Blocking hackers

using the internal security "block ip"

Hi all, it been a long time since i posted and im very sorry… and i guess this is just a heads up for those who are using a bit more security measurs then normal…
it is a bug
if you use the Block ip section of the website it works like a charm
it blocks them all out!  it does need a lil help put in the .htaccess file   like

	

		
Code

		
		
# BLOCK PROXY VISITS
# PerishablePress.com: http://bit.ly/12k6Uo

 RewriteEngine on
 RewriteCond %{HTTP:VIA}                 !^$ [OR]
 RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
 RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
 RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
 RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
 RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
 RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
 RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
 RewriteRule .* - [F]

	

and if you really want to get tough then ad this to your   file…. but also beware that it is very hard to get by this and could very easily block yourself out
To stop tough proxy visits from sites like hidemyass.com, add the following slice of finely craftedPHP to the top of your   file:
 

	

		
Code

		
		
<?php if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("Proxy access not allowed"); ?>
	

If you’re not using WordPress, just place the code at the top of your web page(s). No editing is necessary, so just add the code, upload the file, and done. You can check that it works by visiting your site via your favorite proxy service. If it works, access will be denied.

This method works for me on a Linux server running Apache 2.2.3, MySQL 5.0, and PHP 5.2.6. It should work on similar setups as well, but your results may vary depending on your server configuration.



the second measure i dont use because i get the list of several thousand TOR exit nodes and copy and paste that into the block ip section.

now for the BUG
i have found that doing this or even without using either one of them  mentioned above… after i ad my ip block list it works great but if you double check when you go there using a TOR browser you get a bailing out msg and it indicates with the link to you config_editor.php
showing the hackers where to go to keep using sources to hack your system directly

so everyone please be safe
and have fun

Hi,

I've fixed the rendering of your post, it was basically struggling with nested <pre> tags, but should be fine now, sorry about that.

Some of the instructions there I think are for Wordpress. It's probably not a great idea to ban proxies because lots of innocent people may be on them. I know AOL used to proxy lots of people, don't know about their current status.

Regarding the bug, I agree with you. It's not a security hole because it's strongly password protected, but if we ban a user we shouldn't be pointing them to the config editor in the error, it's at the very least weird.

I have to agree with you that we should not ban proxies on a normal basis.repeat NORMAL
for example... if someone made a portal for a  bitcoin website? and because many of the people that use the website make double and triple accounts.  using the tor network - so obviously they will get the giveaways two three four or more time making it less attractive to the other users.  by blocking the proxies like TOR network you reduce that situation drasticly. it already a well known fact that this is widly practiced in the bitcoin community and it is also a wide practice that on all faucets this is strictly enforced and not only are the proxies but all vpn and everything else possible is banned from their sites where they give free coins to people .
while they abuse it they find its very hard to get thru a few of those walls.
pointing then to a strongly password protected file is still offering directions to where to start hacking.
as we speak there are several website that hare having DDOS or whatnot , many of those website are HUGE  exchanges where thousands of people go to exchange their bitcoins and ect...
i agree that if taking the just precautions that should not happen and pointing them in the direction of where to start isnt good either.
they are a very hard croud
and to say the least "ruthless".
as the old saying goes better safe then sorry right? 
would there be any possible way of sending them to a page that is customizable and not directly linked to 3 or 4 pages of the site where thay actually could do damage?

Fair enough .

If you make a folder 'critical_errors' and a file '_critical_error.html', then that HTML file gets served instead of the standard messages, and errors are dumped into new files in the folder. This is a new feature in v10 I believe.

it does serve a blank whitepage, and filles the folder full of log pages a few hundred. but does not render the page  '_critical_error.html'
in any case it is still 100% better then offering them sensitive links
thanks again

on the site is now showing this error
A language string is missing: ADD_DOWNLOAD
it was not present prior
any idea when we can start seeing the lang files back like in version 9.0.2x...?
its annoying to see this every time a person from a different place is on the site and trying to use their mother language using google translator

it does serve a blank whitepage

It should be doing a redirect, maybe you have meta redirects disabled somehow.

on the site is now showing this error
A language string is missing: ADD_DOWNLOAD

Are you running RC10, or an older version? I think we fixed this already.

any idea when we can start seeing the lang files back like in version 9.0.2x…?
its annoying to see this every time a person from a different place is on the site and trying to use their mother language using google translator

I'm not sure what you mean. We never distributed translations with ocPortal, it was always necessary to install the packs from community translations - and nothing has changed there except now the community translation is hosted on Transifex instead of Launchpad. All the documentation regarding translations is updated and expanded.

Slightly related, this may be useful in the .htaccess file too. Blocks some of the well known nefarious bots and site rippers from harvesting email addresses, etc. Will save on bandwidth if any of these are visiting your site too.

Block Bad Bots

RewriteEngine On 
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Zeus 
RewriteRule ^.* - [F,L]