ufodepot Posted December 29, 2009 Share Posted December 29, 2009 Hi Travis, The IP trap will have no impact upon any other aspect of your site, certainly not the log in or checkout systems. The only thing that might cause this is if you used the XSS add ons, which have been known to block real customers from checking out, i did get a fair amount of messages about this, and it always turned out to be an XSS script which gave a similar message. The logic of the trap is that a user has to call teh personal folder in their browser to activiate the trap, the chances of trapping an actual customer is remote. Nic Hello Nic, I need help. You said put this around line 56: // include the IP Trap require(DIR_WS_INCLUDES . 'secret.php'); I do not know how to tell what line is what number. How do I know what line 56 is? I have done everything else you said and I am getting this error in my admin: Warning: main(includes/application_bottom.php): failed to open stream: No such file or directory in /home/content/s/c/i/scitechadmin/html/catalog/admin/login.php on line 159 Warning: main(includes/application_bottom.php): failed to open stream: No such file or directory in /home/content/s/c/i/scitechadmin/html/catalog/admin/login.php on line 159 Fatal error: main(): Failed opening required 'includes/application_bottom.php' (include_path='.:/usr/local/lib/php') in /home/content/s/c/i/scitechadmin/html/catalog/admin/login.php on line 159 What does this mean and how can I fix this? Thanks, Hope Quote Link to comment Share on other sites More sharing options...
brians34 Posted January 3, 2010 Share Posted January 3, 2010 I've read through the readme file and through this topic, but have a question about uploading. The readme file says to "Upload the entire contents of the catalog folder to your existing catalog folder on your server via FTP." There is also a DOCS folder. Am I supposed to do anything with that folder? Quote Link to comment Share on other sites More sharing options...
♥FIMBLE Posted January 3, 2010 Author Share Posted January 3, 2010 I've read through the readme file and through this topic, but have a question about uploading. The readme file says to "Upload the entire contents of the catalog folder to your existing catalog folder on your server via FTP." There is also a DOCS folder. Am I supposed to do anything with that folder? No the docs folder just contains info for the ireadme file, you do not need to upload it. Nic basket of wonders 1 Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
brians34 Posted January 4, 2010 Share Posted January 4, 2010 No the docs folder just contains info for the ireadme file, you do not need to upload it. Nic Thanks Nic. And thanks for the great work. basket of wonders 1 Quote Link to comment Share on other sites More sharing options...
Krama Posted January 6, 2010 Share Posted January 6, 2010 Hi Nic, I have just added version 4 of IP Trap to my store and all seems to work OK when I try to access the personal folder (ie. get the block page message) but I am still able to access my site and checking the IP_Trapped file my IP address has not been added and the 999.999.999.999 address has been removed. Any thoughts on what I am doing wrong. Thanks in advance for any assistance you can provide. Tim Quote Link to comment Share on other sites More sharing options...
Juto Posted January 23, 2010 Share Posted January 23, 2010 This so called IPTrap is far from stable. I highly doubt it will ever be stable as I found a topic here where it was created by other forum members. This fimble guy just copied what was in the forum and packaged it like it was his work. Now he cant seem to make a stable release. This IPTrap will block certain payment modules from sending data to your shop. I would stay far away from it and wait for something to come out by people that know what they are doing. sky_diver 1 Quote Contributions: http://addons.oscommerce.com/info/8010 http://addons.oscommerce.com/info/8204 http://addons.oscommerce.com/info/8681 Link to comment Share on other sites More sharing options...
Juto Posted January 23, 2010 Share Posted January 23, 2010 I am about to release version 3 of the IP Trap, Updated features Cleaned code, Added a Whitelist, with Search engine IP numbers loaded Redesigned the Blocked.php page. Added correct syntax for robots.txt Updated install file. Any comments, questions first see the readme in the contribution then ask here. http://addons.oscommerce.com/info/5914 Enjoy Nic Hi, thanks for your efforts. Maby this http://www.kloth.net/internet/bottrap.php can be of use? Sara Quote Contributions: http://addons.oscommerce.com/info/8010 http://addons.oscommerce.com/info/8204 http://addons.oscommerce.com/info/8681 Link to comment Share on other sites More sharing options...
ogwinilo Posted January 23, 2010 Share Posted January 23, 2010 (edited) Great contribution indeed. Just to get something straight, in the case of Biancoblu, (where she got automatically IP Trapped when all she intends doing is Whitelist herself), - i have a similar story- does it mean she leaves everything as it is since Nic tested it independently? Edited January 23, 2010 by ogwinilo Quote Link to comment Share on other sites More sharing options...
