Results 1 to 10 of 132

Hybrid View

  1. #1
    Join Date
    Sep 2005
    Location
    Austria
    Posts
    104
    Plugin Contributions
    6

    Default Re: AbuseIPDB Integration module

    Thanks for this great plugin, nice work!

    Is there a reason why you redirect blocked IPs to the page_not_found page? I think a 410 redirect would be more suitable.

    I have changed in includes/classes/observers/class.abuseipdb_observer.php the three instances of:
    Code:
    header('Location: /index.php?main_page=page_not_found');
                    exit();
    to:
    Code:
    header('HTTP/1.0 410 Gone');
                    zen_exit();
    @johnjlarge
    could be a fix for your headers already sent issue as well

  2. #2
    Join Date
    Oct 2007
    Location
    Cornwall/Amsterdam
    Posts
    61
    Plugin Contributions
    0

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by webchills View Post
    Thanks for this great plugin, nice work!

    Is there a reason why you redirect blocked IPs to the page_not_found page? I think a 410 redirect would be more suitable.

    I have changed in includes/classes/observers/class.abuseipdb_observer.php the three instances of:
    Code:
    header('Location: /index.php?main_page=page_not_found');
                    exit();
    to:
    Code:
    header('HTTP/1.0 410 Gone');
                    zen_exit();
    @johnjlarge
    could be a fix for your headers already sent issue as well
    Just tried with these changes, still no go for me. Still getting the headers already sent error.

  3. #3
    Join Date
    Oct 2007
    Location
    Cornwall/Amsterdam
    Posts
    61
    Plugin Contributions
    0

    Default Re: AbuseIPDB Integration module

    So, I've found a way around this which works, are there any issues to doing it this way?

    In the index.php file at the root of zen cart, adding the block code before allowing html_header.php to load makes the code work. Will this give me any issues downstream in the code flow?

    Around line 40 of index.php I've added the code here

    Code:
     
    
    /**
     * We now load header code for a given page. 
     * Page code is stored in includes/modules/pages/PAGE_NAME/directory 
     * 'header_php.php' files in that directory are loaded now.
     */
        require($code_page_directory . '/' . $value);
      }
    /**
     * We now load the html_header.php file. This file contains code that would appear within the HTML <head></head> code 
     * it is overridable on a template and page basis. 
     * In that a custom template can define its own common/html_header.php file 
     */
     // bof modification AbuseIPDB
    if (ABUSEIPDB_ENABLED) {
    $GLOBALS['zco_notifier']->notify('NOTIFY_HEADER_START');
    }
    // eof modification AbuseIPDB
      require($template->get_template_dir('html_header.php',DIR_WS_TEMPLATE, $current_page_base,'common'). '/html_header.php');
    /**
     * Define Template Variables picked up from includes/main_template_vars.php unless a file exists in the
     * includes/pages/{page_name}/directory to overide. Allowing different pages to have different overall
     * templates.
     */

  4. #4
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by johnjlarge View Post
    So, I've found a way around this which works, are there any issues to doing it this way?

    In the index.php file at the root of zen cart, adding the block code before allowing html_header.php to load makes the code work. Will this give me any issues downstream in the code flow?

    Around line 40 of index.php I've added the code here

    Code:
     
    
    /**
     * We now load header code for a given page. 
     * Page code is stored in includes/modules/pages/PAGE_NAME/directory 
     * 'header_php.php' files in that directory are loaded now.
     */
        require($code_page_directory . '/' . $value);
      }
    /**
     * We now load the html_header.php file. This file contains code that would appear within the HTML <head></head> code 
     * it is overridable on a template and page basis. 
     * In that a custom template can define its own common/html_header.php file 
     */
     // bof modification AbuseIPDB
    if (ABUSEIPDB_ENABLED) {
    $GLOBALS['zco_notifier']->notify('NOTIFY_HEADER_START');
    }
    // eof modification AbuseIPDB
      require($template->get_template_dir('html_header.php',DIR_WS_TEMPLATE, $current_page_base,'common'). '/html_header.php');
    /**
     * Define Template Variables picked up from includes/main_template_vars.php unless a file exists in the
     * includes/pages/{page_name}/directory to overide. Allowing different pages to have different overall
     * templates.
     */

    That is fine for the index page however if one enters on a different page your not protected, that is why it is added to the tpl_header.php page since that will load on every page no matter the entry point.

