Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
X
New Member
New Member


Joined: Sep 03, 2003
Posts: 5

PostPosted: Thu Mar 11, 2004 9:27 am Reply with quote

Hello;

A rival site in my country has basically declared war on me and people from their site come to mine to ruin it. I have deleted a lot of accounts and they just keep coming, which gives me the idea to ip ban their site so they leave me alone.

Do you know of an application that is for nuke that can help me with this?

X
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Thu Mar 11, 2004 10:50 am Reply with quote

The surest and simplest way to ban by IP is to add them to your .htaccess file.
 
View user's profile Send private message
X
PostPosted: Thu Mar 11, 2004 12:50 pm Reply with quote

Raven wrote:
The surest and simplest way to ban by IP is to add them to your .htaccess file.


I don't know how to do that... Sad

Can you explain a bit?
 
Raven
PostPosted: Thu Mar 11, 2004 1:00 pm Reply with quote

Determine if you already have a .htaccess file in your nuke root directory. The file is hidden by default from most ftp clients. Check your documentation for your client as to how to display the file. You should have a way to pass a start-up string to your client. The string is normally -la .

If you don't have one, create one with a good editor, like Textpad. Then add the Apache directives to block the IP's like this:

Deny from 42.234.84.112
Deny from 65.74.123

The second one will block all IP's from 65.74.123.000-65.74.123.999 . Unless the IP's are static, using the first one will not accomplish much. I highly recommend the second one and sometimes even use this

Deny from 65.74

When you are done just ftp the file to your root web directory.
 
X
PostPosted: Thu Mar 11, 2004 1:22 pm Reply with quote

Raven wrote:
Determine if you already have a .htaccess file in your nuke root directory. The file is hidden by default from most ftp clients. Check your documentation for your client as to how to display the file. You should have a way to pass a start-up string to your client. The string is normally -la .

If you don't have one, create one with a good editor, like Textpad. Then add the Apache directives to block the IP's like this:

Deny from 42.234.84.112
Deny from 65.74.123

The second one will block all IP's from 65.74.123.000-65.74.123.999 . Unless the IP's are static, using the first one will not accomplish much. I highly recommend the second one and sometimes even use this

Deny from 65.74

When you are done just ftp the file to your root web directory.


ok and how do I find out the ip the user is using? also do you know how to use the ban control in the forum configuration?
 
paranor
Worker
Worker


Joined: Aug 28, 2003
Posts: 227

PostPosted: Thu Mar 11, 2004 9:22 pm Reply with quote

I use a module called protector that gives me granular control over the system. It's very easy to install. Only registered users can see links on this board! Get registered or login! It keeps track historically of all IP's and what user ID they are assigned to.

Or...all posts to the discussion board should show the IP address to the board administrator. You can ban bassed on that.

Or....there might be a mod out there that customizes the registration so that an IP address is logged. EDIT: Found this: Only registered users can see links on this board! Get registered or login!


I would start with #1 and/or #2 first.
 
View user's profile Send private message
Raven
PostPosted: Thu Mar 11, 2004 10:10 pm Reply with quote

Keep in mmid though that those programs add overhead and also require that the person already is in your site. Using the .htaccess file keeps them out at the server level as well as the application level.
 
paranor
PostPosted: Thu Mar 11, 2004 10:25 pm Reply with quote

Good point. the banning IP's are stored in MYSQL. I think the other parts of the program are now available in the ms-ananlsysi program I just installed. maybe it's time to uninstall that. Smile
 
Rikk03
Worker
Worker


Joined: Feb 16, 2004
Posts: 164

PostPosted: Sat Mar 13, 2004 6:52 am Reply with quote

Do you have a cpanel? If so you can just ban them via that.

How does that work anyway ......does it generate new lines in the .htaccess file?
 
View user's profile Send private message
Raven
PostPosted: Sat Mar 13, 2004 7:21 am Reply with quote

Yes, it just adds lines to the cPanel so you are accomplishing the same thing.
 
X
PostPosted: Sat Mar 13, 2004 8:00 am Reply with quote

paranor wrote:
I use a module called protector that gives me granular control over the system. It's very easy to install. Only registered users can see links on this board! Get registered or login! It keeps track historically of all IP's and what user ID they are assigned to.

Or...all posts to the discussion board should show the IP address to the board administrator. You can ban bassed on that.

Or....there might be a mod out there that customizes the registration so that an IP address is logged. EDIT: Found this: Only registered users can see links on this board! Get registered or login!


I would start with #1 and/or #2 first.


Could you make me an easy step by step on how to install protector. Because every time I install it I get a blank screen when I try to install using the install_block.php.

If it is not too much trouble post it here or to my e-mail x@zonaxboxcom

Thanks!

X
 
paranor
PostPosted: Sat Mar 13, 2004 10:31 am Reply with quote

ahhh - I follow the install instructions and I did it last fall. So I don't have that memorized.
 
Rikk03
PostPosted: Sat Mar 13, 2004 10:34 am Reply with quote

Have you read your PM paranor - if so please respond to it
 
CodyG
Life Cycles Becoming CPU Cycles


Joined: Jan 02, 2003
Posts: 712
Location: Vancouver Island

PostPosted: Sat Mar 13, 2004 10:16 pm Reply with quote

I'm using Protector... I love it. I also use MSAnalysis. I found Protector to be one of those difficult installs, but eventually it worked and I would not be without it or a reasonable facsimile in the future. On my closed site it attempts to prevent multiple accounts for the same user.

Did I ever tell anyone around here the story of Sybil Online? Rolling Eyes
 
View user's profile Send private message
Rikk03
PostPosted: Sun Mar 14, 2004 2:21 am Reply with quote

Has anyone worked out a system to block large numbers of ip addresses - lists of hacker ips

I know nukecops had a perl script that you install on your server after which it every time there is a hack attempt in nukecops community then the script checks an url on the nukecops server and the hacker gets banned from all the servers with the script.

Ive got the script somewhere ........see if i can find it
 
MissVicky
New Member
New Member


Joined: Mar 23, 2004
Posts: 21

PostPosted: Tue Mar 23, 2004 2:33 pm Reply with quote

In 'ADDITION' to the PROTECTOR module, you may also want to consider the APPROVE MEMBERSHIP module which will allow you to approve/disapprove user applications.

I use it on 7.0 for a team website and it works wonderfully. You can find it at Only registered users can see links on this board! Get registered or login!

Best Regards,
Miss Vicky
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©