Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other
Author Message
vaudevillian
Worker
Worker


Joined: Jan 18, 2008
Posts: 143

PostPosted: Mon Jun 02, 2008 9:24 am Reply with quote

I have been under attack from a website Only registered users can see links on this board! Get registered or login! for the past few weeks. The ip keeps changing as well.

They are always trying to access my foum prune. It is getting a little annoying.
 
View user's profile Send private message Send e-mail
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Mon Jun 02, 2008 3:51 pm Reply with quote

I don't know why they would go for forum prune. Do you have an example of such attacks?

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
vaudevillian
PostPosted: Mon Jun 02, 2008 8:28 pm Reply with quote

next attack I will post the code and the info relating to it.
 
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Tue Jun 03, 2008 9:14 am Reply with quote

These attacks are nothing special and doesn´t work. Search for libwww-perl
and maybe try this in your .htaccess



Quote:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl/[0-9].[0-9]*
RewriteRule ^.*$ Only registered users can see links on this board! Get registered or login! [R,L]
 
View user's profile Send private message
vaudevillian
PostPosted: Tue Jun 03, 2008 9:56 am Reply with quote

Does that block all perl agents?
 
Susann
PostPosted: Tue Jun 03, 2008 10:32 am Reply with quote

R = redirect

I don´t get notifications but I see these agents in my logs.
 
evaders99
PostPosted: Tue Jun 03, 2008 12:31 pm Reply with quote

It should block most dumb Perl scripts that don't forge a User-Agent. Smile
 
dad7732
RavenNuke(tm) Development Team


Joined: Mar 18, 2007
Posts: 1242

PostPosted: Sun Jul 13, 2008 10:29 am Reply with quote

Add this to your .htaccess and it will stop most scripts from getting in.

Code:


# Stop Scripts Beforehand
RewriteEngine On
RewriteCond %{THE_REQUEST} .*http:\/\/.* [OR]
RewriteCond %{THE_REQUEST} .*http%3A%2F%2F.*
Rewriterule ^.* - [F]


Been a long time since I've seen Sentinel block a script because of the above entry.

Cheers
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©