Tried to hack through my forums??

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

User Agent: libwww-perl/5.65
Query String:

Only registered users can see links on this board!
Get registered or login to the forums!

Get String:

Only registered users can see links on this board!
Get registered or login to the forums!

Post String:

Only registered users can see links on this board!
Get registered or login to the forums!

Forwarded For: none
Client IP: none
Remote Address: 61.47.10.204
Remote Port: 49813
Request Method: GET
--------------------

were they trying to get in my db?

evaders99 · Posted: Wed Feb 27, 2008 12:11 am

Yes. These are known issues that have been previously fixed.

One thing I would do is block libwww-perl, there are many posts on how to do this.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

thanks, i will search

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

no search criteria for them, can you post a link it?

jakec · Posted: Wed Feb 27, 2008 1:12 am

See here:

Only registered users can see links on this board!
Get registered or login to the forums!

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

is there anyway for me to ban all countries except for united states?

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

doesnt my nuke sentinel already block the list of them?

Doulos · Posted: Wed Feb 27, 2008 11:38 am

In admin / nukesentinel - you click on "Import data" then choose "Import to Blocked Ranges". Then you choose the countries you want to block from the drop-down menu.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

do you reccommend my idea? blocking all countries except for united states. i only want united states members

evaders99 · Posted: Wed Feb 27, 2008 2:28 pm

Note that IP ranges change frequently. One block may be transfered to other countries. So you'd have to keep your Sentinel IP2Country data fairly up-to-date so that you don't block innocent users.

Guardian2003 · Posted: Wed Feb 27, 2008 2:31 pm

It really depends on what your site is about.
Don't forget that not all bots etc are situated within the United States so banning everything BUT the US might have a negative impact on that.

I know one guy on here does bane just about everything except his street lol and it didn't hurt anything but I'm here to help you understand the broader picture.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

my website is a gaming clan for xbox 360 within the us.
when i checked my ip tracking, i seen many dif countries look at my site, i thought why not remove the countries i dont need to see my site.

so your saying i should not do this?
thanks for your input, i value it alot

Guardian2003 · Posted: Wed Feb 27, 2008 3:15 pm

All I'm saying is you don't have to ban lots of countries just because you CAN. There may be other English speaking countries that might make a valuable contribution to your site with hints, tips etc.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

ok how do you unban countries then Smile

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

i by accident blocked a few.. countires Wink

Doulos · Posted: Wed Feb 27, 2008 7:27 pm

oneunit wrote:

do you reccommend my idea? blocking all countries except for united states. i only want united states members

I have one site that only allow access from the US and Canada,....supposedly.

It is a pain to keep up, and someone will always find a way in if they want, it seems.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

so what things do you reccommend to do to keep these buggers out,

change pass, keep up-to-date site...

do those, but what else

manunkind · Posted: Wed Feb 27, 2008 8:39 pm

A determined hacker from another country could use a proxy based in the U.S. and get in with no problems. Blocking IPs is not true security.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

ok, how do you unblock countires>?

999 · Regular Joined: Sep 12, 2006 Posts: 58 Location: Dsm, IA

Take note of any other ranges you've blocked (not individual ips, those are separate). Go to Blocked Range Menu-Clear All Blocked Ranges. Then re-import the countries you do want to block. There may be a better way of doing it, but it works.

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

is there any other way?

oneunit · Regular Joined: Feb 18, 2008 Posts: 94

every tme i try to clear it, it goes to page cannot be displayed..

gazj · Posted: Mon Apr 14, 2008 10:41 pm

there are alot of ways to block these but the most easy way is

im not sure if the useragent uses all these but i got some in my sentinel block list for 5.803, 5.805, 5.808 the other numbers i just added to be safe now its not pretty but its effective.

Code:

if($_SERVER['HTTP_REFERER'] === 'libwww-perl/5.801' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.802' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.803' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.804' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.805' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.806' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.807' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.808' OR $_SERVER['HTTP_REFERER'] === 'libwww-perl/5.809'){
die('no!');
}

now i used === just simply as it is quicker than == Razz

montego · Posted: Tue Apr 15, 2008 5:08 am

Actually jakec pointed to the easiest way to block these (libwww) (through .htaccess) and here is my post within that thread which does it:

Only registered users can see links on this board!
Get registered or login to the forums!