11
ghia
Re: Protector... what on earth does it all mean?
  • 2008/10/6 13:39

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Depending on which type of computer used, they may have a variable IP address. So banning one single IP is mosttimes futile. If you can afford it (no users of interest from there), look up the IP with whois and ban the complete net from within Apache with .htaccess.
This way XOOPS and Protector will no longer be bothered with such requests from there.

12
Peekay
Re: Protector... what on earth does it all mean?
  • 2008/10/6 21:04

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


Thx for that advice Ghia. As long as Protector is intercepting these requests I'll leave the IPs alone.

Interesting stuff (in a slightly scary kind of way!).
A thread is for life. Not just for Christmas.

13
Peekay
Re: Protector... what on earth does it all mean?
  • 2008/10/29 19:50

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


A few more new ones:

Type=Null Byte:

Injecting Null-byte 'http://ondemand.orf.at/zib/images/bg.jpg ' found.


Apologies to the domain owner if that is a false positive. Still trying to figure this out.
A thread is for life. Not just for Christmas.

14
ghia
Re: Protector... what on earth does it all mean?
  • 2008/10/29 20:55

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


This is also a type of SQL exploit.

You should realy start to block some IP's. If your site gets hammered, it might crack. Disabling IP's reduces the risk. And besides why should you pay their unwanted traffic?

Quote:
Apologies to the domain owner if that is a false positive.
He's probably been hacked and part of a botnet.


15
korafa
Re: Protector... what on earth does it all mean?
  • 2009/5/27 17:18

  • korafa

  • Just popping in

  • Posts: 16

  • Since: 2008/8/12


ok, I am having issues installing Protector 3.2 and defining my trusted path

here is a snippet from my mainfile.php

// XOOPS Physical Path // Physical path to your main XOOPS directory WITHOUT trailing slash // Example: define('XOOPS_ROOT_PATH', '/XXX/XXX/XXX/XXX/family');
define('XOOPS_ROOT_PATH', '/XXX/XXX/XXX/XXX/family');
define('XOOPS_TRUST_PATH', '/XXX/XXX/XXX/XXX/family/xoops_trust_path');

I know it is listed in the same directory as my Xoops_Root, but I want to get it to work first, and then I will move and rename it

Each time I go to install the module, I see this: set XOOPS_TRUST_PATH into mainfile.php
on the module Admin screen and the module is not listed to install.

I have uploaded both folders to the appropriate directories, but can't seem to get the trusted path to be recognized or working. I have also edited the mainfile.php for the pre & post check.

My XOOPS version is 2.0 (will uprade once I get my modules installed) or should I be upgrading the core first?

Thanks for any help!

16
korafa
Re: Protector... what on earth does it all mean?
  • 2009/5/27 17:32

  • korafa

  • Just popping in

  • Posts: 16

  • Since: 2008/8/12


Never mind, it was a file permission issue. I just noticed that it was not letting me update the file with the changes on my remote server. All is good :)

17
Peekay
Re: Protector... what on earth does it all mean?
  • 2009/8/13 21:09

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


Er.. I tried posting a couple of new ones, but the newer version of Protector on XO is obviously searching inside CODE tags too... so I got my IP banned!

Better safe than sorry I suppose, but it would have been nice to show the code.

Login

Who's Online

331 user(s) are online (266 user(s) are browsing Support Forums)


Members: 0


Guests: 331


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits