Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 02:01 pm EST
Geeklog Forums
Ban and Gallery
Status: offline
ajzz
Forum User
Regular Poster
Registered: 01/19/05
Posts: 113
Hello folks,
I am running Gallery1.x embedded in GL1.3.11x and was wondering if someone has experienced the follwing issue and whether it is in fact expected:
Although I have used the ban plugin to block a remote IP address, a bot is still able to access the gallery directory from the banned IP and in this case index an annoying 1000 pages a day. The ban seems to be effective for the rest of the site and attempts to index those pages fail and show in the ban log.
If this was intended behavior, please tell me how to work around the issue (short of using .htaccess which my host does not allow for this site).
Thanks,
Ajay
I am running Gallery1.x embedded in GL1.3.11x and was wondering if someone has experienced the follwing issue and whether it is in fact expected:
Although I have used the ban plugin to block a remote IP address, a bot is still able to access the gallery directory from the banned IP and in this case index an annoying 1000 pages a day. The ban seems to be effective for the rest of the site and attempts to index those pages fail and show in the ban log.
If this was intended behavior, please tell me how to work around the issue (short of using .htaccess which my host does not allow for this site).
Thanks,
Ajay
20
15
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
If you have Gallery integrated into Geeklog, then it already loads lib-common.php and the Ban plugin should do its work.
However, if these bots (or whatever) access the pictures directly (not through Gallery), then the Ban plugin is not activated. Only a .htaccess would help in that case (yes, I know ...).
bye, Dirk
However, if these bots (or whatever) access the pictures directly (not through Gallery), then the Ban plugin is not activated. Only a .htaccess would help in that case (yes, I know ...).
bye, Dirk
18
22
Quote
Status: offline
ajzz
Forum User
Regular Poster
Registered: 01/19/05
Posts: 113
In fact the first time I noticed this is via the GUS plugin where the Ban was on but there were still hits showing from this IP. The embedding was done at the Gallery config level and not by installing a separate integration plugin so we are subject to what gallery provides as headers.
The wrapper provided by gallery includes this in the header
/*
** Display header and left blocks
*/
$display = COM_siteHeader ();
$display .= COM_startBlock ('My Picture Gallery');
Echo $display;
// echo COM_siteHeader();
break;
which I though should take care of lib-common but I dont know enough.
Anyway, I have tweaked some register-global-check setting in gallery and will report if that made a difference. Meanwhile, any insights would be useful.
Ajay
The wrapper provided by gallery includes this in the header
Text Formatted Code
case 'GeekLog':/*
** Display header and left blocks
*/
$display = COM_siteHeader ();
$display .= COM_startBlock ('My Picture Gallery');
Echo $display;
// echo COM_siteHeader();
break;
Anyway, I have tweaked some register-global-check setting in gallery and will report if that made a difference. Meanwhile, any insights would be useful.
Ajay
15
32
Quote
Status: offline
tomw
Forum User
Full Member
Registered: 08/12/02
Posts: 300
One issue that the ban plugin has always had is that it is sensitive to the order that plugins are loaded. To get around this I have always modified the query that sets the load order so that ban will load first and thus completely block access to all plugins. The way I do this is sort the query that gets the plugin names by plugin name. Since B is before all other plugins it loads first.
To do this in the current versions of Geeklog change the query in lib-plugins which loads the plugin names by adding " ORDER by pi_name" to the end of the query. I know, don't alter core files, but geeklog has no mechinism to order the loading of plugins. Note in older versions of geeklog the query is at the end of lib-common.
The code effected is below -- edited for your veiwing pleasure.
$_PLUGINS = array();
while ($A = DB_fetchArray($result)) {
$_PLUGINS[] = $A['pi_name'];
To do this in the current versions of Geeklog change the query in lib-plugins which loads the plugin names by adding " ORDER by pi_name" to the end of the query. I know, don't alter core files, but geeklog has no mechinism to order the loading of plugins. Note in older versions of geeklog the query is at the end of lib-common.
The code effected is below -- edited for your veiwing pleasure.
Text Formatted Code
$result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1 ORDER by pi_name");$_PLUGINS = array();
while ($A = DB_fetchArray($result)) {
$_PLUGINS[] = $A['pi_name'];
14
12
Quote
Status: offline
ajzz
Forum User
Regular Poster
Registered: 01/19/05
Posts: 113
Hmm... the code from my install is pasted below. It is already sorted by plugin name. Any other ideas?
$_PLUGINS = array();
while ($A = DB_fetchArray($result)) {
$_PLUGINS[] = $A['pi_name'];
}
Text Formatted Code
$result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1 ORDER by pi_name");$_PLUGINS = array();
while ($A = DB_fetchArray($result)) {
$_PLUGINS[] = $A['pi_name'];
}
18
11
Quote
All times are EST. The time is now 02:01 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content