Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
oneunit
Regular
Regular


Joined: Feb 18, 2008
Posts: 94

PostPosted: Tue Feb 26, 2008 11:24 pm Reply with quote

User Agent: libwww-perl/5.65
Query String: Only registered users can see links on this board! Get registered or login!
Get String: Only registered users can see links on this board! Get registered or login!
Post String: Only registered users can see links on this board! Get registered or login!
Forwarded For: none
Client IP: none
Remote Address: 61.47.10.204
Remote Port: 49813
Request Method: GET
--------------------




were they trying to get in my db?
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Wed Feb 27, 2008 12:11 am Reply with quote

Yes. These are known issues that have been previously fixed.

One thing I would do is block libwww-perl, there are many posts on how to do this.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
oneunit
PostPosted: Wed Feb 27, 2008 12:52 am Reply with quote

thanks, i will search
 
oneunit
PostPosted: Wed Feb 27, 2008 12:54 am Reply with quote

no search criteria for them, can you post a link it?
 
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Wed Feb 27, 2008 1:12 am Reply with quote

See here: Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
oneunit
PostPosted: Wed Feb 27, 2008 1:20 am Reply with quote

is there anyway for me to ban all countries except for united states?
 
oneunit
PostPosted: Wed Feb 27, 2008 1:28 am Reply with quote

doesnt my nuke sentinel already block the list of them?
 
Doulos
Life Cycles Becoming CPU Cycles


Joined: Jun 06, 2005
Posts: 633

PostPosted: Wed Feb 27, 2008 11:38 am Reply with quote

In admin / nukesentinel - you click on "Import data" then choose "Import to Blocked Ranges". Then you choose the countries you want to block from the drop-down menu.
 
View user's profile Send private message
oneunit
PostPosted: Wed Feb 27, 2008 2:17 pm Reply with quote

do you reccommend my idea? blocking all countries except for united states. i only want united states members
 
evaders99
PostPosted: Wed Feb 27, 2008 2:28 pm Reply with quote

Note that IP ranges change frequently. One block may be transfered to other countries. So you'd have to keep your Sentinel IP2Country data fairly up-to-date so that you don't block innocent users.
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Wed Feb 27, 2008 2:31 pm Reply with quote

It really depends on what your site is about.
Don't forget that not all bots etc are situated within the United States so banning everything BUT the US might have a negative impact on that.

I know one guy on here does bane just about everything except his street lol and it didn't hurt anything but I'm here to help you understand the broader picture.
 
View user's profile Send private message Send e-mail
oneunit
PostPosted: Wed Feb 27, 2008 2:50 pm Reply with quote

my website is a gaming clan for xbox 360 within the us.
when i checked my ip tracking, i seen many dif countries look at my site, i thought why not remove the countries i dont need to see my site.

so your saying i should not do this?
thanks for your input, i value it alot
 
Guardian2003
PostPosted: Wed Feb 27, 2008 3:15 pm Reply with quote

All I'm saying is you don't have to ban lots of countries just because you CAN. There may be other English speaking countries that might make a valuable contribution to your site with hints, tips etc.
 
oneunit
PostPosted: Wed Feb 27, 2008 4:07 pm Reply with quote

ok how do you unban countries then Smile
 
oneunit
PostPosted: Wed Feb 27, 2008 6:49 pm Reply with quote

i by accident blocked a few.. countires Wink
 
Doulos
PostPosted: Wed Feb 27, 2008 7:27 pm Reply with quote

oneunit wrote:
do you reccommend my idea? blocking all countries except for united states. i only want united states members


I have one site that only allow access from the US and Canada,....supposedly.

It is a pain to keep up, and someone will always find a way in if they want, it seems.
 
oneunit
PostPosted: Wed Feb 27, 2008 7:37 pm Reply with quote

so what things do you reccommend to do to keep these buggers out,

change pass, keep up-to-date site...


do those, but what else
 
manunkind
Client


Joined: Apr 26, 2004
Posts: 368
Location: Albuquerque, NM

PostPosted: Wed Feb 27, 2008 8:39 pm Reply with quote

A determined hacker from another country could use a proxy based in the U.S. and get in with no problems. Blocking IPs is not true security.

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
oneunit
PostPosted: Wed Feb 27, 2008 10:48 pm Reply with quote

ok, how do you unblock countires>?
 
999
Regular
Regular


Joined: Sep 12, 2006
Posts: 58
Location: Dsm, IA

PostPosted: Thu Feb 28, 2008 12:51 pm Reply with quote

Take note of any other ranges you've blocked (not individual ips, those are separate). Go to Blocked Range Menu-Clear All Blocked Ranges. Then re-import the countries you do want to block. There may be a better way of doing it, but it works.
 
View user's profile Send private message Visit poster's website MSN Messenger
oneunit
PostPosted: Thu Feb 28, 2008 1:14 pm Reply with quote

is there any other way?
 
oneunit
PostPosted: Thu Feb 28, 2008 1:41 pm Reply with quote

every tme i try to clear it, it goes to page cannot be displayed..
 
gazj
Worker
Worker


Joined: Apr 28, 2006
Posts: 152
Location: doncaster england

PostPosted: Mon Apr 14, 2008 10:41 pm Reply with quote

there are alot of ways to block these but the most easy way is

im not sure if the useragent uses all these but i got some in my sentinel block list for 5.803, 5.805, 5.808 the other numbers i just added to be safe now its not pretty but its effective.

Code:
if($_SERVER['HTTP_REFERER'] === 'libwww-perl/5.801' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.802' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.803' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.804' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.805' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.806' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.807' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.808' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.809'){

die('no!');
}


now i used === just simply as it is quicker than == Razz
 
View user's profile Send private message Visit poster's website
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9453
Location: Arizona

PostPosted: Tue Apr 15, 2008 5:08 am Reply with quote

Actually jakec pointed to the easiest way to block these (libwww) (through .htaccess) and here is my post within that thread which does it:
Only registered users can see links on this board! Get registered or login!

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©