Support Forums - All Posts - XOOPS Web Application System

41

Re: 2.3.2 "Taking you back where you were" when trying to update in admin

2010/5/14 0:56
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

I have the same problem with 2.4.4. The solution posted here doesn't work. I also can't update modules, etc. PHP 5.2.13 MySql 5.1.45. I have been seeing problems with administration for awhile on this site though. 2.4.4 doesn't seem very stable to me at all.

Magick can never be restrained, but when freely given is thrice regained!

42

"Santa" brought kiddie porn spammers

2009/12/25 19:33
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

Well, I have been getting these teen rape porn/kiddie porn/mature porn spammers on my XOOPS sites. BEFORE they were signing up with emails from the domain stupro.net.... Now they are using gmail. They sign up on XOOPS sites and then wait. Eventually they post their URLS. Now it seems they find an XOOPS site, sign up, if they don't get deleted they post their nasty urls on their profiles. Then they sign up on OTHER XOOPS sites and use their profile URL on the other site as their homepage. They are tricky. I found 15 from stupro.net in my member list and a couple from gmail this morning.

Just thought I would give you all a heads up. Keep an eye out for them. People like that can ruin the reputation of your sites. Plus, most people don't need posts like that, especially if you're running a child-friendly community site.

Blessed Holidays!

43

RSSFIT ... Available?

2009/12/24 4:02
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

Is there anywhere to download the updated rssfit module now that instant-zero.com shut down?

Hervé, if you read this, was it really necessary to shut down the site after working so hard to update all the community modules? I personally don't like some of the new personalities on xoops.org these days either, but really... There are still many many people who have built their sites around your modules. Does it really hurt to keep the downloads online?

Thanks,
Mark

44

Re: Property Reports Module?

2009/12/21 2:17
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

The only thing I see that comes close is the PM module. I wonder if it could be cloned and re-vamped slightly to work....? I will try.

45

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

2009/12/16 15:27
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

Also, it takes a complete re-write to get this IP trap to work for the contact form module. (I just tested it and changed things around until it worked.)

However, Recaptcha doesn't work for me and when it came to those registrations on my live site this DID stop them. Blocked quite a few IPs so they were obviously scanning some of those directories.

I thought it might be useful to people with the same problem.

PLUS the bots that bypassed my captcha and registered over and over actually logged in and posted a single porn spam comment on a news story each time they registered. According to the "observed patterns" above it doesn't do anything besides register and attempt login.

46

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

2009/12/16 14:43
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

Sorry, have been up all night.... I also put that same line in register.php

require_once XOOPS_ROOT_PATH.'/includes/secret.php';

The same place I put it in index.php. I think THAT is what stopped the bot registrations. I did all this 2 weeks ago and I had to go back over it all this morning to remember how I made it work.

Originally I had that line in header.php but for some reason you could still view the site after getting banned. This way it blocks bots from the XOOPS directories that only bots would scan, the main site page and registration page. I imagine adding that line to the index.php in the contact module would do the same thing. Once a bot does it's scan it can no longer access your registration, main page or contact form. GOOD bots will exclude the disallow folders so it only catches those bad bots.

I may work more on the whole thing later, but like I said.... for now it stopped those pesky automatic registrations that were somehow making it past the captchas.

47

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

2009/12/16 14:22
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

To see what happens when a bot scans your XOOPS directories click here:

http://earthcrest.org/unitedpagans/modules

NOTE: Clicking that link will ban you from my test site. (There's nothing happening there right now anyway.)

48

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

2009/12/16 14:12
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

OOPS!!! I forgot. I had to change that line of code in the instructions to:
require XOOPS_ROOT_PATH.'/includes/secret.php';

I put it right in the main index.php XOOPS file after the line:
include "mainfile.php";

For OSC the line looked like this: require(DIR_WS_INCLUDES . 'secret.php');

ALSO make sure you edit the index.php in the personal folder with your own URL before using it to replace the index.html files.

49

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

2009/12/16 13:32
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

I solved my bots problem!!! What I did was integrate the IP trap I found for OSCommerce here:http://www.linuxuk.co.uk/ip-trap-p-30.html?osCsid=243b86d01d2ef456f3594bd4f70c1686

I replaced the default index.html file in most of my folders and system folders with the index.php file that comes in the IP trap "personal" folder, and did the same in all of my directories listed in robots.txt, added the directories and files in the IP trap robots.txt to the bottom of my existing XOOPS robots.txt, edited the IP trap .php files included to match my XOOPS site and then added one line to index.php and register.php that the INSTRUCTIONS included with IP trap state that you should add to application_top.php in OSCommerce.

I also added my own server IP to the whitelist file. (Not sure if it was important but I did it anyway.)

Pretty much you can just follow the installation instructions and just take the few extra steps I took and it will work.

I haven't had a single bot problem since I did this. It automatically bans bots from the site. I'm sure someone could re-release this with custom instructions for Xoops.... I haven't had a single problem with it, and it hasn't caused any module problems so far. It just bans bots scanning your XOOPS directories.

50

Re: Property Reports Module?

2009/12/15 14:29
preachur
Just can't stay away
Posts: 525
Since: 2006/2/4 4

Yes, but would that work just for the USER and WEBMASTER to view it? I mean, this would have to be private so no-one but the 1 user and webmaster could see it....

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

Re: 2.3.2 "Taking you back where you were" when trying to update in admin

"Santa" brought kiddie porn spammers

RSSFIT ... Available?

Re: Property Reports Module?

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

Re: Mass user registrations.... bots perhaps? Anyone else getting these?

Re: Property Reports Module?

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}