The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Check Proxy RBL on New User Registration. Details »» | |||||||||||||||||||||||||||
Check Proxy RBL on New User Registration.
Developer Last Online: Jul 2014
Check Proxy RBL on New User Registration Version 4.1
Version 4.1 includes remains unchanged from version 4.0 with the exception of a code fix to deal with an SQL injection security hole in the code. What does this hack do? Hooking in at register_addmember_process and register_addmember_complete this hack compares the IP address of the person registering with the Realtime Block List(s) of your choice. Based on your configuration the RBL Checker will then perform one of these actions:
These options are configurable in AdminCP > Options > DM-RBL Check on Registration. Why Block Proxies? Banned and Spammers users often get around IP bans by simply using an open proxy - of which there are thousands - to get around the IP ban. Very few legitimate users slow their surfing by using an anonymous proxy. How do you Install?
What is the default config? By default the RBLChecker will check the IP of a new registration, allow registration to complete, but add the new user to the "COPPA Members Awaiting Moderation" usergroup. You can then approve/reject those members depending on whether you think they are/aren't spammers/trolls. You can modify the settings in the AdminCP to Ban or Block as you like. Hack History: Version 4.1 - Fixed SQL Injection security hole. - Fixed some minor typos in automatically generated messages. Version 4.0 - Added ability to specify error reported on blocks. - Added ability to specify ban reason and custom title. - Added ability to move users to "pending moderation" group if registration is allowed. - Updated list of RBLs checked based on testing with lists of "anonymous" proxies. - Fixed IP address of Notification Posts equalling IP of blocked user. (Now Notification IP = 1.2.3.4) Version 3.2 - Fixed typo causing blocked registrations to be reported as allowed. Version 3.1 - change in variable name in v3.0 broke RBL checking. Corrected error. - match notification now includes the name of the RBL that matches the IP. Version 3.0 - plugin now fires at "register_addmember_process" allowing the user to completely fill in the form. - Added the ability to specify more than one RBL. - Added option to specify whether registration is blocked or allowed to complete. - Added option to automatically ban registrations that are allowed to complete but have a positive IP match. - Added option to specify user who is "notifier". - Added option to specify a forum where a notification thread will be created. - Added option to supress notification PM / Thread when an IP matches blacklist or known proxy list. - Added customized error codes for notifications - notification now indicates whether a registration IP has matched the RBL, blacklist, or predefined list of anonymizers. - Reworded Phrases. - Removed 10.x.x.x IP from known proxy/anonymizer list. version 2.0 - Added configuration options under vboptions > DM-RBL Check on Registration. - Added PM on Block. - Added option to select RBL. - Added Custom Whitelist. - Added Custom Blacklist. - Added list of free proxies. - Changed default RBL to sbl-xbl.spamhaus.org - Added option to enable/disable checking. version 1.0 - added plugin to check against opm.tornevall.org - added custom phrase to be reported as error on registration start. Using this Hack? If you install this hack please click "Installed" to receive updates. If you find this hack useful you can always hit that paypal button too... Supporters / CoAuthors Show Your Support
|
Comments |
#162
|
|||
|
|||
Ok, I had to entirely uninstall this script. It said that it had a positive match on a user's IP address that attempted to register. WROOOOOOOOONG... the IP address resolves to a local ISP here in Detroit, MI. Crazy!
|
#163
|
||||
|
||||
So?
