[TAC] Bot Arrestor [Paid] 2.0.12

[tenants]

This adds 0 extra queries to threads/forums/index/etc (It makes use of session and the global cache)
On kicking bots out, the page the bots then visit is a low Kb page which makes use of the global cache (low query)



tenants submitted a new resource:

DeDos - Anti DOS for spam bot/scrapers - Reduce DOS resource usage from Scrapers / Spam Bots / Simple DOS attacks

This is plugin is included in
i) Paid (unbranded) Tac Anti Spam Collection
This plugin is not included in the free Tac Anti Spam Collection

What this plugin does:

• lowers resource usage for spam bots
• lowers resource usage for scrappers
• lowers resource usage for human simple DOS attacks
• avoids catching spiders/crawlers

This plugin is primary...

Read more about this resource...

 

[Stuart Wright]

@tenants On install:
Error
Callback Tac_CustomImgCaptcha_CronEntry_CleanUp::runWeeklyCleanUp is invalid (Invalid Class).

and I'm getting a 401 every time I try to access the front end !!!
and I can't uninstall the addon because it didn't install

So AVForums is effectively down right now. Trust me for being the first!
[Edit] deleted the library/tac/DeDos folder and we're back.

 

[tenants]

I can fix the first error, that's just a school boy error (pointing to the wrong cron)


Was there anything in your dedos logs that might have told you why (it might just have been due to an incomplete install)?

I've installed it on 3 forums, tested for a few days, no issues (but they did all have CustomImgCaptcha, so I would never have seen the error)

I'll make a fix and update soon

 

[Stuart Wright]

Thanks. I don't have a DeDos log option in the Tools page because it didn't successfully install. Or because I deleted the folder.
CuteFTP reported that all the files uploaded ok.

 

[tenants]

tenants updated DeDos - Anti DOS for spam bot/scrapers with a new update entry:

minor fix

Minor fix (install issue, pointing to the wrong clean up cron)

Read the rest of this update entry...

 

[tenants]

Thanks. I don't have a DeDos log option in the Tools page because it didn't successfully install. Or because I deleted the folder.
CuteFTP reported that all the files uploaded ok.

Fixed the cron issue, let me know how it goes. In testing this, I've never seen an incomplete install, so it could have caused the other issue

 

[Stuart Wright]

Ok I uploaded the latest version, but then when I go to the admin page, all I get is a huge logo in the middle of the screen and nothing else. So basically I can't access the admin pages.
On the front end, the forum index is empty http://www.avforums.com/
Things are well screwed up.
[Edit] Again, everything fixed if I delete the DeDos folder which I have had to do.

 

[tenants]

Is there any reason this wouldn't work on your server:

$stringIP = (isset($_SERVER['REMOTE_ADDR']) ? (string)$_SERVER['REMOTE_ADDR'] : '0');

Basically, you would only get the 401 if this happened:

        $dd_known_dos = XenForo_Application::getSimpleCacheData('dd_known_dos');
    
        if($dd_known_dos)
        {
            if(array_key_exists($stringIP, $dd_known_dos) && ($dd_known_dos[$stringIP] > $timenow - $ddMaliciousCacheTime))
            {
                // send the user a 401
                $this->maliciousEvent();
            }
        }

Since it's unlikely that you are DOS attacking your own site (and I've seen it myself on your site, so I know this isn't the case), the only other reason is that $stringIP is set to 0 or the same IP for all users, and that has been cached.

Do you use cloudflare? (I can imagine that would cause an issue, since all users could have the same IP address)

 

[Stuart Wright]

I have no idea whether
$stringIP = (isset($_SERVER['REMOTE_ADDR']) ? (string)$_SERVER['REMOTE_ADDR'] : '0');
would work or not. How would I find out? I can do any DB query you like.
And I have never heard of cloudflare.
At this point the addon seems to have half installed. It's not in the addons list.
[Edit] I don't know if it makes any difference, but I have to connect to the server via its VPN in order to FTP, and I'm connected that way.

 

[tenants]

Okay, so it's still in the semi installed state (which is probably why it's still not working and causing issues)
If you have never heard of cloudfalre, then it's unlikely to be the cause.

This is a little tricky, but if you turn debug mode on, DeDos will no longer call the 401 (so you can place the files back install/uninstall/reinstall 1.0.8 and no one will see the 401)
-If you need help (need me to look) let me know

To turn on debug mode (temporarily), see: http://xenforo.com/community/threads/frequently-asked-questions.5183/#post-248490

But don't forget to turn off debug mode once you're done. You usually shouldn't need to do this (unless you test DOSing your own site, in which case turning on debug mode allows you to gain access to the ACP).

I believe the issues you are seeing are likely to be due to the incomplete install, are there any other server error logs?

 

[Stuart Wright]

I set the system up to automatically go into debug mode when I connect to the VPN.
I got several of these

