I did uploaded px.gif to images>buttons folder, where the ip gif is. as it says in the instruction:confused:

The instructions cannot cover all possibilities - like I said, it needs to be the correct place for your style.

Grrr... Thanks Paul. :)

please help, do i need to enable this hack after install ?? Mind the doesn't seem to be working

what is the CVS folder for? do i need to upload it to my server? to where?

Where do you see a CVS folder?

I was wondering that as well. There shouldn't be one in the zip, and as far as I can see there isn't.

If you do have one for some bizarre reason then just ignore/delete it.

please download your hack again. yes there is a cvs folder because I just re-open the zip file that i downloaded again and that folder still shows up.

oh well. *deleted*

Winzip is not showing it, but does create the empty folder when I unzip it ... weird ....

I still don't see anything?? =??
I tried unzipping it, Winrar it

That happened to me too and it actually scared me, I thought it was some kind of virus-related issue because I didn't know where it had come from. Lol hopefully it is perfectly safe. ;)

It's fine, all my mods are stored in cvs locally, that's where the folder comes from. It's just weird how it's not listed.

Thanks Paul M ,

Installed . but i could find Install Button in this topic !! i think its gone after upgrade version of VB !

It's in the links, above the file you downloaded.

does anyone know a proxy that will trigger this mod so I can use to test it??? I have test dozen proxy and it doesn't seem to work\.

same here. my members laughed hard at me after I posted a annoucement saying that I just installed something that will put an end to track down people who are using proxy and they all decided to use proxy to make fun of me. aha . I love them though. smart ass kids

Hmmm...
It's gone silly ATM... It is reporting all the posts to come from proxies.(red button )
Including my posts...

My own post reported to come from a proxy:
The Real IP Address is: 00.111.222.333
Replacement of real details
The Proxy Server IP Address is: PROXYIP

This post is from a real proxy:
The Real IP Address is: 85.195.123.22
85.195.123.22
The Proxy Server IP Address is: PROXYIP

You have probably upgraded and not re-done the file edits.

Hi Paul,

I had an idea from something a ran across a long time ago. I'm not sure if I should post this idea in this thread or PM you. I figured since you got promoted that you probably get tons of PMs already from people asking you about this that and the other...that a post might work better. :nervous:

I'm posting this here (you may delete it if you want) as I think this idea could possibly be merged with this hack, and also because you are one of the few people I think could pull it off.

A long time ago, I ran across a UBB hack that checked what port a post or thread was posted from. The hack denied all posts the were not from port 80 (http), and it was effective in blocking any post that was made from proxies that were using non-standard ports (those other than http port 80, with the exception of any "whitelisted" the admin wished to designate), which are quite a fairly large number of proxies.

Since your hack works on all but anonymous proxies, this would also eliminate even anonymous proxies if they weren't using port 80 to connect, thereby giving this an even stronger "bite".

It's been a number of years ago since I ran across this "hack" that my friend was using on his UBB board. I have looked for it over at UBB Developers for it, and I've tried to get in touch with my friend that used it, but he has since moved back to Hungary. I suspect given the time frame that it was done either in PERL (he was using UBB classic at the time) and/or it he may have used something like an .htaccess file. I do know that it existed, but I don't know any more of the details than that. :ermm:

Anyway, if the idea is silly or shouldn't even be posted in this thread, I apologize and please go ahead and delete it, as I don't have the level of PHP skills necessary to try recreate it on my own, and I thought if it was entwined with your original hack that it could be used to help make it even a little stronger. :nervous:

sound likes a great idea to me

I don't quite follow how this would work, as all requests to the final server (i.e. your server) will be on port 80, regardless of what ports were used before that.

if you backtrace the connection, you will be able to see if it was connected through port 80 or an alternative just view your own log file

Nope, 99% of the worlds webservers only listen on port 80 (for http) so your logs will only show port 80.

You know...I may be remembering this incorrectly and I may also be explaining it incorrectly as well.


This is what I remember that it did.

Let's grab a "fresh" proxy list

The first proxies on that list are connected at port: 6588 and the remaining three are connected via port: 8080

This is where I am having trouble explaining this, as I know what it did...I'm just not sure how it was done.

He used UBB Classic (which was completely written in PERL until the later versions that used PHP as an accelerant), the server was Linux and I do know that he often relied on .htaccess files to handle problem boards linking to him, the "hot" linking of images on his server, Etc.

He had a script that somehow was able to detect proxies that were connected at other ports besides port 80.

How he was able to do this exactly is what I am not sure of and was why I was over at UBB Developers seeing if I could find it.

