#1 2008-12-19 11:31 pm

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Is this possible on a Windows server?

Sorry if this has been asked before, but is this possible with a windows server? I ask this because I couldnt find an .htaccess file...

I'm not real adept at forums and scripts and things yet. But I need a script that blocks IPs from people who don't register, because I have a section of my forum which allows guests to submit internet scams to. And I have recently been getting spammed by disgusting stuff like anumal porn. Althought I have it moderated, I would much like it that I don't have to do that everyday.

I do have a plugin which allows me to see the IPs of people who are submitting, which helps me search teh Ips out, and the ones I have suspected are coming up in google as forum spammers.

Is it possible?

Thanks a lot

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

It certainly is possible, yes. Just use the following;

// BEGIN SPAM MOD
$sVisitorIP = $_SERVER['REMOTE_ADDR'];
$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spammers_plain.php?&ip='.$sVisitorIP);
if (strpos($fspamcheck, 'TRUE') !==False) {
    // Notify admin via e-mail
    $blockedby = str_replace(' TRUE', '', $fspamcheck);
    $blockedby = str_replace(' ', ' & ', $blockedby);
    $msg = 'The following was blocked by the '.$blockedby.' filter<br><br>IP: '.$sVisitorIP;
    $to = "your@email.addr"; 
    $subject = "Spammer blocked by hpHosts Spam filter"; 
    $headers =    "MIME-Versin: 1.0\r\n" . 
    "Content-type: text/html; charset=ISO-8859-1; format=flowed\r\n" . 
    "Content-Transfer-Encoding: 8bit\r\n" . 
    "From: " . $from . "\r\n" . 
    "X-Mailer: hpHosts Spam Filter"; 
    mail($to, $subject, $msg, $headers);
    // Notify user
    return 'Your access has been blocked by our <a href="http://temerc.com/Check_Spammers/">spam filter</a>. Please either try again or contact an administrator';
    die();
}
// END SPAM MOD

This is a slimmed down version of the code used for the forum/WordPress mods;

http://temerc.com/forums/viewforum.php?f=71

Last edited by MysteryFCM (2008-12-19 11:38 pm)

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

Oh thanks for the fast reply, I appreciate it.

Could you please tell me what I do with that code if that's not too much trouble.

Thanks

PS: Oh, I think I forgot to mention Im using vBulletin 3.6.8

Last edited by ScamWatch (2008-12-20 12:42 am)

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

I'm not familiar with vBulletin (give me some time and I'll check it out though hehe), but it should simply be a case of inserting it at the top of the header file

/edit

Grr .... seems I can't download vBulletin

Last edited by MysteryFCM (2008-12-20 12:50 am)

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

can I provide you with the header details of a specific file?

EDIT: Ahh, you mean at the top of the header file of my "guest submit a scam here" section? I think thats something like threadbits or something, if thats the case.

Last edited by ScamWatch (2008-12-20 12:53 am)

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

Looking at the vBulletin manual, you should be able to place the code at the bottom of config.php (just above the closing ?> tag)

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

It seems there is no such tag in the config.php file.

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

Thats oks (though unusual for a PHP file), you should still be able to put it at the bottom of the file.

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

This is what's at the bottom..

It's funny tough, there is an open tag at the top <?php

// Image Processing Options
    // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| #
|| # CVS: $RCSfile$ - $Revision: 16258 $
|| ####################################################################
\*======================================================================*/

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

I put it at the bottom, and I get this error on my forum now.

Warning: file_get_contents() [function.file-get-contents]: URL file-access is disabled in the server configuration in C:\Domains\only-the-truth.com\wwwroot\ScamWatch\includes\config.php on line 191

Warning: file_get_contents(http://temerc.com/Check_Spammers/check_spammers_plain.php?&ip=XX.XXX.XXX.XXX) [function.file-get-contents]: failed to open stream: no suitable wrapper could be found in C:\Domains\only-the-truth.com\wwwroot\ScamWatch\includes\config.php on line 191

Last edited by ScamWatch (2008-12-20 1:26 am)

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

You need to enable allow_url_fopen in php.ini, or switch the function to using cURL.

To switch it to cURL (assuming cURL is enabled?), change;

$fspamcheck = file_get_contents('http://temerc.com/Check_Spammers/check_spammers_plain.php?&ip='.$sVisitorIP);

To;

$sURL = 'http://temerc.com/Check_Spammers/check_spammers_plain.php?&ip='.$sVisitorIP;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $sURL);
curl_setopt($curl, CURLOPT_VERBOSE, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$return = curl_exec($curl);
curl_close($curl);
$fspamcheck = $return;

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

MacHeadCase

Member

From: Montréal, Québec

Registered: 2008-09-07

Posts: 346

Website

Re: Is this possible on a Windows server?

If you really want to get rid of spam, you would have to make registrations with email verification obligatory, for one thing. Using reCAPTCHA (not CAPTCHA, it hasn't been cracked) in the registration process.

