Advertisement:

Author Topic: Forum Firewall  (Read 304236 times)

Offline Alex' Manson

  • Full Member
  • ***
  • Posts: 506
  • Gender: Male
  • dead and gone!
    • Sisko Hosting - FREE|PAID Hosting
Re: Forum Firewall
« Reply #500 on: July 26, 2011, 11:53:43 PM »
added it, will see how ti goes.

Offline digit

  • Sophist Member
  • *****
  • Posts: 1,364
  • Gender: Male
Re: Forum Firewall
« Reply #501 on: July 28, 2011, 04:49:37 AM »
Hi again Butchs,

Well, I have the firewall installed ...  but I see one entry in the log with the IP listed as "Keep-Alive"...  that was banned for a DOS attack.

However, that ban has no triggers...  so it seems pretty useless!

I would hate to have a lot of useless bans to delete!

What can be done about that.

Thanks again,
digit
Happily using a heavily modified 1.1.16 version of SMF!

2748011 Posts in 320998 Topics by 50986 Members


SOLD my website - thanks it was a good run - they converted to vbadvanced. (and screwed it up good!)

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #502 on: July 28, 2011, 05:26:05 AM »
About all you can do is turn ban to never and let it block for the cache duration. 
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline digit

  • Sophist Member
  • *****
  • Posts: 1,364
  • Gender: Male
Re: Forum Firewall
« Reply #503 on: July 28, 2011, 05:53:33 AM »
Thanks...   in reference to DOS attacks...   what happens if a post has 20 images?

Will all those requests be considered as one?
« Last Edit: July 28, 2011, 10:32:29 AM by digit »
Happily using a heavily modified 1.1.16 version of SMF!

2748011 Posts in 320998 Topics by 50986 Members


SOLD my website - thanks it was a good run - they converted to vbadvanced. (and screwed it up good!)

Offline Ilkharnos

  • Jr. Member
  • **
  • Posts: 128
  • Gender: Male
    • Kara Miğfer Hanı
Re: Forum Firewall
« Reply #504 on: July 28, 2011, 10:44:44 AM »
Hello,

My site was attacked and it became useless. Thank god I had made a backup so I managed to restore it. For a better protection, I started to use this mod. I'm not good at security and coding business, so I checked the tick boxes of some options (safe ones, which I don't completely understand what they do) and enabled the mod. Then I got this:

SECURITY RISK: MAGIC_QUOTES ARE ON!

Can you tell me how I can use this mod effectively and how to overcome this problem?

Thank you for your assistance.

Regards.

Offline Tony Reid

  • SMF Friend
  • SMF Hero
  • *
  • Posts: 4,151
  • Gender: Male
    • @AbsoluteBreeze on Twitter
    • www.fertilityfriends.co.uk
Re: Forum Firewall
« Reply #505 on: July 28, 2011, 10:48:19 AM »
Ask your host to disable it... alternatively stick this line in .htaccess

php_flag magic_quotes_gpc Off

Tony Reid


My Big Board
www.FertilityFriends.co.uk/forum - An SMF powered forum with over 5 million posts

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #506 on: July 28, 2011, 06:12:16 PM »
Thanks...   in reference to DOS attacks...   what happens if a post has 20 images?

Will all those requests be considered as one?

20 images?  Why so many in one post?  Not sure...  Maybe if your dos setting is too low.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline digit

  • Sophist Member
  • *****
  • Posts: 1,364
  • Gender: Male
Re: Forum Firewall
« Reply #507 on: July 28, 2011, 06:42:04 PM »
Thanks...   in reference to DOS attacks...   what happens if a post has 20 images?

Will all those requests be considered as one?

20 images?  Why so many in one post?  Not sure...  Maybe if your dos setting is too low.

Well, every site is different - I was just wondering if images embedded within posts are counted as hits... could be an issue....   possibly for me...    I think I have a limit of 10 images per post - of which - maybe 1% of my posts contain that many - just hate to be banning people for browsing.



Happily using a heavily modified 1.1.16 version of SMF!

2748011 Posts in 320998 Topics by 50986 Members


SOLD my website - thanks it was a good run - they converted to vbadvanced. (and screwed it up good!)

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #508 on: July 28, 2011, 08:08:28 PM »
Not sure but you can test by logging in as a regular member and posting 10 images.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline bruce86

  • Jr. Member
  • **
  • Posts: 135
Re: Forum Firewall
« Reply #509 on: July 30, 2011, 08:40:21 PM »

Offline Alex' Manson

  • Full Member
  • ***
  • Posts: 506
  • Gender: Male
  • dead and gone!
    • Sisko Hosting - FREE|PAID Hosting
Re: Forum Firewall
« Reply #510 on: July 30, 2011, 11:57:34 PM »
Help me!!
http://www.passiongames.it/forum/index.php
 :'(

the bypass settings were messed up, i was blocked too for bypass attempt ! 403.

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #511 on: July 31, 2011, 07:48:01 AM »
BYPASS PROTECTION HELP

If you made an error read this post to correct access.

There are three settings to adjust.
  • Admin IP Low
  • Admin IP High
  • Admin Domain Name
The modification will install some default setting but they will need to be adjusted before enabling.  We will set up an example address.  The ip address will be ""67.195.112.83".