Could that user be an open proxy or maybe one has been run before at that IP? Did you goto Sh and look up the IP and seen what it said? |
#164
|
|||
|
|||
I went to ws.arin.net and it resolves to WideOpenWest's IP address range.
|
#165
|
|||
|
|||
What's the IP?
|
#166
|
|||
|
|||
69.14.74.25
|
#167
|
|||
|
|||
Can the IP Black list block a range of IPs such as 120.45.*.*?
|
#168
|
|||
|
|||
Good question, I was about to ask the same thing. Most of my registrations are inside Switzerland, and I was getting a couple of addresses inside dynamic ranges blocked by list.dsbl.org
Quote:
Top marks on a excellent mod by the way! |
#169
|
|||
|
|||
Here's some unsupported and untested code that can be used to modify the current version of Proxy RBL mod (4.0) to work together with GLA (Geographic Location Awareness). This allows you to specify an additional whitelist or blacklist based on the country where the user has registered from. In my case I seem to have quite a few Swiss IP addresses listed, but most of my registrations are from Switzerland. Therefore I simply whitelist Switzerland. You can also use this so users from a certain country are always matched, regardless of whether their IP address is listed in a certain blacklist.
I haven't made a fancy user interface for this, because this is not my mod. My code is posted freely here for Daniel to consider implementing as standard. Please remember that unless you have installed and tested GLA first and it is working (details on the GLA thread), then this code won't work. Right let's get started: Go into the AdminCP -> Plugins and Products -> Plugin Manager -> DMeNTED's RBL Checker -> Check IP against RBLs/IPs. Click the large edit box and locate this code: Code:
if ($DM_rblcheck_result == $DM_rblcheck_srvmask) { // ********************** NOTIFICATIONS ********************** Code:
// Modification to incorporate country checks into RBL checker. This will only work if GLA is already installed, tested and working // Obtain GLA here: https://vborg.vbsupport.ru/showthread.php?t=151601 if (isset($vbulletin->session->vars['country'])) { // Country blacklist - enter a list of countries which are exempted from the RBL checker (use valid *lower case* ISO 2 letter codes only!) // See http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 for list of codes // example: $whitelist = array('gb', 'fr', 'it'); $whitelist = array(); if (in_array($vbulletin->session->vars['country_iso2'], $whitelist)) { // We have a match on the whitelist, bail out of the entire plugin, but reset the variables first. $DM_rblcheck_result = null; return; } // Same as above example for whitelist. People from these countries will be flagged as positive matches, regardless of the RBL status. // Think carefully before using the blacklist - it is generally not recommended to ban entire countries $blacklist = array(); if (in_array($vbulletin->session->vars['country_iso2'], $blacklist)) { // We have a match on the blacklist, set the variables and continue $DM_rblcheck_result = $DM_rblcheck_srvmask; $DM_rblcheck_errcode = "Matched a blacklisted country: " . $vbulletin->session->vars['country']; } } Now to add the country name into your reports find this line: Code:
$DM_rblcheck_errcode = "MATCHED IN THE RBL DATABASE of the " . $DM_rblcheck_rblserv . " RBL."; Code:
$DM_rblcheck_errcode = "USER FROM: $vbulletin->session->vars['country'] MATCHED IN THE RBL DATABASE of the " . $DM_rblcheck_rblserv . " RBL."; It might be useful to duplicate sections of code in both plugins so that blocking is done in the Check IP against RBLs/IPs plugin and notifications are done in Auto-Ban or Flag for Moderation plugin. This would avoid all the unnecessary notifications for bots that never succeed in registering anyway. Remember, just to repeat myself again (I know some people have trouble reading instructions sometimes). Do not ask for support for GLA on this thread - install it and if it doesn't work go through every post on the GLA thread as there are steps for verifying it on that thread. |
#170
|
|||
|
|||
Quote:
Thanks -vissa |
#171
|
|||
|
|||
Hey everyone - I apologize for the extended absence. I am back and plan on redesigning the hack with even more features.
Right now the list includes: - Ability for blocked registrations to send a message to admins in case they feel there is an error. - Ability for admins to whitelist IPs from the automatic posts/PMs. - Ability to blacklist or whitelist using a mask - #.*.*.* - Ability to ban + blacklist IP from any post for spammers that sneak through. I'm also toying with the idea of keeping a central RBL that the RBL checker reports to on positive or manual hits... |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|