Why don't you use the vBStopForumSpam plugin? That's what we use and it works beautifully. Since I installed it, we haven't had one spammer join.

And there are other incentives you could use as well. Like for instance preventing members from posting images if they haven't already posted a certain number of times. This is another plugin we use, Cyb Advanced Permissions Based on Post Count.

Unfortunately, all these little pesky incentives are the only things IMO that will make it difficult for spammers to spread their crap in your forum. I for one wouldn't dream of having a section on the forum for Guests to post on. It would be too much hard work keeping the crud out.

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

Thanks Mystery, Ill give that a go..

MacHeadCase, yes, ty
1. I have done that, but its not possible for this particular section. Everywhere else has email verification. Im not worried about the sign ups just yet, only the guests submmisions which don't require registration..

2. I only found out now that it was possible to block spam in google..And ther was no such mod in the results for my keywords. the first place I seen was here and a few others that don't help for my problem.

3. I use this plugin already.

4. and that's why I need a program that stops them before they even make a post...

I want a script, that STOPS them from ever even seeing my site. Which is what I thoght this place done?

Thanks for the replies and tips guys, much appreciated.

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

SWEEEEEEEEEEEEEEEEEEEEEEEET Mystery, it worked mate ....

Thanks heaps for your time..This has also given me some guidance on my database error in IE some people are having too. It seems my config file is stuffed up some how...At least I know where to look now..

Again, I really appreciate your help...

(Now to see if it actually works.) ...

Cheers.

-=-For anyone else coming from a search engine. I simple copied and pasted the code to the bottom of this file config.php, located here /includes/config.php Dont forget to change the email address

$to = "email@goes-here.com";

to the one you want an email sent to if a spammer has tried to post.

// BEGIN SPAM MOD
$sVisitorIP = $_SERVER['REMOTE_ADDR'];
$sURL = 'http://temerc.com/Check_Spammers/check_spammers_plain.php?&ip='.$sVisitorIP;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $sURL);
curl_setopt($curl, CURLOPT_VERBOSE, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$return = curl_exec($curl);
curl_close($curl);
$fspamcheck = $return;
if (strpos($fspamcheck, 'TRUE') !==False) {
    // Notify admin via e-mail
    $blockedby = str_replace(' TRUE', '', $fspamcheck);
    $blockedby = str_replace(' ', ' & ', $blockedby);
    $msg = 'The following was blocked by the '.$blockedby.' filter<br><br>IP: '.$sVisitorIP;
    $to = "email@goes-here.com"; 
    $subject = "Spammer blocked by hpHosts Spam filter"; 
    $headers =    "MIME-Versin: 1.0\r\n" . 
    "Content-type: text/html; charset=ISO-8859-1; format=flowed\r\n"  
    "Content-Transfer-Encoding: 8bit\r\n" . 
    "From: " . $from . "\r\n" . 
    "X-Mailer: hpHosts Spam Filter"; 
    mail($to, $subject, $msg, $headers);
    // Notify user
    return 'Your access has been blocked by our <a href="http://temerc.com/Check_Spammers/">spam filter</a>. Please either try again or contact an administrator';
    die();
}
// END SPAM MOD?>
/*======================================================================*\
|| ####################################################################
|| #
|| # CVS: $RCSfile$ - $Revision: 16258 $
|| ####################################################################
\*======================================================================*/

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

My pleasure

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

OMG, DUDE!, I just got 16 emails saying

"SPAMMER BLOCKED BY HPHOSTS SPAM FILTER>"

LOL...Damn, I guess its working then

Cheers champ, you're a great help..

PS: only thing is now Imma gonna get my email spammed withall those messages ....I guess I can take my email out of that script now I know its working eh

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

hehe yep, if you don't want the e-mails, just remove the following bit of code;

    // Notify admin via e-mail
    $blockedby = str_replace(' TRUE', '', $fspamcheck);
    $blockedby = str_replace(' ', ' & ', $blockedby);
    $msg = 'The following was blocked by the '.$blockedby.' filter<br><br>IP: '.$sVisitorIP;
    $to = "email@goes-here.com"; 
    $subject = "Spammer blocked by hpHosts Spam filter"; 
    $headers =    "MIME-Versin: 1.0\r\n" . 
    "Content-type: text/html; charset=ISO-8859-1; format=flowed\r\n"  
    "Content-Transfer-Encoding: 8bit\r\n" . 
    "From: " . $from . "\r\n" . 
    "X-Mailer: hpHosts Spam Filter"; 
    mail($to, $subject, $msg, $headers);

/edit

Btw, feel free to put your websites URL in your profile

Last edited by MysteryFCM (2008-12-20 3:11 am)

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

Ah okay, I just deleted my email adn left the quotes, but Ill do that instead ..

Hey, theres a problem I think, some of those spam emails are displaying my own IP address?

"
The following was blocked by the Spamhaus & (PBL & - & Spamhaus & Maintained) filter

IP: XX.XXX.XXX.XXX
"

What would you make of that mate?

cheers.

