IP Blocker for v1.5.x

**ShopVille** · 24 Apr 2017, 05:46 PM

Originally Posted by lat9

Why not just put the site into maintenance mode and then create "pin-holes" for your developer IPs?

Maintenance mode does not restrict access

**Design75** · 24 Apr 2017, 06:04 PM

Originally Posted by ShopVille

Maintenance mode does not restrict access

Yes it does, I do this all the time for my dev sites
Put your own IP in the exception box, and set show the side-box, header and footer values to false.

**jmberman** · 16 Feb 2018, 09:26 PM

The who's online replacement file breaks the who's online page.

The top bar breaks:

REFRESH LIST
Legend: Active cart Inactive cart Active no cart Inactive no cart
Inactive is Last Click >= 180s || Inactive since arrival > 540s will be removed Updating every 15 seconds. OFF 5 sec 15 sec 30 sec 1 min TEXT_WHOS_ONLINE_TIMER_FREQ5 TEXT_WHOS_ONLINE_TIMER_FREQ6 TEXT_WHOS_ONLINE_TIMER_FREQ7
Exclude Spiders? Yes No Exclude Admin IP Addresses? Yes No

Name: whos.jpg
Views: 224
Size: 33.8 KB

**lat9** · 17 Feb 2018, 01:51 PM

@jmberman, what version of Zen Cart? ... and what version of IP Blocker?

**jmberman** · 6 Apr 2018, 02:59 PM

Originally Posted by lat9

@jmberman, what version of Zen Cart? ... and what version of IP Blocker?

1.5.4 Cart
2.1.3 Blocker

**lat9** · 6 Apr 2018, 03:05 PM

It looks like you can solve the zc1.5.4 compatibility issue by editing /YOUR_ADMIN/whos_online.php, locating this code block

Code:

                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='0') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=0"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ0; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='5') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=5"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ1; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='15') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=15"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ2; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='30') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=30"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ3; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='60') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=60"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ4; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='300') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=300"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ5; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='600') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=600"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ6; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='840') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=840"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ7; ?></a>&nbsp;<br />

and changing it to

Code:

                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='0') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=0"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ0; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='5') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=5"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ1; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='15') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=15"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ2; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='30') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=30"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ3; ?></a>&nbsp;
                <a class="optionClick<?php echo ($_SESSION['wo_timeout']=='60') ? ' chosen' : ''; ?>" href="<?php echo $optURL;?>t=60"><?php echo TEXT_WHOS_ONLINE_TIMER_FREQ4; ?></a>&nbsp;<br />

I'll note the issue in the plugin's GitHub repository for corrective action.

**lat9** · 6 Apr 2018, 03:43 PM

In reviewing the changes, v2.1.3 should have been tagged as supporting Zen Cart 1.5.5 or later. v2.1.2 should be used for earlier versions of Zen Cart.

**hubert** · 9 Feb 2019, 08:38 PM

Hi Lat9,

As I was reviewing my website logs I discovered 588 files which are not supposed to be there. Looking into the files I found in each one a first line like this :

Code:

[17-Dec-2018 14:28:57 America/New_York] Request URI: /index.php?main_page=discount_coupon'A=0, IP address: 185.235.15.140
or
[17-Dec-2018 22:04:17 America/New_York] Request URI: /index.php?main_page=index'A=0&cPath=66, IP address: 35.236.99.80
or 
[18-Dec-2018 23:59:31 America/New_York] Request URI: /index.php?main_page=site_map'[0], IP address: 173.44.37.114
or 
[21-Dec-2018 23:58:14 America/New_York] Request URI: /index.php?cPath=70_126&main_page=index2121121121212.1, IP address: 47.91.241.128
[21-Dec-2018 23:58:17 America/New_York] Request URI: /index.php?cPath=70_126&main_page=index%20and%201%3E1, IP address: 47.91.241.128
or even 
[30-Dec-2018 12:31:27 America/New_York] Request URI: /index.php?main_page=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&cPath=90, IP address: 14.185.32.246

All these are attempts to break in the host using zen-cart and php, especially the last one which tries to get the /etc/passwd file.

Fortunately zen-cart didn't answer these attempts but the repeated requests did put the machine on knees.

As I have fail2ban installed, I looked why fail2ban didn't deal with these.
The answer is because fail2ban doesn't know anything about zen-cart log files.
So that fail2ban manages these attempts I have to make a fail2ban configuration file, where I tell it which log file to monitor and , using a regex, how to identify bad attempts and get the ip.
With these infos, fail2ban jails the IP for a delay. Means it add the ip to the deny list of either ufw or iptables (linux firewalls).

So... I was thinking... Would it be difficult to mimic the fail2ban behaviour, i.e. monitor zen-cart log files and when a attempt is done add the IP to the block list ?

That's just a suggestion. As I have fail2ban, I will try to make a configuration file for it, but not everybody has access to this kind of tool, especially if the website is on a shared host.

thanks for reading.

Hub
P.S. : if you need my 588 log files with all kind of attempts, just tell me.

**lat9** · 10 Feb 2019, 02:09 PM

Those same invalid accesses that are being reported by Zen Cart via debug-logs are also captured in your site's Apache logs which, from my quick read of fail2ban, is what that module looks at for its processing.

**torvista** · 14 Jul 2019, 10:13 AM

So, after installing this mod, I blocked my own address to test it, and it didn't block it. What bit am I missing?

Thread: IP Blocker for v1.5.x

Thread Tools

Search Thread

Display

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Re: IP Blocker 1.5.1

Similar Threads

v139h Pop up blocker blocking new window

v139g ip blocker mod problem

IP Blocker for Admin side?

Bookmarks

Bookmarks

Posting Permissions