[TAC] Bot Arrestor

[TAC] Bot Arrestor [Paid] 2.0.12

No permission to buy ($19.00)
Overview Updates (22) Reviews (1) History Discussion
tenants

tenants

Well-known member
This adds 0 extra queries to threads/forums/index/etc (It makes use of session and the global cache)
On kicking bots out, the page the bots then visit is a low Kb page which makes use of the global cache (low query)



tenants submitted a new resource:

DeDos - Anti DOS for spam bot/scrapers - Reduce DOS resource usage from Scrapers / Spam Bots / Simple DOS attacks

This is plugin is included in
i) Paid (unbranded) Tac Anti Spam Collection
This plugin is not included in the free Tac Anti Spam Collection

What this plugin does:
  • lowers resource usage for spam bots
  • lowers resource usage for scrappers
  • lowers resource usage for human simple DOS attacks
  • avoids catching spiders/crawlers

This plugin is primary...
Click to expand...

Read more about this resource...
 
Last edited:
@tenants On install:
Error
Callback Tac_CustomImgCaptcha_CronEntry_CleanUp::runWeeklyCleanUp is invalid (Invalid Class).

and I'm getting a 401 every time I try to access the front end !!!
and I can't uninstall the addon because it didn't install

So AVForums is effectively down right now. Trust me for being the first!
[Edit] deleted the library/tac/DeDos folder and we're back.
 
Last edited:
I can fix the first error, that's just a school boy error (pointing to the wrong cron)


Was there anything in your dedos logs that might have told you why (it might just have been due to an incomplete install)?

I've installed it on 3 forums, tested for a few days, no issues (but they did all have CustomImgCaptcha, so I would never have seen the error)

I'll make a fix and update soon
 
Last edited:
Thanks. I don't have a DeDos log option in the Tools page because it didn't successfully install. Or because I deleted the folder.
CuteFTP reported that all the files uploaded ok.
 
Stuart Wright said:
Thanks. I don't have a DeDos log option in the Tools page because it didn't successfully install. Or because I deleted the folder.
CuteFTP reported that all the files uploaded ok.
Click to expand...

Fixed the cron issue, let me know how it goes. In testing this, I've never seen an incomplete install, so it could have caused the other issue
 
Ok I uploaded the latest version, but then when I go to the admin page, all I get is a huge logo in the middle of the screen and nothing else. So basically I can't access the admin pages.
On the front end, the forum index is empty http://www.avforums.com/
Things are well screwed up.
[Edit] Again, everything fixed if I delete the DeDos folder which I have had to do.
 
Is there any reason this wouldn't work on your server:

$stringIP = (isset($_SERVER['REMOTE_ADDR']) ? (string)$_SERVER['REMOTE_ADDR'] : '0');

Basically, you would only get the 401 if this happened:

Code: 
        $dd_known_dos = XenForo_Application::getSimpleCacheData('dd_known_dos');
    
        if($dd_known_dos)
        {
            if(array_key_exists($stringIP, $dd_known_dos) && ($dd_known_dos[$stringIP] > $timenow - $ddMaliciousCacheTime))
            {
                // send the user a 401
                $this->maliciousEvent();
            }
        }

Since it's unlikely that you are DOS attacking your own site (and I've seen it myself on your site, so I know this isn't the case), the only other reason is that $stringIP is set to 0 or the same IP for all users, and that has been cached.

Do you use cloudflare? (I can imagine that would cause an issue, since all users could have the same IP address)
 
I have no idea whether
$stringIP = (isset($_SERVER['REMOTE_ADDR']) ? (string)$_SERVER['REMOTE_ADDR'] : '0');
would work or not. How would I find out? I can do any DB query you like.
And I have never heard of cloudflare.
At this point the addon seems to have half installed. It's not in the addons list.
[Edit] I don't know if it makes any difference, but I have to connect to the server via its VPN in order to FTP, and I'm connected that way.
 
Okay, so it's still in the semi installed state (which is probably why it's still not working and causing issues)
If you have never heard of cloudfalre, then it's unlikely to be the cause.

This is a little tricky, but if you turn debug mode on, DeDos will no longer call the 401 (so you can place the files back install/uninstall/reinstall 1.0.8 and no one will see the 401)
-If you need help (need me to look) let me know

To turn on debug mode (temporarily), see: http://xenforo.com/community/threads/frequently-asked-questions.5183/#post-248490

But don't forget to turn off debug mode once you're done. You usually shouldn't need to do this (unless you test DOSing your own site, in which case turning on debug mode allows you to gain access to the ACP).

I believe the issues you are seeing are likely to be due to the incomplete install, are there any other server error logs?
 