♥FIMBLE Posted January 23, 2010 Author Share Posted January 23, 2010 Great contribution indeed. Just to get something straight, in the case of Biancoblu, (where she got automatically IP Trapped when all she intends doing is Whitelist herself), - i have a similar story- does it mean she leaves everything as it is since Nic tested it independently? Hello Thank you for your kind words, im not too sure what you mean. Do you have a dynamic IP like Isa ? The point of the white list is not so much to stop you from being banned as you know the IP trap is there, it is intended to be a cushion to prevent Search engines like Google and Yahoo, who's IP numbers are in the whielist from being banned. So even if your IP number is dynamic and you do get banned just dont go in the trap. Nic basket of wonders 1 Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
♥Biancoblu Posted January 25, 2010 Share Posted January 25, 2010 Great contribution indeed. Just to get something straight, in the case of Biancoblu, (where she got automatically IP Trapped when all she intends doing is Whitelist herself), - i have a similar story- does it mean she leaves everything as it is since Nic tested it independently? My problem was that I kept getting banned even though my IP was in the whitelist, upon checking the trapped list and the whitelist I noticed my IP had ended up in both lists as if the trapped list was getting written to regardless of the IP having been added to the whitelist. This only happened a few times then not anymore, I don't know the reason behind it. Now it works as intended, and has been tested at length. Nic, I can't remember if you've edited something at all in the files after I had the problem? Quote ~ Don't mistake my kindness for weakness ~ Link to comment Share on other sites More sharing options...
♥FIMBLE Posted January 25, 2010 Author Share Posted January 25, 2010 (edited) Nic, I can't remember if you've edited something at all in the files after I had the problem? Hi Isa No i'm not sure, the only thing we worked on after removal of your IP from the trap file banned/IP_Trapped.txt (which must be done or you will be banned) was to work on the admin version of the trap. Someone earlier said that they removed the "\n" from the end of $ip = $_SERVER["REMOTE_ADDR"]."\n"; and made it work. They did not make it work as it then only checked the first line, so they did not mend it they broke it! Most people who have a problem seem to foget to add the application_top.php line. Regards Nic Edited January 25, 2010 by FIMBLE Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
♥Biancoblu Posted January 25, 2010 Share Posted January 25, 2010 Hi Nic, actually you're right, I remember now, all we did was remove the IP from the trapped list. Then the subsequent tests were regarding the admin version not the regular version. :) Quote ~ Don't mistake my kindness for weakness ~ Link to comment Share on other sites More sharing options...
ogwinilo Posted January 27, 2010 Share Posted January 27, 2010 Hi Nic, actually you're right, I remember now, all we did was remove the IP from the trapped list. Then the subsequent tests were regarding the admin version not the regular version. :) Appreciate your posts. 1. Please enlighten me a bit, "Then the subsequent tests were regarding the admin version not the regular version." What does this entail? 2. Nic, can you please direct me to a thread regarding your brilliant Bubble Ready Stores. I have installed all the recommended security measures by yourself, by Spooks (found here: http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-site/) etc. Now I'm ready for the store configuration and the look and feel using one of your templates. Now do I replace all the files (eg application_top) I've made security changes to as I upload your template, or what do i do? Whats the easiest and painless way to do this? Sory for hijacking this valuable thread. Regards Felix Quote Link to comment Share on other sites More sharing options...
