3
In the end i found a old phpbb ban cookie addon and patched it into protector:
Heres how I did it:
Protector Trust Path/include/pre_check.php
function protector_prepare()
{
// FIND //
// check the access is from install/index.php
if( defined( '_INSTALL_CHARSET' ) ) die( 'To use installer, remove protector's lines from mainfile.php first.' ) ;
// Protector class
require_once dirname(dirname(__FILE__)).'/class/protector.php' ;
// add Below //
if (isset($_COOKIE["xoops_banned"]))
{
// Set the banned cookie for a year, reset it every time the user visits. (Thanks to Merlin Sythove)
setcookie( "xoops_banned", true, time() + (365 * 24 * 3600), "/", "yourdomainname.co.uk", "0" );
die('You are banned');
}
// FIND//
// bad_ips
$bad_ips = Protector::get_bad_ips() ;
foreach( $bad_ips as $bad_ip ) {
if( $bad_ip && substr( @$_SERVER['REMOTE_ADDR'] , 0 , strlen( $bad_ip ) ) == $bad_ip ) {
// ADD line// setcookie( "xoops_banned", true, time() + (365 * 24 * 3600), "/", "yourdomainname.co.uk", "0" );
die( 'You are registered as BAD_IP by Protector.' ) ;
}
}
I advise you change the cookie name "xoops_banned" to match your site's name or somthing.
Obviously this wont stop the advance moron, but stop morons with dynamic ip's for long enough they will give up.
Hopefully someone will make a account banning system so when a banned user trys to log into his account, he is automatically banned by a cookie or IP
