to be resource, boolean given in /home/offthera/public_html/catalog/personal/index.php on line 36

 

Warning: Cannot modify header information - headers already sent by (output started at /home/offthera/public_html/catalog/personal/index.php:9) in /home/offthera/public_html/catalog/personal/index.php on line 52

Share this post


Link to post
Share on other sites

Sarah,

 

When downloading contributions, always download and install a FULL PACKAGE before downloading patches or updates. The full package includes the whitelist.txt file that is causing the error saying it is missing.

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

"If you do not do this the Trap will not work : Open File

catalog / includes / application_top.php around line 56 add

 

// include the IP Trap

require(DIR_WS_INCLUDES . 'secret.php');

Save the file and Close"

 

Hello, regarding the modification on application_top.php, could you show the code just above and below where the "require" instruction should be added?

 

This is because line number (56) alone is not sufficient as I have integrated (as many people have I guess) a number of mods on stock osc that change the line numbering, plus I started with an oscss version.

 

That being said, thanks for this great piece of work! :)

 

This is my line 56 in application_top:

 

/**

* Forcefully disable register_globals if enabled

*

* Based from work by Richard Heyes (http://www.phpguru.org)

*/

 

if ((int)ini_get('register_globals') > 0) {

if (isset($_REQUEST['GLOBALS'])) {

die('GLOBALS overwrite attempt detected');

}

// This is line 56

$noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');

 

$input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) ? (array)$_SESSION : array());

Share this post


Link to post
Share on other sites

Try after this code:

 

// include the list of project filenames
 require(DIR_WS_INCLUDES . 'filenames.php');


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Sarah,

 

When downloading contributions, always download and install a FULL PACKAGE before downloading patches or updates. The full package includes the whitelist.txt file that is causing the error saying it is missing.

 

 

Chris

 

 

Thanks Chris, this explains a lot! I've now managed to install site monitor, htaccess, and security pro. I've installed the complete package of IP trap. I put my ip address on the whitelist, I went to http://www.offtherackweddingdresses.com.au/catalog/blocked.php'>http://www.offtherackweddingdresses.com.au/catalog/blocked.php and recieved an email to say my IP was blocked. My ip address also ended up on the ip_trapped list. I then went to http://www.offtherackweddingdresses.com.au/catalog and could still access it. I then asked my husband to try from work. He got the blocked message but could still access the http://www.offtherackweddingdresses.com.au/catalog url also. In his instance, I didn't recieve an email. Now I'm not sure if it's set up correctly or not. I've since deleted my ip address from the ip_trapped list as I saw the note about making sure an IP address isn't on both lists. Hope this question doesn't drive you nuts.

 

regards,

Sarah

Share this post


Link to post
Share on other sites

Sarah,

 

I don't think you have installed it correctly as I 'poked around' your site pretty hard and didn't get blocked. Ensure you have the paths correct in the /personal/index.php file

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

Sarah,

 

I don't think you have installed it correctly as I 'poked around' your site pretty hard and didn't get blocked. Ensure you have the paths correct in the /personal/index.php file

 

 

Chris

 

Thanks Chris,

 

I think I've found the problem. I pasted this

 

// include the IP Trap

require(DIR_WS_INCLUDES . 'secret.php');

 

into the correct file, but all the code went onto one line which I believe makes the code invalid? I've rectified it and tried and I have now blocked myself from the /catalog folder. I think I read somewhere on this forum that you can apply the same ip trap to your admin function?

Share this post


Link to post
Share on other sites

I have downloaded IP Trap version 5.2.

 

I have just a few questions before i go ahead and add it to my database.

 

It's about the robots file and changing the personal file name to admin.

 

If You do rename your personal folder to something else please ensure you also

alter the robots.txt file too ....

From

Disallow: /personal/

To whatever you call the folder.

 

This fine but what about the other admin located in the robots text file? Just delete it?

 

Disallow: /includes/

Disallow: /cgi-bin/

Disallow: /personal/

Disallow: /admin/

 

Also what does this mean below? Do i place the robots.txt file in the folder that i have called my store

for example Catalogue. Or is it to be placed in the folder (above) that which contains my store?

And since my store is in catalogue i need to adjust all the robot entrys to catalogue/ cgi-bin/ ..or.. catalogue/includes... is this correct?

 

Your robots.txt file needs to be in the ROOT of your store regardless where your actual store is

i/e catalog, shop, store, market, etc... and you need to alter the robots text to suit, so if your store is in catalog

your robots.txt looks like

Disallow: /catalog/personal/

 

And finally in the personal folder of the IP Trap are the htaccess files, do they need to altered in any way because i have changed the name of the personal folder to admin?

I would assume they need changing to admin/index?

 

ErrorDocument 403 /personal/index.php

ErrorDocument 401 /personal/index.php

ErrorDocument 500 /personal/index.php

ErrorDocument 400 /personal/index.php

ErrorDocument 404 /personal/index.php

 

I just want to make sure i have understood what is required to make the changes and hopefully get it right first time. These questions may seem completely obvious to an expert but i'm barely a novice!!

Share this post


Link to post
Share on other sites

I would assume the principle that IP Trap is employing is about banning anything that breaks the code of ethics.

 

Disallow: /admin/ for example is telling net miners not to index the directory called admin, if they do then, ip trap has a surprise waiting for them.

 

You could if you wanted to, have some fun with attackers by copying the contents of the personal directory to directories using some rather more compelling names like

 

www.yoursite.com/passwords/

www.yoursite.com/phpmyadmin/

www.yoursite.com/creditcards/

 

Disallow: /passwords/

Disallow: /phpmyadmin/

Disallow: /creditcards/

 

Any ethically programmed automated site miners will disregard those directories because that is the general rule to do so. Any miners or attackers that try to access those directories will get banned by IP Trap.

 

That is how I understand the principle that is behind this addon.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

×