  5. #5
    Join Date
    Oct 2007
    Location
    Cornwall/Amsterdam
    Posts
    61
    Plugin Contributions
    0

    Default Re: AbuseIPDB Integration module

    Hi @marcopolo

    I've just tested it, setting my own IP as the test mode IP & can confirm it works on subpages. As far as I'm aware the index.php always fires, then loads in templates, includes etc. It may be a more elegant way to load it, as the block will launch with minimal code being loaded, possibly reducing server load in the process. I chose index.php as according to the program flow in documentation it's the top level page which everything else loads from. With this being a blocking script, it would make sense to expose as little code/server resources as possible.

    Program flow docs https://docs.zen-cart.com/dev/code/program_flow/

    I also set the redirect as a 403 forbidden error as this seemed more appropriate for my usage.

    Code:
    // Redirect to the 404 page
                header('HTTP/1.0 403 Forbidden');
                zen_exit();

  6. #6
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by johnjlarge View Post
    Hi @marcopolo

    I've just tested it, setting my own IP as the test mode IP & can confirm it works on subpages. As far as I'm aware the index.php always fires, then loads in templates, includes etc. It may be a more elegant way to load it, as the block will launch with minimal code being loaded, possibly reducing server load in the process. I chose index.php as according to the program flow in documentation it's the top level page which everything else loads from. With this being a blocking script, it would make sense to expose as little code/server resources as possible.

    Program flow docs https://docs.zen-cart.com/dev/code/program_flow/

    I also set the redirect as a 403 forbidden error as this seemed more appropriate for my usage.

    Code:
    // Redirect to the 404 page
                header('HTTP/1.0 403 Forbidden');
                zen_exit();
    Your perfectly fine then, apologies for the oversight regarding the index page. I wasn't aware that it loaded on every page. I use one of those SEO page optimizers that rename all my pages to .html pages so I never see the zencart page names. To regards to optimizing server load, the best solution would be to load it from the index page outlined within the flow documentation as you pointed out. A blocked IP, I assume they would just receive a blank page with no content loading from your site?

  7. #7
    Join Date
    Oct 2007
    Location
    Cornwall/Amsterdam
    Posts
    61
    Plugin Contributions
    0

    Default Re: AbuseIPDB Integration module

    That's exactly it. A completely blank page with (in my case) a 403 response. I guess you could set a custom static 403 page via .htaccess to inform the user that their IP is blocked. I couldn't find what was throwing the headers already sent error when using your plugin, so I just worked backwards from the program flow documentation and added the check IP code as early as possible in the code base.

  8. #8
    Join Date
    May 2008
    Location
    United States
    Posts
    490
    Plugin Contributions
    1

    Default Re: AbuseIPDB Integration module

    Quote Originally Posted by webchills View Post
    Thanks for this great plugin, nice work!

    Is there a reason why you redirect blocked IPs to the page_not_found page? I think a 410 redirect would be more suitable.

    I have changed in includes/classes/observers/class.abuseipdb_observer.php the three instances of:
    Code:
    header('Location: /index.php?main_page=page_not_found');
                    exit();
    to:
    Code:
    header('HTTP/1.0 410 Gone');
                    zen_exit();
    @johnjlarge
    could be a fix for your headers already sent issue as well

    Thank you glad you like it!

    In regards to the redirect page I guess I thought giving it no information was better but maybe 410 option is better since it would indicate that the content is permanently gone and discourage further access attempts from the abusive IP addresses. It can also help search engines quickly remove the content from their indexes.
    Last edited by marcopolo; 24 May 2023 at 08:25 PM.

 

 

Similar Threads

  1. AbuseIPDB integration?
    By marcopolo in forum General Questions
    Replies: 3
    Last Post: 4 May 2022, 06:31 PM
  2. v155 Full Ebay Integration Module
    By Wilkesy in forum All Other Contributions/Addons
    Replies: 9
    Last Post: 19 Jun 2020, 03:29 AM
  3. v156 PayCertify Payment Integration Module
    By PayCertify in forum Addon Payment Modules
    Replies: 1
    Last Post: 1 May 2019, 11:29 PM
  4. Mailchimp Module Integration
    By hamid380 in forum Addon Sideboxes
    Replies: 5
    Last Post: 7 Sep 2011, 01:11 PM
  5. Custom Shipping Module Integration
    By youderian in forum Built-in Shipping and Payment Modules
    Replies: 0
    Last Post: 22 Dec 2008, 05:59 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg