History

I've had some problems with abuse via open proxies for a time ago, and when we were banning abusers, they always found a new proxy to use and register new accounts with. Since this forum was a large type we could'nt just ban e-mails etc just like that, because this was leading to a very large amount of other banned users too.

At IRC, in the other hand, we had Open Proxy Monitors, that was banning everything that was blacklisted in some DNSBL-databases. No spammers had a chance to get in there as long they were listed in such database.

This is a plugin that blocks blacklisted hosts from some different DNSBL's. It uses the global_start-hook, a very simple handler for blocking proxies, and a vBphrase called OPM_Deny.


April 2006

The source has been rewritten a bit. The proxychecker is now using a cache that, by default, stores all ip's in a database for 6 hours. It scans some DNSBL's and can be configured to block proxies from bitmasks (defined in the plugin) which makes it a little bit more reliable, because it does'nt block everything it see).

Configuration is made from the plugin (hopefully there will be a nice admin interface in the future). Exceptions (ip's that can pass through this system even if it is a proxy) are also handled differently now.

// CHANGES
//
// 2008-09-20 (2.0.8)
//
// * Changed the routines for how to handle inclusion/exclusions
// * Splitted up plugins for 3.5/3.6 and 3.7
//
// 2007-08-05
//
// * Fixed reported bug, based on resolved hosts ending with 127
// * Changed database-tables to get rid of (hopefully) duplicate keys
// * Added resolver-function
// * Added two new block-methods available at the efnet-rbl
//
// 2006-06-28 (2.0.6/Another fix)
//
// * Proxyinclusions/exclusions didn't work properly
//
// 2006-06-28 (2.0.5/Fix only)
//
// * Fixed a bug in the $block-array that affected some of the blocking results
//
// 2006-06-28 (2.0.4)
//
// * opm.tornevall.org has a new entry for anonymizers, added support for this
// * Default value on "block everything detected" in plugin changed to "no"
//
// 2006-06-26 (2.0.3)
//
// * Created options for admincp (removed plugin-configuration)
// * Fixed a bit-bug for njabl
// * Plugin is now a function (rbl_livecheck) for external lookups
// * Added options for "only block on newuser-registrations"
//
// 2006-06-22 (2.0.3 RC)
//
// * The monitor is now a function
// * Added small compatibility with other plugins (with return)
//
// 2006-05-13
//
// * sorbs zones added (no bitmasking)
// * opm.blitzed.org removed
// * time() changed to TIMENOW
//
// 2006-04-21
// ==========
//
// * proxyinclusions
// quickly add own hosts that should be treated as a proxy
//


How does it work with other vBulletins?

This filter actually works with both 3.5 and 3.6, but for now, they will be separate versions, but for 3.5 and 3.6 you should look here (https://vborg.vbsupport.ru/showthread.php?t=96318) and for 3.7 you should look here (https://vborg.vbsupport.ru/showthread.php?t=191398).


How to use the compatibility thing

If you have a plugin that you want to use together with the proxy monitor (only returns a value if a an ip-address is registered as a proxy or not) you can call the function rbl_livecheck like this (example):


global $rblInstalled;

if ($rblInstalled) {
$remoteIsProxy = rbl_livecheck(1, $_SERVER['REMOTE_ADDR']);

//
// .. your code here ..
//

}

Report bugs if you find them...



Don't forget to install (https://vborg.vbsupport.ru/vborg_miscactions.php?do=installhack&threadid=96318) it :)

Yes, 3.5/3.6 exist too. Here! (https://vborg.vbsupport.ru/showthread.php?t=96318)

Thanx! Very good :)

thnx it looks much better

Very nice mod, thanks. I'm in progress to implement a bit more commlicated task, but in similar way. Could you share some statistics from you board?

1. How many %% of disturbers were blocked immideately?

2. How many wrong blocks?

3. How many ACTIVE distubbers still exists (if they uses payed proxy lists and so on)?

Does this block users from registering or will it also block them from posting (if they're already registered) ?

Very nice mod, thanks. I'm in progress to implement a bit more commlicated task, but in similar way. Could you share some statistics from you board?

1. How many %% of disturbers were blocked immideately?

2. How many wrong blocks?

3. How many ACTIVE distubbers still exists (if they uses payed proxy lists and so on)?

With the default settings, there has been probably 2-3 wrong blocks in 6 months. Most of the incoming (external) reports also says that temporary Tor-nodes causing the problems.

Does this block users from registering or will it also block them from posting (if they're already registered) ?

Both - there's a specific setting for "Only block on registrations". :)

Thank You!