♥FIMBLE Posted January 27, 2010 Author Share Posted January 27, 2010 Appreciate your posts. 1. Please enlighten me a bit, "Then the subsequent tests were regarding the admin version not the regular version." What does this entail? 2. Nic, can you please direct me to a thread regarding your brilliant Bubble Ready Stores. I have installed all the recommended security measures by yourself, by Spooks (found here: http://forums.oscomm...ure-your-site/) etc. Now I'm ready for the store configuration and the look and feel using one of your templates. Now do I replace all the files (eg application_top) I've made security changes to as I upload your template, or what do i do? Whats the easiest and painless way to do this? Sory for hijacking this valuable thread. Regards Felix Hi There is no forum address for the bubble stores, there has never really been a reason to have one, to be sure you have done it all correctly i would suggest you install the bubble store, and then add the security measures onit once installed. The quoted line you are refering to is an add on to the IP trap for the admin older that i worked on with Coopco and Biancoblu but i have not released it. The way it works is that it protects your admin folder by adding code to your login.pgp (for 2.2RC2A) or index.php (for 2.2ms) you have to be in the whitelist, if not calling the admin folder will ban you. I decided not to release this due to the obvious problems that would start with people who have a dynamic IP numbers that would be getting banned constantly. Hope this helps you out NIc Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
ogwinilo Posted January 28, 2010 Share Posted January 28, 2010 Hi There is no forum address for the bubble stores, there has never really been a reason to have one, to be sure you have done it all correctly i would suggest you install the bubble store, and then add the security measures onit once installed. The quoted line you are refering to is an add on to the IP trap for the admin older that i worked on with Coopco and Biancoblu but i have not released it. The way it works is that it protects your admin folder by adding code to your login.pgp (for 2.2RC2A) or index.php (for 2.2ms) you have to be in the whitelist, if not calling the admin folder will ban you. I decided not to release this due to the obvious problems that would start with people who have a dynamic IP numbers that would be getting banned constantly. Hope this helps you out NIc Thanks, quite helpful Quote Link to comment Share on other sites More sharing options...
ogwinilo Posted January 29, 2010 Share Posted January 29, 2010 Thanks, quite helpful Hi there Nlc I have installed the bubble store. After running Sitimonitor, i get the following files as possibly hacked: Checked 223 directories containing a total of 1173 files. Skipped 851 files. 20 suspected hacked files found. Hacked Files Found power/fckeditor/fckeditor.afp power/fckeditor/fckeditor.asp power/fckeditor/fckeditor.cfc power/fckeditor/fckeditor.cfm power/fckeditor/fckeditor.js power/fckeditor/fckeditor.lasso power/fckeditor/fckeditor.pl power/fckeditor/fckeditor.py power/fckeditor/fckeditor_php4.php power/fckeditor/fckeditor_php5.php power/fckeditor/editor/fckdialog.html power/fckeditor/editor/dialog/fck_docprops.html power/fckeditor/editor/dialog/fck_flash.html power/fckeditor/editor/dialog/fck_image.html power/fckeditor/editor/dialog/fck_link.html power/fckeditor/editor/dialog/fck_paste.html power/fckeditor/editor/dialog/fck_spellerpages.html power/fckeditor/editor/filemanager/connectors/test.html power/fckeditor/editor/filemanager/connectors/uploadtest.html power/fckeditor/editor/js/fckdebug.html I don't believe they've been hacked, could there be an explanation for this? Thanking you for your great work, we'll be PMing you in due course regarding some other stuff relating to your work Felix Felix Quote Link to comment Share on other sites More sharing options...
ogwinilo Posted January 30, 2010 Share Posted January 30, 2010 After installing the green buble store, the mechanics of the store seem to be working fine for now, i am able to start the transaction from the beginning to payment. However, apart from 'the possibly hacked files'- (i dont think they are), I can't find the said 'edit page' in admin. Secondly, infobox images, both the left and right ones don't appear, it shows blank spaces with red-crossed boxes instead of an image. What could be causing these and how can I rectify them?\\ Thanks Quote Link to comment Share on other sites More sharing options...