First you will want to do a whois on the address.

Quote
Network
NetRange   67.195.0.0 - 67.195.255.255
CIDR   67.195.0.0/16
Name   A-YAHOO-US8
Handle   NET-67-195-0-0-1
Parent   NET67 (NET-67-0-0-0-0)
Net Type   Direct Allocation
Origin AS   
Nameservers   NS2.YAHOO.COM
NS1.YAHOO.COM
NS5.YAHOO.COM
NS4.YAHOO.COM
NS3.YAHOO.COM

The IP low and High is the beginning and end of the netrange where your ip can be located.

Here I choose:
Admin IP Low can be  "67.195.0.4"
Admin IP High can be "67.195.255.254"

Why did the "Admin IP Low" start at x.x.x.4?
  • x.x.x.0   Is the automatically assigned network address.
  • x.x.x.1   Used as the gateway address.
  • x.x.x.2   Used for addresses within the gateway.
  • x.x.x.3   Addresses beyond 3 are used for users.
Admin IP High end at x.x.x.254?
  • x.x.x.255   The broadcast address.
You should narrow it down further the only be the range of ip addresses you will access the forum.  If you have a fixed ip address then both low and high are the same.

If you check your DNS record for the same ip you will get:
Quote
Retrieving DNS records for b3091163.crawl.yahoo.net...
DNS servers
ns3.yahoo.com
ns4.yahoo.com
ns1.yahoo.com
ns5.yahoo.com
ns2.yahoo.com

Answer records
b3091163.crawl.yahoo.net      A   67.195.112.83   7200s

Authority records
crawl.yahoo.net      NS   ns3.yahoo.com   172800s
crawl.yahoo.net      NS   ns5.yahoo.com   172800s
crawl.yahoo.net      NS   ns2.yahoo.com   172800s
crawl.yahoo.net      NS   ns4.yahoo.com   172800s
crawl.yahoo.net      NS   ns1.yahoo.com   172800s

The "Admin Domain Name" is a shortened version of the "A or Answer record".

You want to take part of the right end of this record.  The part that does not change.  Usually after a dash or before a weird number.  Too much and/or too little can be an problem.  In this example I would use "crawl.yahoo.net" as the "Admin Domain Name".
 :)
« Last Edit: July 31, 2011, 08:31:36 AM by butchs »
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline bruce86

  • Jr. Member
  • **
  • Posts: 135
Re: Forum Firewall
« Reply #512 on: July 31, 2011, 08:25:47 AM »
I can not find phpmyadmin. :-\

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #513 on: July 31, 2011, 08:28:54 AM »
You need to log in your hosts cpanel.  If you do to know what I am talking about contact your host.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline bruce86

  • Jr. Member
  • **
  • Posts: 135
Re: Forum Firewall
« Reply #514 on: July 31, 2011, 08:31:03 AM »
Why do this?

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #515 on: July 31, 2011, 08:39:37 AM »
I am trying to help you.  Yet you have taken a full circle.   :o

You blocked yourself because you did not follow instructions.  I have said many times do not enable the mod until after a few days and you are sure you are not going to block yourself.  You need to disable the mod and fix the settings before enabling it again.  If you have admin access simply uninstall and reinstall the mod.  But if you do not then you have to do it via phpmyadmin.

Read the post for how to do that.  Local host support is beyond my abilities.  Contact your host for how to access phpmyadmin.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline bruce86

  • Jr. Member
  • **
  • Posts: 135
Re: Forum Firewall
« Reply #516 on: July 31, 2011, 08:43:25 AM »
Ah ok..:) Thank you!..;)

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #517 on: July 31, 2011, 11:35:29 AM »
You're welcome.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Offline MiY4Gi

  • Full Member
  • ***
  • Posts: 523
  • Gender: Male
  • Mm...
    • MyAnimeClub.net
Re: Forum Firewall
« Reply #518 on: August 05, 2011, 05:12:09 PM »
What does the setting "Robots.txt action's" do?

What I want is to block any bots/crawlers that disobey my robots.txt file. Does this setting do that?

Also, is it possible to add an option in the firewall to block any users that browse too quickly or use excessive traffic in a short time?
« Last Edit: August 05, 2011, 05:45:39 PM by MiY4Gi »
Check out my new website, MyAnimeClub.net. I plan to create the largest anime community, and most fun and user-friendly anime forum in the world. It's still in the development stage though.

Offline butchs

  • SMF Hero
  • ******
  • Posts: 1,728
  • Lost 7GB bandwidth!
    • EastCoastRollingThunder
Re: Forum Firewall
« Reply #519 on: August 05, 2011, 08:08:27 PM »
What does the setting "Robots.txt action's" do?

What I want is to block any bots/crawlers that disobey my robots.txt file. Does this setting do that?

It is easy to spoof an ip.  If your properly set the robots file and test it at the google webmasters site, the good bots will follow it.  The bad ip spoofed bots will not and get blocked.  This options stopped a nasty ddos attack on my site.

Read this link on how.

Also, is it possible to add an option in the firewall to block any users that browse too quickly or use excessive traffic in a short time?

It is there already it is called the dos attack.  Set the trigger and cache to above 20 and it will take cars of them.  Whatever you do, do not go too low.
 ;)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.