How does this plug-in compare to the old "Check Proxy RBL on New User Registration." plugin below (that still works with 373)?

https://vborg.vbsupport.ru/showthread.php?t=131852

-vissa

is there a way to allow only admin login, if your at an open proxy ?

for 3 days now since i used this, its not blocked me, however for some reason, its saying i am blocked

thi is the message

You have been denied access to this forum. The reason is that you are visiting us from a place that has been blacklisted as an Open Proxy. You have to fix this, and return.

If you want to know exactly where you are blacklisted, go see www.tornevall.net/cgi-bin/ip.cgi

How does this plug-in compare to the old "Check Proxy RBL on New User Registration." plugin below (that still works with 373)?

https://vborg.vbsupport.ru/showthread.php?t=131852

-vissa

I haven't tested that version yet, but I think it should do the same as this.


is there a way to allow only admin login, if your at an open proxy ?

for 3 days now since i used this, its not blocked me, however for some reason, its saying i am blocked

thi is the message

You have been denied access to this forum. The reason is that you are visiting us from a place that has been blacklisted as an Open Proxy. You have to fix this, and return.

If you want to know exactly where you are blacklisted, go see www.tornevall.net/cgi-bin/ip.cgi (http://www.tornevall.net/cgi-bin/ip.cgi)

You should be able to reach admincp and add yourself to a whitelist.

87932

But why not? I'll look into some kind of "override protection on fly"-function too for the next version (http://forum.tornevall.net/project.php?issueid=897)..

are we blocking from registering? posting? or accessing the site?

Registration-checks only blocks registrations. The other option is site-blocking.

Hi,

i've installed your software, for two weeks already. Just today i got 200+ DB error showing this.

++++++++++
Invalid SQL:
INSERT INTO vb_proxycache (ip, listed, dateline) VALUES

MySQL Error : MySQL server has gone away
Error Number : 2006
Request Date : Tuesday, October 28th 2008 @ 11:05:42 PM
Error Date : Tuesday, October 28th 2008 @ 11:06:11 PM
++++++++++

If you are getting "MySQL Server has gone away", the forum won't be running, assuming they are talking to the same database server (MySQL).

You will get an error for every "hit"/request/visit on the forum.

Check your system / processes.

Not sure if this can be answered but what kind of server load does this add if it's checking new registrations and posts?

I have a large board with alot of new posts. My 1st thought would be that it would impact the load significantly.

Not sure if this can be answered but what kind of server load does this add if it's checking new registrations and posts?

I have a large board with alot of new posts. My 1st thought would be that it would impact the load significantly.

This was my question as well.

So.. I only wanted this script to be active at registration -- but still saw a dramatic reduction in performance on calls to global_start in all other locations.

I made the following adjustement;
if ($vbulletin->options[rblblockonregister] == 1 AND $rbllocation != "register") {return 0;}Added right after the global-line in function rbl_livecheck. There is really no need to be running all this code on all calls to global_start if the rblblockonregister switch is on.

Added to the planlist! :)

http://forum.tornevall.net/project.php?issueid=993

geee, something was wrong with my vb 3.7.2 :(
Uninstalled but congrats. Pretty cool mod.

I too am recieving this error many times a day. I had to shut this off. Is there anyway to fix this?

Database error in vBulletin 3.8.0:

Invalid SQL:
INSERT INTO proxycache (ip, listed, dateline) VALUES ('', 0, 1233827363);

MySQL Error : MySQL server has gone away
Error Number : 2006
Request Date : Thursday, February 5th 2009 @ 09:49:23 AM
Error Date : Thursday, February 5th 2009 @ 09:50:45 AM
Script :
Referrer :
IP Address :
Username : Unregistered
Classname : vB_Database
MySQL Version :

I removed some of the info, if need the rest, please let me know. But has anyone figured out how to fix this?

Thanx for the mod, installed already on a 3.7.3 board. :up:

I ll let you know about the results.

Unfortunately, it doesn't work at all.

No proxy is blocked at registration :(

axinos, I have just updated a few things in the dnsbl, so hopefully we may get more hits now!

FYI: Time to change the blitzed bitmask, perhaps?

http://www.stopforumspam.com/forum/viewtopic.php?id=2224

The DNS Blacklist has also been updated:

Live reporting from scrapers
DNS runs on MySQL so everything reported goes live immediately
Daily statistics about added and removed hosts

Does it work with 3.8.6 PL 1?

Yes, it should! There are actually separately released versions for each version of vB!

You can find it at https://vborg.vbsupport.ru/showthread.php?t=201541

Great thanks.