♥FIMBLE Posted January 30, 2010 Author Share Posted January 30, 2010 After installing the green buble store, the mechanics of the store seem to be working fine for now, i am able to start the transaction from the beginning to payment. However, apart from 'the possibly hacked files'- (i dont think they are), I can't find the said 'edit page' in admin. Secondly, infobox images, both the left and right ones don't appear, it shows blank spaces with red-crossed boxes instead of an image. What could be causing these and how can I rectify them?\\ Thanks Why are you posting this on the IP trap page? Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
Wayne Weedon Posted January 30, 2010 Share Posted January 30, 2010 (edited) Hi For some reason this is not working on my server. All changes made but it seems it's not getting the full FS Path. [client *********] PHP Warning: file(): Unable to access DOCUMENT_ROOT/../banned/IP_Trapped.txt in /var/www/vhosts/******.co.uk/httpdocs/catalog/includes/secret.php on line 11, referer: http://******.co.uk/catalog/index.php [client ********] PHP Warning: file(DOCUMENT_ROOT/../banned/IP_Trapped.txt): failed to open stream: No such file or directory in /var/www/vhosts/******.co.uk/httpdocs/catalog/includes/secret.php on line 11, referer: http://******.co.uk/catalog/index.php Where is the var DOCUMENT_ROOT derived? Should I hard code the full path to make it work? or use the OSC var DIR_FS_CATALOG ? Permissions set to 666 for the files and 755 for the dir. Wayne..... Edited January 30, 2010 by Wayne Weedon Quote Link to comment Share on other sites More sharing options...
mdowden Posted February 12, 2010 Share Posted February 12, 2010 I installed. Added my IP to the banned list, yet I still was able to get through. I don't get any errors and the install is pretty straight forward. I'm on a windows server, but I feel pretty confident that I have permissions correct. Anything I should be looking for? Or test in another way? Quote Link to comment Share on other sites More sharing options...
♥FIMBLE Posted February 12, 2010 Author Share Posted February 12, 2010 I installed. Added my IP to the banned list, yet I still was able to get through. I don't get any errors and the install is pretty straight forward. I'm on a windows server, but I feel pretty confident that I have permissions correct. Anything I should be looking for? Or test in another way? Hi Did you add the line in your application_top.php? Nic Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
sarafina Posted February 22, 2010 Share Posted February 22, 2010 (edited) When somebody goes to /personal and gets banned..it says please email webmaster@ this site. Is there a way to change this? Also, even though my ip is on the whitelist, everytime I go to domain.com/personal I get blocked.. Edited February 22, 2010 by sarafina Quote Contributions installed: Purchase without Account / STS/ All Products/ Header Tags Controller Link to comment Share on other sites More sharing options...
♥FIMBLE Posted February 22, 2010 Author Share Posted February 22, 2010 (edited) Yes you need to eidt the file catalog / blocked.php its on line 19 Have you removed your ip number from the IP_Trapped.txt also? Nic Edited February 22, 2010 by FIMBLE Quote Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
sarafina Posted February 22, 2010 Share Posted February 22, 2010 Yes you need to eidt the file catalog / blocked.php its on line 19 Have you removed your ip number from the IP_Trapped.txt also? Nic Yes I have followed instructions. Changed all the files. Made permission 755 for folder and 666 for files. I go to /personal... Get banned. Took my ip of ip_trapped.txt and put it on whitelist and go back and get banned again. I have cleared cookies, opened new windows etc. Even if my ip is on the whitelist I always get banned when visiting /personal. Quote Contributions installed: Purchase without Account / STS/ All Products/ Header Tags Controller Link to comment Share on other sites More sharing options...
sarafina Posted February 22, 2010 Share Posted February 22, 2010 Ok soooo I got it to work but IF and only IF my IP is at the top of the list. I added it to the bottom of the list (whitelist) and I was instantly blocked upon visiting /personal directory. When I added myself to the top of the list I was not blocked. I would invite anybody who has this working to take their IP and put it at the bottom of the whitelist and see if they get the same results. FIMBLE, hopefully you can test and look into this. Quote Contributions installed: Purchase without Account / STS/ All Products/ Header Tags Controller Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.