X-Cart forums

[mltriebe]

Yeah, I finally got 1 blocked but that suprises me because there was almost always one of these attmpts going on when I would look at the users online.

Works great though i have yet to see one since adding the mod.

Thanks, Mike

[DreamCatcher]

It seems a bit of a waste of power to do all the blocking individually and not turn this into a shared blacklist. I am sure a lot of the people hitting one of us will end up hitting more of us from scanning. If shop owners opted into allowing their servers to report back to a central server the distributed list would be pretty awesome. Then again I know some people do not like the idea of someone else having control over who has access to their site...

Very cool mod though thanks for sharing.


-Todd

[intel352]

After XC SEO Pro is completed, I'm contemplating developing a security module, similar to NukeSentinel for PHP-Nuke (dunno if NukeSentinel is still in development, but it was popular years ago). Idea is to support central banlists, etc, and provide more protection against hackers

[carlisleglass]

Jon does it again !!! Thank you for another great Mod !

[Asiaplay]

True - a great solution to hassles and security that is happening right now - thanks..
.
I also know your new SEO module will also go well... as it just makes sense, goes that extra step and answers SEO needs - cheers and all the best, Asiaplay

[Monarch1]

Excellent mod!!! It works great. I'm so happy, I ban myself by entering hack attempts, just for the fun of it. Thank you helping me sleep better now knowing the site site is better protected.

[homeworldz]

PATCH RESULTS
File admin/stop_list.php successfully patched
PATCH FAILED AT FILE: auth.php, see PATCH LOG for details.

PATCH LOG Patching file /homepages/28/d235556179/htdocs/xcart/admin/stop_list.php ...
Hunk #1 succeeded at 146.
done
Patching file /homepages/28/d235556179/htdocs/xcart/auth.php ...
Hunk #1 failed at 43.
1 out of 1 hunks ignored--saving rejects to /homepages/28/d235556179/htdocs/xcart/var/upgrade/auth.php.rej
done


Warning!
The following files could not be patched with automated upgrade system. This may be because these files were changed from their original state. Those files needs to be patched manually or restored from backup.

[intel352]

your auth.php file has been modified to the point that the patch I provided can't alter it. you'd have to apply the patch manually

[homeworldz]

I thought it was something like that..

From looking at the patch file I wouldnt know how to break it down and where to put the bits of code in the page.

Quote:

Index: auth.php
================================================== =================
--- auth.php (revision 259)
+++ auth.php (working copy)
@@ -43,6 +43,30 @@

include_once $xcart_dir."/init.php";

+##
+## Added for security purposes!
+##
+$stop_user = false;
+$_qs = explode('&',$_SERVER['QUERY_STRING']);
+if($_qs) {
+ foreach($_qs AS $v) {
+ if(strpos($v, 'http://')!==false) {
+ if(!empty($active_modules["Stop_List"])) {
+ func_add_ip_to_slist($REMOTE_ADDR, 'H');
+ }
+ $stop_user = true;
+ }
+ }
+}
+if(!$stop_user && !empty($active_modules["Stop_List"])) {
+ if($stop_list = func_query("SELECT * FROM $sql_tbl[stop_list] WHERE ip LIKE '$REMOTE_ADDR' AND reason = 'H'")) {
+ $stop_user = true;
+ }
+}
+if($stop_user) {
+ die('<h2>You have been banned for illegal activity.</h2><br /><br />If you feel this is in error, please contact ' . $config['Company']['site_administrator']);
+}
+
$current_area="C";

x_load('files');

[intel352]

The way to manually apply a patch, is look for lines without the + or - in front, such as

Quote:

include_once $xcart_dir."/init.php";

and

Quote:

$current_area="C";

x_load('files');

That tells you where to start editing. Then notice that between those already existing lines, you need to add all lines with a + (and if there's ever a -, you remove that line).