Printable View
zc158;PHP8.1
Access blocker is almost like a miracle cure by keeping all the p-o-r-n pedlars etc out. Use of the Contact Us pages are logged when a user is blocked.
In the filters I have included tor servers and tor exits etc.
Is it possible to also log when the Create Account and the Login pages are blocked. This would allow identification of 'real' potential customers who are using anonymous VPNs (eg Avast) which use the tor network.
On every path that the Access Blocker observer takes when it detects that an access is blocked (for whatever reason), the blocking condition is logged.Quote:
Originally Posted by OldNGrey
Whoops! Sorry, you are correct of course, my mistake. I missed the one valid customer on a VPN trying to create an account, among all the other blocked entries.Quote:
Originally Posted by lat9
v1.5.1 of the Access Blocker is now available for download: https://www.zen-cart.com/downloads.php?do=file&id=2237.
This release contains changes associated with the following GitHub issues:
#15: Ensure that all class properties are predefined, required for PHP 8.2.
#16: Account for "rolling" session IP addresses.
#17: organization property no longer returned, now in company->name and/or asn->name.
v1.5.2 of Access Blocker is now available for download: https://www.zen-cart.com/downloads.php?do=file&id=2237.
This release contains corrections associated with the following GitHub issues:
#19: Don't send ipdata.co requests for internal IP addresses.
#20: Add commentary to blocked_accesses.php, identifying its purpose and how to use.
#21: Don't block cron-jobs when Totally restrict access on threats is active.
#22: Enable whitelisted IP addresses to regain access after having been found to be a threat.
Thanks lat9! Have a guess as to what kind of percentage reduction on hits to ipdata.co this made? If its significant I may need to try this again.
No clue as to the percentage reduction.Quote:
Originally Posted by gothstone
Curious, when I get anon emails like the one below, is it a good practice to add the IP (24.186.216.227) to the blocker or is it possible the IP is spoofed and I could be blocking potential customers?
Quote:
From: Augustntq
Mail: ataylorrubottom######################
Telephone: 86377851622
------------------------------------------------------
secular brotherhoods of scribes.
------------------------------------------------------
Office Use Only:
From: Augustntq
Mail: ataylorrubottom######################
Login Name: Not logged in
Login Email: Not logged in
Telephone: Not logged in
IP Address: 24.186.216.227 - 24.186.216.227
Host Address: ool-18bad8e3.dyn.optonline.net
Date and Time: Wed Sep 18 2024 17:41:40 UTC
If you're uncertain about the IP address, you could always add more keywords to the contact-us blocking setting.
ZC158a PHP8.2.20 Access Blocker 1.52 (AB) in production
The access blocker plugin was working perfectly with the last entry being on 28 Oct 3:57AM GMT. Since then it has stopped blocking.
I have the same code running on zc158a in test on my inhouse test machine and it is good. The same is running on zc210 test with PHP8.3.4 and AbuseIPDB with results as expected.
I have deleted all relevant AB files from my production server and uploaded fresh files from the latest GitHub version. Deleted all message keywords, email addresses and started from the beginning but it still is not working.
Would you have any insight of where else to start looking?