0006087: It appears auto-banning in log_hack_attack_and_exit is not working for anyone - Composr CMS feature tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0006087	Composr	core	public	2024-12-24 03:57	2025-03-15 15:43

Reporter	Patrick Schmalstig	Assigned To	Patrick Schmalstig
Severity	Minor-bug
Status	resolved	Resolution	fixed
Product Version	11.beta7
Fixed in Version

Summary	0006087: It appears auto-banning in log_hack_attack_and_exit is not working for anyone
Description	It appears auto-banning in log_hack_attack_and_exit is not working for anyone. Several IP addresses on a site have exceeded the threshold and are not getting banned. Investigate this. Perhaps create a new .log for debugging this.
Tags	Roadmap: v11

Time estimation (hours)
Sponsorship open

admin 2025-03-15 15:43 administrator ~0009881	Automated response: It appears auto-banning in log_hack_attack_and_exit is not working for anyone After investigating, I noticed the cause of this was the cached negative bans being placed by the antispam system. I added a new parameter on add_ip_ban allowing a ban to be forced (which bypasses the spam exclusion list and all negative bans in place). The hack-attack forces it, any member-triggered areas of the UI to ban an IP forces it, and IP ban imports are also forced. Additionally, I adjusted the IP ban removal function to not delete hack-attack records from the database (but instead silence them from the staff log). We don't want those records going away completely (in case of criminal investigations), just not showing up on the UI nor counting towards risk scores.

admin 2025-03-15 15:43 administrator ~0009882	Fixed in Git commit 96b7b738b7 (https://gitlab.com/composr-foundation/composr/commit/96b7b738b7 - link will become active once code pushed to GitLab)

admin 2025-03-15 15:44 administrator	hotfix-6087, 2025-03-15 3pm.tar (865,792 bytes)

admin 2025-03-15 15:44 administrator ~0009883	A hotfix (a TAR of files to upload) has been uploaded to this issue. Only apply this hotfix if you absolutely need it and cannot wait until the next release of Composr (releases are more reliable and strictly tested). As of Composr version 11, the recommended way to apply a hotfix is by following the same steps as an upgrade (https://baseurl/upgrader.php, use the hotfix on the step “Transfer across new/updated files”). The upgrader will automatically skip files belonging to addons you do not have installed or that are newer on disk than in the hotfix. Otherwise, you can manually extract and replace these files (do not replace if your on-disk file is newer than the one in the hotfix). Always take backups of your site or at least files you are replacing before applying a hotfix. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/).

Date Modified	Username	Field	Change
2024-12-24 03:57	Patrick Schmalstig	New Issue
2024-12-24 03:57	Patrick Schmalstig	Status	non-assigned => assigned
2024-12-24 03:57	Patrick Schmalstig	Assigned To	=> Patrick Schmalstig
2024-12-24 03:57	Patrick Schmalstig	Tag Attached: Roadmap: v11