I was a Moderator on his UBB board and one day I was unable to connect to the board because I had left my connection to a proxy server on. I asked him and he said it was a "script" that was able to block most proxies. A few weeks later I noticed that I was able to connect and post using a proxy server, and I asked him if he had disabled the proxy script, he said that he hadn't...I asked him why I was able to connect presently as I was posting to him behind a proxy. He asked me what port I was connected on and I told him port 80, he confided in me that the port 80 was the only proxy connection that the script failed to block, and he asked me not to mention it as it had seriously cut down on the number of problem posters/troll that were posting using a proxy that used a port connection of 80.

I really wish I could find him, as I am not sure if my memory regarding the event is faulty or that I was just too "green" at the time to understand it.

He was a very quiet person and was not prone to bragging or lying which is why I am treading very gingerly in describing that event. He was very good at writing his own scripts in PERL (and I know he used to contribute to UBB Developers which is why I went there looking first).

I remember also, because I asked him about learning PERL (remember this was about 4 years ago) and he told me at the time to concentrate on PHP instead.

So, what I am carefully trying to say without looking silly...is that he was able to detect and block proxy servers that the user had connected to using a port other than 80. He was able to block those proxy connections, but the "Achilles heel" (so to speak) was proxy connections that used standard (http - port 80) connections. I don't know know if it was a script he wrote in PERL (I don't think UBB was using PHP yet at that time), or if had configured something on their server to detect and block it directly.

I do know that like so many proxy fixes that people have developed to try and fix/stop the problem that his also didn't work 100% either.

I have recently been looking at various ways other people (such as yourself) have approached the problem, and I remembered the way he approached it and I was thinking if his way (again, I remember pretty clearly the details of what it did...I'm just not sure of the details of how he did it https://vborg.vbsupport.ru/external/2010/01/19.gif) could be combined with your method, that even though it still would be 100%, if it was possible...it would still be pretty damn powerful.


Like I said, I do remember that he asked me not to say or mention the flaw, or post about it on the board which I helped moderate and that he owned/ran, as he said that the majority of proxies that the users connect too, don't use port 80 and that the "script" (I am almost positive that he called it a script) was able to stop all those with that one exception being those that connected to the proxy they were using via port 80.

But maybe it wasn't a script...maybe have been something he did at the server itself (similar to the way that .htaccess works).

Or, maybe my memory really is that faulty. https://vborg.vbsupport.ru/external/2010/01/19.gif

<u>vBulletin 3.6.4</u>

Version 2.25 Uploaded.

An extra step has been added to the class_core.php edits to take account of new code added to this file in vB version 3.6.4. When upgrading to 3.6.4 you should start with a fresh copy of class_core and apply all the edits.

SO if where still back on 3.6.2 we should just stay with what we got? :)

Step 3.

In class_core.php ;

Find ;

// define session constants
define('SESSION_IDHASH', md5($_SERVER['HTTP_USER_AGENT'] . vB_Session::fetch_substr_ip($registry->alt_ip))); // this should *never* change during a session
define('SESSION_HOST', substr($registry->ipaddress, 0, 15));

Replace with ;

// Paul M - Define session constants
define('SESSION_HOST', substr(IPADDRESS, 0, 15));
define('SESSION_IDHASH', md5($_SERVER['HTTP_USER_AGENT'] . vB_Session::fetch_substr_ip(IPADDRESS)));

Mine with 3.64 is differnet ..

// define session constants
define('SESSION_HOST', substr($registry->ipaddress, 0, 15));

if (!defined('SESSION_IDHASH'))
{
define('SESSION_IDHASH', md5($_SERVER['HTTP_USER_AGENT'] . $this->fetch_substr_ip($registry->alt_ip))); // this should *never* change during a session
}

What I'm trying to say is that my code is not the same , the last two are not in the same location .. Total

You're right, I hadn't noticed that had changed as well.

I've uploaded a new set of instructions for both changes.

Thanks man , I thought that either I went insane or my carbon monxide detector was faulty ( or both ) .. Total

If where using 3.6.2
Should we just stay put on the release before this new one ? :confused:

Not found in my 3.6.4 copy of class_core.php

Bob

I JUST edited my 3.6.4 version and it is there.

If you are doing a search with vi, it won't find anything with a ' or " in it.

So do a search for $this->fetch_substr_ip($registry->alt_ip))) and you'll find it.

Look again, it's somewhere around line 2500.

For some reason Dreamweaver 8 could not find it, but Programmers Notepad did. All done now.

Bob

you should use UltraEdit32 for programming when you use windows

Programmers Notepad is free.

Bob

Question:

Guess .......

Means probablly just stay with the old one :D
just wanted to clarify :glasses:

I just noticed that the version of the current XML file (v2.25) outdates the one I have installed on my site (from when I first installed the mod (v2.21)). Should I replace the old one with the new one? If so, how would I go about doing that? Should I uninstall the old one first, or just upload and overwrite?

I'm running 3.6.4 if that matters, and yes, I have already upgraded my class_core.php