Last edited:
I set the system up to automatically go into debug mode when I connect to the VPN.
I got several of these
XenForo_Exception: Invalid model 'Tac_DeDos_Model_DeDosCache' specified - library/XenForo/Model.php:192
Generated By: Unknown Account, 28 minutes ago
Stack Trace
#0 /home/sites/avforums/public_html/library/Tac/DeDos/Listener.php(112): XenForo_Model::create('Tac_DeDos_Model...')
#1 [internal function]: Tac_DeDos_Listener::init_dependencies(Object(XenForo_Dependencies_Public), Array)
#2 /home/sites/avforums/public_html/library/XenForo/CodeEvent.php(90): call_user_func_array(Array, Array)
#3 /home/sites/avforums/public_html/library/XenForo/Dependencies/Abstract.php(202): XenForo_CodeEvent::fire('init_dependenci...', Array)
#4 /home/sites/avforums/public_html/library/XenForo/FrontController.php(127): XenForo_Dependencies_Abstract->preLoadData()
#5 /home/sites/avforums/public_html/index.php(13): XenForo_FrontController->run()
#6 {main}
Request State
array(3) {
["url"] => string(88) "http://www.avforums.com/threads/recommend-a-reciprocating-saw-for-pruning-trees.1509172/"
["_GET"] => array(1) {
["/threads/recommend-a-reciprocating-saw-for-pruning-trees_1509172/"] => string(0) ""
}
["_POST"] => array(0) {
}
}
Click to expand...
and two of these
ErrorException: Fatal Error: Class 'Tac_DeDos_ControllerPublic_Thread' not found - library/XenForo/Application.php(514) : eval()'d code:1
Generated By: Unknown Account, 29 minutes ago
Stack Trace
#0 [internal function]: XenForo_Application::handleFatalError()
#1 {main}
Request State
array(3) {
["url"] => string(70) "http://www.avforums.com/threads/cant-get-av1-symbol-off-screen.893405/"
["_GET"] => array(1) {
["/threads/cant-get-av1-symbol-off-screen_893405/"] => string(0) ""
}
["_POST"] => array(0) {
}
}
Click to expand...
and one of these
ErrorException: Fatal Error: Class 'Tac_DeDos_ControllerPublic_Misc' not found - library/XenForo/FrontController.php:442
Generated By: Unknown Account, 29 minutes ago
Stack Trace
#0 [internal function]: XenForo_Application::handleFatalError()
#1 {main}
Request State
array(3) {
["url"] => string(293) "http://www.avforums.com/misc/lightb...nk&gl=uk&_xfNoRedirect=1&_xfResponseType=json"
["_GET"] => array(4) {
["/misc/lightbox"] => string(0) ""
["_xfRequestUri"] => string(169) "/search?q=cache:1uD6M7ugzeoJ:www.avforums.com/threads/can-i-use-an-hdmi-splitter-box-and-magic-eye-together-to-get-true-hdmi-elsewhere.1598097/+&cd=1&hl=en&ct=clnk&gl=uk"
["_xfNoRedirect"] => string(1) "1"
["_xfResponseType"] => string(4) "json"
}
["_POST"] => array(0) {
}
}
Click to expand...
 
I've now figured out why this would happen on an incomplete install:

Code: 
        if($maliciousRequestCount >= $options->ddMalMaxRequests)
        {               
            // call the 401     
            $this->maliciousEvent();
        }

Well that's an interesting one... since it's an incomplete install $options->ddMalMaxRequest = 0, so the 401 will always be called. I'm going to add a fix for that, but incomplete installs should be rare (although, I don't want anyone running into this again, so I'll add the fix)
 
Stuart Wright said:
I set the system up to automatically go into debug mode when I connect to the VPN.
I got several of these

and two of these
and one of these
Click to expand...

All of those errors would have happened when you deleted the files, are there new errors after turning on debug mode and putting the files back

You do need to manually turn on debug mode if the 401 occurs and prevents you from getting in

I've intentionaly added the dubug mode as a work around to avoid 401s (if admins lock their own accounts when testing the product)
 
Last edited:
Debug mode is always on, though, by editing the config file.
Something different is happening this time... I got in and it's installing...
 
We have a dual server setup. I wonder whether the FTP uploads to one and the installation runs on the other? This isn't the first time this kind of thing has happened.
[Edit] Phew, ok it installed ok this time. Thanks for your patience and attention!
I have a page full of locked out IPs though from when I first tried to install it at 6:27pm.
Actually I have 40 pages worth of locked out IPs. The order of them seems to be backward. Normally I would expect them to be in date descending order, but they are in date ascending.
@tenants assuming the IP list was largely created in error, I'm wondering whether I ought to disable DeDOS until I can clear the IP list.
 
Last edited:
Stuart Wright said:
We have a dual server setup. I wonder whether the FTP uploads to one and the installation runs on the other? This isn't the first time this kind of thing has happened.
[Edit] Phew, ok it installed ok this time. Thanks for your patience and attention!
I have a page full of locked out IPs though from when I first tried to install it at 6:27pm.
Actually I have 40 pages worth of locked out IPs. The order of them seems to be backward. Normally I would expect them to be in date descending order, but they are in date ascending.
@tenants assuming the IP list was largely created in error, I'm wondering whether I ought to disable DeDOS until I can clear the IP list.
Click to expand...

There is a button at the top to clear the cache (ACP>> Tools >> lockd out IPs >> Clear cache)
I didn't think it would ever be used, but I never had foreseen an incomplete install... and I certainly never saw the consequences of an incomplete install)... click it and the cache will be cleared. Well, I've patched it up so even an incomplete install shouldn't cause too many issues (other than it being an incomplete install)

Code: 
        if($maliciousRequestCount >= $options->ddMalMaxRequests && ($options->ddMalMaxRequests))
        {          
                // do the 401 stuff, but this is never reached if $options->ddMalMaxRequests is null/0 (so no issues on incomplete installs)
                $this->maliciousEvent();
        }

upload_2014-6-8_20-22-16.webp
 
Last edited:
Mike, this is great! One question though. Will things that auto-refresh like shoutbox or livepage cause a trigger for refreshing too often?
 
You must log in or register to reply here.

Similar threads

Yugensoft
Add-on Offer: Sale of IP Rights of All Addons
Replies
10
Views
2K
ssj2_ssbm
ssj2_ssbm
tenants
Spambots attempting to register by facebook
Replies
1
Views
653
Deathstarr
Deathstarr
DRE
KnownHost Server Configuration?
8 9 10
Replies
183
Views
21K
craigiri
craigiri
Top Bottom