PS: Ah, tx, Ill put my website in my profile when I fix it up a bit ..

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

According to the message in the e-mail, your IP is listed in the Spamhaus PBL list.

I've modified the script so it no longer flags those in the CBL or PBL, so this shouldn't happen again.

In addition, I've just uploaded a new version of the script for those wanting to selectively disable the individual DNS blacklists. To do this, append the following to the check_spammers_plain.php querystring, depending on which blacklist you want to disable;

Disable all DNSBL checks

dbl=no

Disable Project Honeypot check

ph=no

Disable SpamCop check

sc=no

Disable Spamhaus check

sh=no

Disable Sorbs check

sb=no

For example, to disable Spamhaus;

$sURL = 'http://temerc.com/Check_Spammers/check_spammers_plain.php?sh=no&ip='.$sVisitorIP;

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

Hi mate,

Thanks for the above.

I'm having some trouble though.

1. there is a person who is still able to post his garbage. Hes using the same name to post too.

2. I'm getting emails saying

Database error in vBulletin 3.6.7:

Invalid SQL:
INSERT INTO user
(options, parentemail, salt, passworddate, password, email, username, usergroupid, languageid, usertitle, customtitle, showbirthday, birthday_search, birthday, timezoneoffset, ipaddress, displaygroupid, joindate, lastvisit, lastactivity, autosubscribe, showvbcode, threadedmode, reputationlevelid, reputation, pmpopup, maxposts, daysprune, startofweek)
VALUES
(7511, '', 'YW%', FROM_UNIXTIME(1229775289), '17ee1a119bdfa5bcdbcd8a7a621deeae', 'bedsidentesse@list.ru', 'Kiskpopomia', 2, 1, 'New Member', 0, 0, '1980-01-07', '01-07-1980', '-12', '87.118.94.222', '', 1229775289, 1229775289, 1229775289, 1, 2, 0, 5, 10, 1, -1, 0, -1);

MySQL Error  : Field 'favcache' doesn't have a default value
Error Number : 1364
Date         : Saturday, December 20th 2008 @ 11:14:51 PM
Script       : http://www.scamwatch.only-the-truth.com/register.php?do=addmember
Referrer     : http://www.scamwatch.only-the-truth.com/register.php?s=c6b80cfc41849d9ab7ec1e62965cbe5b
IP Address   : 87.118.94.222
Username     : Kiskpopomia
Classname    : vB_Database

A few of these are from the same IP with different email address's.

3. I'm also not able to view my forum anymore, even though I had the scvript in, it worked for a little bit, able to view stuff, but now, Im unable to view even the spam this person is posting.

/*======================================================================*\ || #################################################################### || # || # CVS: $RCSfile$ - $Revision: 16258 $ || #################################################################### \*======================================================================*/


Unable to add cookies, header already sent.
File: C:\Domains\only-the-truth.com\wwwroot\ScamWatch\includes\config.php
Line: 207

I havent changed anything other than adding that code you gave me, which worked as I said, for a little bit. All of a sudden, its not working?

Any help would be appreciated.

Thanks mate.

And sorry for this trouble Im giving you.

zaphod

Jägermonster

From: USA

Registered: 2008-11-22

Posts: 2,985

Website

Re: Is this possible on a Windows server?

This may not be the place for me to speak up...

If you would like an extra layer of hacker bouncing, and your server is php based, you might try my script.

http://zaphodb777.dyndns.org/zbblockpage.php

It's not that hard to start using, if you have installed scripts before, and are cofident adding a line of php at the top of your php pages.

Good luck!
Zap

---

Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.

Little boxes in the server farm, little boxes running php...

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

Any help would be appreciated.

Thanks mate.

And sorry for this trouble Im giving you.

First and foremost, my apologies for the delay in getting back to you.

Can you e-mail me a copy of your config.php and index.php files please? (I asked the vBulletin dev's for a temporary copy I could use for testing, but have not had a response as yet)

sfs_steve AT it-mate.co.uk DOT co DOT uk

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

ScamWatch

Member

From: Australia

Registered: 2008-12-19

Posts: 21

Website

Re: Is this possible on a Windows server?

Mate, you don't have to appologise for anything. I know you're a real person with real stuff to deal with ..

I'm glad to give you good news though, It's fixed. I had the close tag in the wrong place..I had to put it at the very bottom of the config file.

The script is also working it's magic too. I didnt realise there were so many bots trying to post stuff on my forum so frequently either. I'm getting about 100 per day of spam blocked by this, it's amazing, and FREE.

Is there a donation I can give you for this?

Again, I appreciate your help and a great program (script)

To be commended..

MysteryFCM

Member

From: Tyneside, UK

Registered: 2008-01-16

Posts: 606

Website

Re: Is this possible on a Windows server?

Nice one, cheers for letting me know

I certainly do accept donations, yes. There's a PayPal donation button at the top of the hpHosts website;

http://hosts-file.net

Or alternatively, at;

http://support.it-mate.co.uk/?mode=Docu … Help#costs

---

Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net