phpBB2Refugees.com Logo
Not affiliated with or endorsed by the phpBB Group

Register •  Login 

Continue the legacy...

Welcome to all phpBB2 Refugees!Wave Smilie

This site is intended to continue support for the legacy 2.x line of the phpBB2 bulletin board package. If you are a fan of phpBB2, please, by all means register, post, and help us out by offering your suggestions. We are primarily a community and support network. Our secondary goal is to provide a phpBB2 MOD Author and Styles area.

[BETA] Stupid Bots 0.2.0

Goto page Previous  1, 2, 3  Next
 
Search this topic... | Search MOD Development... | Search Box
Register or Login to Post    Index » MOD Development  Previous TopicPrint TopicNext Topic
Author Message
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Fri Apr 10, 2009 3:10 pm 
Post subject: Re: Stupid Bots 0.1.0

That's perfectly reasonable. I'll work on the changes mentioned over this weekend.
_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Tue Apr 14, 2009 10:28 am 
Post subject: Re: Stupid Bots 0.2.0

Version 0.2.0 is now released, incorporating the changes we have discussed thus far.
_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Tue Apr 14, 2009 1:02 pm 
Post subject: Re: Stupid Bots 0.2.0

A minor point I know but the install.txt file is included both directly in the zip and within the directory inside the zip.
I have added the mod and will watch the mod_security logs to see if there is a reduction in attempts to compromise the server that are blocked by it.
It should have that effect by blocking some of the unusual characters.

Jim

Within a few minutes of installation I had a phone call from someone saying they could not connect to my site and had the following error message.

Quote:
The website declined to show this web page.


He said he was using IE7 so I also accessed the site with IE7 without problems.
He has the same ISP as myself. I went through his security settings in his browser with him and they matched mine.

Ideas??
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Tue Apr 14, 2009 2:56 pm 
Post subject: Re: Stupid Bots 0.2.0

Jim_UK wrote:
A minor point I know but the install.txt file is included both directly in the zip and within the directory inside the zip.

Thank you. I have fixed that.

Quote:

He said he was using IE7 so I also accessed the site with IE7 without problems.
He has the same ISP as myself. I went through his security settings in his browser with him and they matched mine.

Ideas??

It would be nice if you or he could return the HTTP error code. I'm guessing it's a 403, though.

IE7 ought to be connecting with HTTP/1.1 requests, and if he has the same ISP as you, then he shouldn't be using a proxy, but it could be that he is. I'm sorry you're having so much trouble! icon_redface.gif

As a trouble-shooting kit, put on your server a PHP script which contains just this code:
Code:
<?php print_r($_SERVER)
and have the victim send to you its output. It should show the server protocol, whether a proxy is being used, the request URI, and the user agent. Once we see those data, then we can tell which one is falsely triggering the Stupid Bots code.
_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Wed Apr 15, 2009 5:08 am 
Post subject: Re: Stupid Bots 0.2.0

I got the guy to do the job and compared his result with mine. I have seen the problem but not sure how it arose. He accesses the site by clicking a link in "favourites".

Mine
[HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.2)

His
[HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; GTB5; .NET CLR 1.1.4322; .NET CLR 2.0.50727)


Jim
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Wed Apr 15, 2009 9:42 am 
Post subject: Re: Stupid Bots 0.2.0

Jim_UK wrote:
I got the guy to do the job and compared his result with mine. I have seen the problem but not sure how it arose. He accesses the site by clicking a link in "favourites".

Mine
[HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.2)

His
[HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; GTB5; .NET CLR 1.1.4322; .NET CLR 2.0.50727)


Jim


FunWebProducts, that's it. I'm doing a Google search on it. It doesn't appear benign.

It's on the blacklist, as you no doubt know, so I suppose the immediate solution would be to remove it.

_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Wed Apr 15, 2009 10:23 am 
Post subject: Re: Stupid Bots 0.2.0

It seems as though that application gets added when you chose to add some toolbars. Ask Jeeves is one in question. Whether it is actually spy ware or not is a moot point but I envisage that lots of folks will have it added without their knowledge.
I have the "Bots Mod" installed and I see that in user agents daily. It is identified by the mod as having bot like actions.

Quote:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; GTB5; .NET CLR 1.1.4322; .NET CLR 2.0.50727)

Another from earlier today.
I could remove the funwebs from the array as that would be easier than answering all the calls for help from countless users that can not log in but how many of the others in the array might occur not because it is a free roaming bot but because some legitimate member has added some software that includes the relevant spyware?

Jim
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Wed Apr 15, 2009 11:35 am 
Post subject: Re: Stupid Bots 0.2.0

Jim_UK wrote:
how many of the others in the array might occur not because it is a free roaming bot but because some legitimate member has added some software that includes the relevant spyware?

