The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Spider Watcher Details »» | |||||||||||||||||||||||||
Spider Watcher
Author: Mikel Beck (mikel.beck@elite-computing.net) This hack keeps track of the spiders (Search Engine robots) that visit your fourm. Every time a guest visits a page, the guest's IP address, user agent and the page they visited are logged to the database. When somebody views the spider statistics page, this data is "rolled up", meaning the raw data is collated, the spider's name is determined by comparing the user agent to data contained in the spiders_bulletin.xml file, and the number of pages and visits is summarized and writted back to the database. In addition, and data from non-bots is removed. The data is then displayed in a easy to read format for your viewing pleasure. If the user viewing the report has permissions to view IP addresses, these are displayed as well. A live version of the report from one of my sites can be seen here: http://www.happyhourpub.com/spiders.php Also see the attached screenshot for an exmaple. Revision History: 1.0.0 Beta 1 - 01/05/2006 - Initial Release 1.0.0 Beta 2 - 01/06/2006 - Included templates for spiders.php - Removed text from templates, added them as phrases 1.0.0 Beta 3 - 01/07/2006 - Split up the display of "known" and "unknown" spiders 1.0.0 Beta 4 - 01/25/2006 - Corrected potentional SQL injection issue in plug-in - Reduced the number of SQL queries required to display statistics - Corrected date/time display issue 1.0.0 Beta 5 - 02/01/2006 - Reduced the number of SQL queries required to display statistics 1.0.0 Beta 6 - 02/08/2006 - No release 1.0.0 Beta 7 - 02/11/2006 - Corrected issue with "unknown" spiders not being displayed properly. - Added tracking of the type of spider (searchspider, link checker, etc) 1.0.0 Beta 8 - 02/19/2006 - Change the display of IP addresses to be a pop-up so they're all not displayed on the main page. - Combined the spiders that have the same name but different user agents. 1.0.0 Beta 9 - 03/10/2006 - Changed the display to group similar spiders together (search spiders, http check spiders, etc) 1.0.0 Beta 10 - 08/08/2006 - Changed how the rollup functions. Instead of rolling up every time somebody views the spider page, it rolls up once per hour. - Corrected a few bugs here and there, mostly related to removing entries from the database. Installation Instructions 1. Upload spiders.php to the root of your forum. 2. Upload spiders_rollup.php to the includes/cron directory. 3. Import the file product-spiderwatcher.xml using the Manage Products module. 4. Add a link to spiders.php on your navbar or footer. 5. Add a cron job with the following information: Title: Spider Watcher Rollup Day of the Week: * Day of the Month: * Hour: * Minute: 0 - - - Log entries: Yes Filename: ./includes/cron/spiders_rollup.php Upgrade Instructions 1. Upload (and overwrite) spiders to the root of your forum. 2. Upload spiders_rollup.php to the includes/cron directory. 3. Import the file product-spiderwatcher.xml using the Manage Products module. Make sure the "Allow Overwrite" option is set to "Yes". 4. Add a link to spiders.php on your navbar or footer. 5. Add a cron job with the following information: Title: Spider Watcher Rollup Day of the Week: * Day of the Month: * Hour: * Minute: 0 - - - Log entries: Yes Filename: ./includes/cron/spiders_rollup.php ***UPGRADE NOTE*** When you upgrade from version 1.0.0 Beta 7 to 1.0.0 Beta 8 your existing spider data will be lost! To make sure that you can decode the maximum amount of spiders, you should grab the latest spiderlist.xml and replace the spiders_vbulletin.xml file in your forumhome/includes/xml/ directory with the one from this thread: http://www.vbulletin.com/forum/showthread.php?t=76662 Supporters / CoAuthors Show Your Support
|
Comments |
#122
|
||||
|
||||
good luck
|
#123
|
||||
|
||||
Quote:
http://www.kloth.net/internet/bottrap.php That was the main reason I posted the link to the page and it was the first thing I actually created for myself after reading the article. Quote:
I thought it made sense to provide a link to something that would give a little better understanding of some of the spiders, for those installing this script that's all, I was only trying to be helpful, I just got myself a little confused with that reply above, after all i'm normally posting on here at 4-5 am after being up 18-20hrs. |
#124
|
|||
|
|||
Quote:
Quote:
The link was very useful and thanks for posting it. I can verify the the bot-trap dir and blacklist.dat file works quite nicely. I have yet to implement the full function of the blacklist.dat for blocking to vb tho. Im not sure of the best way to do this. perhaps a simple include hook in global_start would work ? |
#125
|
||||
|
||||
Great hack, but I'm having the problem where it doesn't display my board's default timezone offset.
Is there a way to set it so it uses a user's offset preference? |
#126
|
||||
|
||||
I working on version 1.0.0 Beta 4 right now. It should fix the time/date issue, a possible SQL injection exploit, and the high number of queries. I'm letting it run on one of my sites now to gather up a bunch of spider data so I can see if the number of queries drops. If it does, I'll package it up and will post an update tonight or tomorrow morning.
In the mean time, somebody notified me via e-mail that the plug-in can be exploited by a malicious user... So, for the time being, if you'd like to diable the "Spider Watcher" plug-in (under the global_start hook location) you can do that and you'll be safe. Or you can either wait for the update or modify the code yourself. Here's the updated code for the plug-in: Code:
if (!$vbulletin->userinfo['userid']) { $ip_address_parts = explode(".", $_SERVER['REMOTE_ADDR']); $ip_address = $ip_address_parts[0] * pow(256,3) + $ip_address_parts[1] * pow(256,2) + $ip_address_parts[2] * pow(256,1) + $ip_address_parts[3] * pow(256,0); $write_bot = $db->query_first("INSERT INTO " . TABLE_PREFIX . "bots (bot, ip_address, page, timestamp) VALUES ('" . $vbulletin->db->escape_string(trim($_SERVER['HTTP_USER_AGENT'])) . "','" . $ip_address . "','" . THIS_SCRIPT . "', NOW())"); } |
#127
|
||||
|
||||
I looked at your online demo and I didn't see any mention of activity in the archive. Does this script not track spiders there?
|
#128
|
||||
|
||||
Version 1.0.0 Beta 4 is now available.
- Corrected potentional SQL injection issue in plug-in - Reduced the number of SQL queries required to display statistics - Corrected date/time display issue |
#129
|
|||
|
|||
Upgraded w/o issues.
|
#130
|
||||
|
||||
Quote:
Have the number of queries decreased for you? |
#131
|
|||
|
|||
|
Thread Tools | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|