Jump to content

Suspect Activities


sijad
 Share

Recommended Posts

Suspect Activities


Suspect Activities mod will protect your website and prevent bots and unwanted traffic from tor nodes and blacklist IP addresses to hit your website and you can block counties which you don't like to access your website. 
 
This mod will protect your members from people who use proxies to bully your members.
features [*]Using cookies to authentication [*]Advanced programming for saving resources [*]Recognize proxies which aren't pro [*]Using http://software77.net/geo-ip/ to fetch user country [*]Using http://www.dan.me.uk/tornodes to detect tor users [*]Auto updating databases [*]...
Prerequisites [*]PHP 5.3+








  •  

  •  

  • Submitter
  • Submitted
    01/23/2014
  • Category
  • Discussion URL
  • Support Info
  • Supported Versions
Link to comment
Share on other sites

  • 2 weeks later...

I'm not sure exactly what's happening, who is 'blocked' and who would only be asked to use the 'authenticate' test? Can you explain the suspects list more?

Is there a plan to add a whitelist for legitimate users on proxy networks like universities etc?

Also a 'hit' counter would be useful so it's clear how many connection attempts have been blocked.

Thanks for any clarity.

Link to comment
Share on other sites

I'm not sure exactly what's happening, who is 'blocked' and who would only be asked to use the 'authenticate' test? Can you explain the suspects list more?

you can add tor users and some countries to your suspect list, there is just authenticate, not blocking, I'm working on it to add a counter and blocking system (now we using cookie, for blockin we he to use from DB), also a analyses page

Is there a plan to add a whitelist for legitimate users on proxy networks like universities etc?

I'll check it and let you know

Also a 'hit' counter would be useful so it's clear how many connection attempts have been blocked.

Working on it

Link to comment
Share on other sites

Hi,

OK, thank you for your feedback. Since installation we've had a couple of users reporting being blocked, 'Forbidden' error. We haven't been able to replicate this error until I clicked on your demo link, http://skinod.com , for this hook and it blocks you in the way they describe 'Forbidden'. What might be causing this?

I don't use any kind of proxy etc and from what you describe about the hook there shouldn't be any blocking going on....a bug maybe?

Thanks.

Link to comment
Share on other sites

I will send you a PM in a few days.

Does your app cause any negative impact on TTFB?

If I purchase this app, it must not impact my TTFB. You can test the apps impact on TTFB with:

curl -o /dev/null -w "Connect: %{time_connect} TTFB: %{time_starttransfer} Total time: %{time_total} n" http://inserturl.here

It can be tested with both app on and off.

Link to comment
Share on other sites

your code make me recheck my codes again, but in IPB i have unstable results, so I've made an external class of suspect activities, you can test it by yourself at http://skinod.com/demos/external-suspect/

for checking tor:

skinod.com/demos/external-suspect/?tor

for checking ip use:

skinod.com/demos/external-suspect/?ip

or both:

skinod.com/demos/external-suspect/?tor&ip
Link to comment
Share on other sites

The only reason I ask is some apps/hooks can cause a high TTFB, which is what I am trying to avoid. And will be making sure they do not impact on my own server's efficiency, if they do, I will avoid.

I suspect that some issue's can be sorted by some changes in code, and others are inevitable due to calling from a 3rd party server.

I will look at your above links over the weekend however, the TTFB results is what I am after, with and without your app on your test board is fine. The above code (to determine TTFB results) can be executed via SSH in cli.

The main TTFB with a fresh install of IPB is a baseline I am willing to accept regardless of where the server is, however I am also interested in TTFB results with your app installed on that fresh install.

The only reason I ask for this information is I am not going to spend another 'x' amount on an app that is going to pass results like this. I expect that if I pay for an app/hook, that it has little to zero impact on my server's TTFB.

If you read the above links, you will see that just a little investigation of an app/hook, can result in around 1 second impact on an IPB install.

You must admit, that this is alarming for any website's load-time.

I do hope that you understand where I am coming from with this, and it is not an unreasonable request :thumbsup:

Link to comment
Share on other sites

Totally agree with you, unfortunately i don't have a fresh install of IPB now for testing purpose, as i said this mod uses internal database for detect suspect users, i use this script to search user counties and an custom script for searching tor users, size of ip2countries database can be around 800KB (in binary), yes it's huge for searching in every page-load, but with my tricks and binary search it's nothing to you for worry about. any way just send me a PM and I'll send you a demo file then you can test it yourself

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...