Jim

Probably not a whole lot more, if even one. But in your case, you might do well skipping that check. Denying HTTP/1.0 connections seems to do just as much good.

_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Wed Apr 15, 2009 1:47 pm 
Post subject: Re: Stupid Bots 0.2.0

I am intrigued by those two PHP files.
Neither has the closing "?>" and yet clearly do work.
Is it a protocol that can be just ignored - it clearly gets around the mistake that can occur when there is anything including spaces that follows it.

Jim
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Wed Apr 15, 2009 2:57 pm 
Post subject: Re: Stupid Bots 0.2.0

Jim_UK wrote:

Is it a protocol that can be just ignored - it clearly gets around the mistake that can occur when there is anything including spaces that follows it.

Yes, and that's one of the reasons.

The closing ?> is just to let you go back to HTML mode if you're mixing the two. But if your file is entirely PHP, then there is no need for it.

However, it makes a good end of file marker for checking if a file was accidentally truncated. Some developers put a comment such as //EoF to make the end of the file.

_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
JLA
Board Member



Joined: 30 Apr 2009

Posts: 451
Location: U.S.A


flag
PostPosted: Thu May 28, 2009 1:04 am 
Post subject: Re: Stupid Bots 0.2.0

Installed this mod getting a 400 Bad Request error everytime I try to visit the site. Have temporaily disabled it in the meantime.
_________________
http://www.jlaforums.com
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Sat May 30, 2009 3:06 pm 
Post subject: Re: Stupid Bots 0.2.0

JLA wrote:
Installed this mod getting a 400 Bad Request error everytime I try to visit the site. Have temporaily disabled it in the meantime.

What are the URL's like? The bad request error only comes up if the URL has characters such as comma, semicolon, asterisk, or other non-standard characters in it.

_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
JLA
Board Member



Joined: 30 Apr 2009

Posts: 451
Location: U.S.A


flag
PostPosted: Sat May 30, 2009 5:31 pm 
Post subject: Re: Stupid Bots 0.2.0

Dog Cow wrote:
JLA wrote:
Installed this mod getting a 400 Bad Request error everytime I try to visit the site. Have temporaily disabled it in the meantime.

What are the URL's like? The bad request error only comes up if the URL has characters such as comma, semicolon, asterisk, or other non-standard characters in it.


I just typed in http://www.jlaforums.com

_________________
http://www.jlaforums.com
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Mon Jun 01, 2009 4:52 pm 
Post subject: Re: Stupid Bots 0.2.0

JLA wrote:
Dog Cow wrote:
JLA wrote:
Installed this mod getting a 400 Bad Request error everytime I try to visit the site. Have temporaily disabled it in the meantime.

What are the URL's like? The bad request error only comes up if the URL has characters such as comma, semicolon, asterisk, or other non-standard characters in it.


I just typed in http://www.jlaforums.com

Well, I have two ideas for what the problem is:

1.) the $_SERVER['REQUEST_URI'] super-global does not exist.

OR

2.) it does exist, but it's empty

So try this:

Make a little test PHP script on your server and put in it the following code:
Code:
<?php print_r($_SERVER);

Now execute the script and see if the 'REQUEST_URI' index is being filled.

No matter what, open the includes/stupid_bots.php file and change this line:
Code:
if ( ! preg_match("|^[".preg_quote('a-z 0-9~%._+/=?&-')."]+$|i", $_SERVER['REQUEST_URI']))


to look like this:
Code:
if ( isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI']) && !preg_match("|^[".preg_quote('a-z 0-9~%._+/=?&-')."]+$|i", $_SERVER['REQUEST_URI']))

That should solve both problems one and two, of it being empty or not existing.

_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield ILMac 512K BlogMac GUI
Back to top
JLA
Board Member



Joined: 30 Apr 2009

Posts: 451
Location: U.S.A


flag
PostPosted: Mon Jun 01, 2009 5:07 pm 
Post subject: Re: Stupid Bots 0.2.0

Ok, installed and tested the script. Quite a bit came up. What specifically should I be looking for in this?

Thanks

_________________
http://www.jlaforums.com
Back to top
Display posts from previous:   
Register or Login to Post    Index » MOD Development  Previous TopicPrint TopicNext Topic
Page 2 of 3 All times are GMT - 4 Hours
Goto page Previous  1, 2, 3  Next
 
Jump to:  

Index • About • FAQ • Rules • Privacy • Search •  Register •  Login 
Not affiliated with or endorsed by the phpBB Group
Powered by phpBB2 © phpBB Group
Generated in 0.0607 seconds using 16 queries. (SQL 0.0095 Parse 0.0012 Other 0.0499)
phpBB Customizations by the phpBBDoctor.com
Template Design by DeLFlo and MomentsOfLight.com Moments of Light Logo