XenForo_Exception: Invalid model 'Tac_DeDos_Model_DeDosCache' specified - library/XenForo/Model.php:192
Generated By: Unknown Account, 28 minutes ago
Stack Trace
#0 /home/sites/avforums/public_html/library/Tac/DeDos/Listener.php(112): XenForo_Model::create('Tac_DeDos_Model...')
#1 [internal function]: Tac_DeDos_Listener::init_dependencies(Object(XenForo_Dependencies_Public), Array)
#2 /home/sites/avforums/public_html/library/XenForo/CodeEvent.php(90): call_user_func_array(Array, Array)
#3 /home/sites/avforums/public_html/library/XenForo/Dependencies/Abstract.php(202): XenForo_CodeEvent::fire('init_dependenci...', Array)
#4 /home/sites/avforums/public_html/library/XenForo/FrontController.php(127): XenForo_Dependencies_Abstract->preLoadData()
#5 /home/sites/avforums/public_html/index.php(13): XenForo_FrontController->run()
#6 {main}
Request State
array(3) {
["url"] => string(88) "http://www.avforums.com/threads/recommend-a-reciprocating-saw-for-pruning-trees.1509172/"
["_GET"] => array(1) {
["/threads/recommend-a-reciprocating-saw-for-pruning-trees_1509172/"] => string(0) ""
}
["_POST"] => array(0) {
}
}

and two of these

ErrorException: Fatal Error: Class 'Tac_DeDos_ControllerPublic_Thread' not found - library/XenForo/Application.php(514) : eval()'d code:1
Generated By: Unknown Account, 29 minutes ago
Stack Trace
#0 [internal function]: XenForo_Application::handleFatalError()
#1 {main}
Request State
array(3) {
["url"] => string(70) "http://www.avforums.com/threads/cant-get-av1-symbol-off-screen.893405/"
["_GET"] => array(1) {
["/threads/cant-get-av1-symbol-off-screen_893405/"] => string(0) ""
}
["_POST"] => array(0) {
}
}

and one of these

ErrorException: Fatal Error: Class 'Tac_DeDos_ControllerPublic_Misc' not found - library/XenForo/FrontController.php:442
Generated By: Unknown Account, 29 minutes ago
Stack Trace
#0 [internal function]: XenForo_Application::handleFatalError()
#1 {main}
Request State
array(3) {
["url"] => string(293) "http://www.avforums.com/misc/lightb...nk&gl=uk&_xfNoRedirect=1&_xfResponseType=json"
["_GET"] => array(4) {
["/misc/lightbox"] => string(0) ""
["_xfRequestUri"] => string(169) "/search?q=cache:1uD6M7ugzeoJ:www.avforums.com/threads/can-i-use-an-hdmi-splitter-box-and-magic-eye-together-to-get-true-hdmi-elsewhere.1598097/+&cd=1&hl=en&ct=clnk&gl=uk"
["_xfNoRedirect"] => string(1) "1"
["_xfResponseType"] => string(4) "json"
}
["_POST"] => array(0) {
}
}

 

[tenants]

I've now figured out why this would happen on an incomplete install:

        if($maliciousRequestCount >= $options->ddMalMaxRequests)
        {               
            // call the 401     
            $this->maliciousEvent();
        }

Well that's an interesting one... since it's an incomplete install $options->ddMalMaxRequest = 0, so the 401 will always be called. I'm going to add a fix for that, but incomplete installs should be rare (although, I don't want anyone running into this again, so I'll add the fix)

 

[Stuart Wright]

when I go to the admin page, all I get is a huge logo in the middle of the screen and nothing else. So basically I can't access the admin pages.

 

[tenants]

I set the system up to automatically go into debug mode when I connect to the VPN.
I got several of these

and two of these
and one of these

All of those errors would have happened when you deleted the files, are there new errors after turning on debug mode and putting the files back

You do need to manually turn on debug mode if the 401 occurs and prevents you from getting in

I've intentionaly added the dubug mode as a work around to avoid 401s (if admins lock their own accounts when testing the product)

 

[Stuart Wright]

Debug mode is always on, though, by editing the config file.
Something different is happening this time... I got in and it's installing...

 

[Stuart Wright]

We have a dual server setup. I wonder whether the FTP uploads to one and the installation runs on the other? This isn't the first time this kind of thing has happened.
[Edit] Phew, ok it installed ok this time. Thanks for your patience and attention!
I have a page full of locked out IPs though from when I first tried to install it at 6:27pm.
Actually I have 40 pages worth of locked out IPs. The order of them seems to be backward. Normally I would expect them to be in date descending order, but they are in date ascending.
@tenants assuming the IP list was largely created in error, I'm wondering whether I ought to disable DeDOS until I can clear the IP list.

 

[UnitySoft]

Awesome Add On, great author

 

[tenants]

tenants updated DeDos - Anti DOS for spam bot/scrapers with a new update entry:

Prevent issues if incomplete install

If ever in the future I make a mistake which causes an incomplete install, this will not cause the 401s - A fix has been made to avoid this

Read the rest of this update entry...

 

[tenants]

We have a dual server setup. I wonder whether the FTP uploads to one and the installation runs on the other? This isn't the first time this kind of thing has happened.
[Edit] Phew, ok it installed ok this time. Thanks for your patience and attention!
I have a page full of locked out IPs though from when I first tried to install it at 6:27pm.
Actually I have 40 pages worth of locked out IPs. The order of them seems to be backward. Normally I would expect them to be in date descending order, but they are in date ascending.
@tenants assuming the IP list was largely created in error, I'm wondering whether I ought to disable DeDOS until I can clear the IP list.

There is a button at the top to clear the cache (ACP>> Tools >> lockd out IPs >> Clear cache)
I didn't think it would ever be used, but I never had foreseen an incomplete install... and I certainly never saw the consequences of an incomplete install)... click it and the cache will be cleared. Well, I've patched it up so even an incomplete install shouldn't cause too many issues (other than it being an incomplete install)

        if($maliciousRequestCount >= $options->ddMalMaxRequests && ($options->ddMalMaxRequests))
        {          
                // do the 401 stuff, but this is never reached if $options->ddMalMaxRequests is null/0 (so no issues on incomplete installs)
                $this->maliciousEvent();
        }

 

[Mike Edge]

Mike, this is great! One question though. Will things that auto-refresh like shoutbox or livepage cause a trigger for refreshing too often?