Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
Darrell3831
Worker
Worker


Joined: Feb 18, 2004
Posts: 244

PostPosted: Thu Jun 16, 2005 1:25 pm Reply with quote

Hi,

I set Sentinal up and activated the string match feature. I havent added to or taken away from the list of strings.

What's the logic behind blocking/banning this string?

Quote:
User ID: Anonymous (1)
Reason: Abuse-Harvest
String Match: mozilla/3.0 (compatible)
--------------------
User Agent: Mozilla/3.0 (compatible)


thanks,
Darrell

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Thu Jun 16, 2005 3:56 pm Reply with quote

It will/should match against the QueryString in a GET request. Keep in mind that Apache will parse it first, so if the url is not found it will error out before ever reaching NukeSentinel. You can test it by taking a valid url like Only registered users can see links on this board! Get registered or login! and adding a value pair to it, like Only registered users can see links on this board! Get registered or login! . Then in your string blocker settings, place the word testvar or Raven. NukeSentinel should trap it.
 
View user's profile Send private message
Darrell3831
PostPosted: Thu Jun 16, 2005 5:15 pm Reply with quote

Okay,

So someone had the string mozille/3.0 in the get request, or up in the URL??

Quote:
String Match: mozilla/3.0 (compatible)


and because they had that in there, were gonna block them... right?

thanks,
Darrell
 
Raven
PostPosted: Thu Jun 16, 2005 5:33 pm Reply with quote

That's not in a GET request. That's a User_Agent issue and would be regulated in the Harvester Blocker settings.
 
Darrell3831
PostPosted: Thu Jun 16, 2005 6:24 pm Reply with quote

I guess I'm right back where I started, why are we blocking this string?

My installation is straight out of the box. I did not make any manual changes to the data.

It's a string that was already there in the database.

I just don't understand how it's abusive..

Sorry, I don't get it.
 
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Thu Jun 16, 2005 7:10 pm Reply with quote

That is a known web ripping user agent. That is why it is blocked.

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Darrell3831
PostPosted: Thu Jun 16, 2005 7:43 pm Reply with quote

Thank you sir!!

I did'nt know...
 
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Fri Jun 17, 2005 5:23 am Reply with quote

Maybe this is also interesting :
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Darrell3831
PostPosted: Fri Jun 17, 2005 5:50 am Reply with quote

Thanks Susan,

That was an interesting read.... I've only heard about a couple of them.. (linkwalker, zeus, and download ninja) Most of the rest were news to me. Very Happy
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©