Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Beta Releases
[Released] - Server Abuse Resister Details »»
[Released] - Server Abuse Resister
Version: 1.00, by Frzzy Frzzy is offline
Developer Last Online: May 2012 Show Printable Version Email this Page

Version: 3.0.0 Rating:
Released: 03-28-2004 Last Update: Never Installs: 6
Is in Beta Stage  
No support by the author.

Well, I don't know how (yet) to post a hack release thread, so someone please help me post it.

Server Abuse Resister 'n IPLogger
Hack version: 0.8.4
vB version: Any (include vB2, basically you can use it anywhere you want)
File to modify: 1
Template to modify: 0
Time taken to install: 1' (yes, one minute)
Developer: Frzzy

Changelog
From 0.8.0:
+ Add exclude list
From 0.8.2:
+ Log the script file, fix some problems when posting.
--- Try to lower the $iplog_wait to 1 if you have problem when posting, I don't have this problem with $iplog_wait = 2, so try yourself.

Description
Well, my board got attacked recently, the attacker(s) send request to my memberlist.php and index.php rapidly so my server gave up to fulfill "good" requests.

I can disable memberlist.php, but it will be inconvenience for my visitors, also, I can't disable index.php (who will do it anyway?). One more thing I can do it block the IPs that sent the "bad" requests, but it keep me on the board all the time, and that's not what I want to do.

So, I code this little mod for me (and for you) who want to keep your server away from this kind of attack (it won't it up your bandwidth, it save bandwidth acttually, but it keep your server load is way too high, and your host can kick you out).

Enough, on to the hack:

This mod have to be run as soon as possible when vB start. So the best way to use it is include the hack file as close at the start of the vB script.

I don't know (yet) the right file to use, but I'll use init.php script. Someone know any file to use better than it please PM me.

It will check for the visitor's IP and his (her) last access time, if the different between last access time and current access time is smaller than xx seconds (your choose the value yourself, default is 2 seconds), then it will exit the script (it will output some thing if you want), saving your server from doing hard work for nothing.

Basically, I think 2 seconds (from just a little more than 1 second to just a little less than 2 seconds) is enough for most visitors, anyway change this to the value you feel enough.

If server abusings were detected, it will log the time down. This will be use for further analyst by parsing the logfile. I'm on the analyzer and release it soon.

Further information:

This hack will create new directory in your temporary dir (normally it is /tmp on *nix server) with the name "vbiplog". So the directory it use is /tmp/vbiplog, you change it to whatever you want. This directory must be writeable by webserver process (because it is temporary directory so you won't have to be affraid of this).

You can change the directory to anywhere you want, but it's not necessary (until the analyzer is finish, just use the temporary directory).

Each unique IP visit your board will have its own file here, the file will be empty until it abuse your board. Each time the abuse is detected, it will append one more line with 11 bytes of access timestamp and a newline character.

The whole directory will be use for the analyzer later, and it will be flush often to save disk space (although it won't be problem unless you have really large or attacked often board).

The directory can be deleted, no problem, it will create new directory later. Analyzer will have some problem though, but it doesn't hurt.

Upgrade
Copy over the attached file onto the oldfile, that's all. The analyzer (which I planned to release this weekend with take care of garbages (if some).

Installation
Open the includes/init.php

Find:
PHP Code:
error_reporting(E_ALL & ~E_NOTICE); 
Add below:
PHP Code:
include("/path/to/your/board/" "includes/vbiplogger.php"); 
Save the file.

FTP to includes directory under your board directory, upload attached file. Edit it to fit your need if needed. You only have to edit these three lines (or further if you want).
PHP Code:
// Change this to your temporary dir, include the slash at the end
$iplog_tempdir "/tmp/vbiplog/";
// Change this to number of second(s) which visitor have to wait before send another request
$iplog_wait 2;
// Exclude list
$iplog_exclude_array = array("127.0.0.1" "more.exclude.ip.here); 
Support
It's OK to post question(s) here, I'll answer most (hopefully all).

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 03-29-2004, 05:29 PM
Frzzy Frzzy is offline
 
Join Date: Jul 2003
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Oh, I forgot to tell you this.

If you installed this hack and didn't click the install button, your board will be attacked right away
Reply With Quote
  #3  
Old 03-29-2004, 07:00 PM
poetic poetic is offline
 
Join Date: Apr 2003
Posts: 125
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ohh just to tell you this has a couple problems when im in the arcade and then submit my score then the server abuse screen comes up
Reply With Quote
  #4  
Old 03-29-2004, 09:29 PM
Frzzy Frzzy is offline
 
Join Date: Jul 2003
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I dont' use Arcade myself, let me install it then try to find out the problem.

Anyway, are you sure that you submit your score xx seconds after last action on the board?

I have update the hack too, now it let you exclude some IPs for your need.
Reply With Quote
  #5  
Old 03-30-2004, 12:02 PM
ChuanSE's Avatar
ChuanSE ChuanSE is offline
 
Join Date: Feb 2003
Posts: 311
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Does it still interfears with the arcade?
It's heavy used on my board, but i sure would like to install this hack 2 :/
Reply With Quote
  #6  
Old 03-30-2004, 02:57 PM
Frzzy Frzzy is offline
 
Join Date: Jul 2003
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sry I've been busy today, just tailored it a bit so you won't (hopefully) have problem when posting... I have tested it quite a lot and I don't have this problem, please test it yourself. But, if you didn't have problem when posting before, you won't have problem with this update.

Please check the first post for the updated file.

About the arcade, I don't use this hack, so I can't test it on my live board, I'll try to test it with my board @ localhost. Will get back as soon as possible about this problem.
Reply With Quote
  #7  
Old 03-30-2004, 07:49 PM
Pikok Pikok is offline
 
Join Date: Jul 2002
Posts: 53
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by poetic
ohh just to tell you this has a couple problems when im in the arcade and then submit my score then the server abuse screen comes up
Look in "includes/vbiplogger.php" and find..
PHP Code:
$iplog_access_filename $iplog_tempdir $iplog_script "_" $iplog_access_filename
Add this below:
PHP Code:
if ($iplog_script=='arcade.php')
{
    
$iplog_wait 1;

If the arcade still shows the abuse screen or freezes, set it to 0 instead of 1. You should then safely be able to set $iplog_wait = 2; at the top of the file for other files.
Reply With Quote
  #8  
Old 03-31-2004, 02:40 AM
Frzzy Frzzy is offline
 
Join Date: Jul 2003
Posts: 38
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Pikok
Look in "includes/vbiplogger.php" and find..
PHP Code:
$iplog_access_filename $iplog_tempdir $iplog_script "_" $iplog_access_filename
Add this below:
PHP Code:
if ($iplog_script=='arcade.php')
{
    
$iplog_wait 1;

If the arcade still shows the abuse screen or freezes, set it to 0 instead of 1. You should then safely be able to set $iplog_wait = 2; at the top of the file for other files.
Hack 'o the hack, eh?

Yes, you can do as Pikok, but try not to set the $iplog_wait to 0. It will disable this hack for the arcade.php script, the minimum (and still safe) value for the $iplog_wait variable is 1.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:20 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04358 seconds
  • Memory Usage 2,284KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (7)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (7)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete