Message Board

http:BL Use/Development

Older Posts ]   [ Newer Posts ]
 Joomla! 1.5 Plugin
Author: M.Bijland   (29 Aug 07 4:29am)
I have released a plugin for Joomla! 1.5 and can be downloaded from the link below. This for the upcoming release of Joomla! 1.5 and not the 1.0.x series.

suggestions or comments are more then welcome.

http://trac.4theweb.nl/jprojects/wiki/plg_httpbl

kind regards,
Michiel
 
 Re: Joomla! 1.5 Plugin
Author: P.Hauser   (29 Aug 07 8:11am)
Hi Michiel,

this is probably the best news for the troubled Joomla community concerning security advantages not only towards Spammers, but also towards numerous script kiddies to make their senseless, childlike and insane activities even more obsolete.

As far as I can see in your concurrent version system, you constructed it as a plugin for a component called com_jsecure. Seems the admin part is almost finished, did not find a road map for the user part of the component though.

Is the component com_jsecure obligatory for the plugin and is it eventually going to become a core component of Joomla 1.5 to protect the complete Joomla installation including forms and other possibly weak components?

Joomla 1.5 is scheduled for mid of September. So this is a bit into the near future. If so, will you announce a version after the official release of Joomla 1.5 by end of September then?

Is there already any documentation about the component and the plugin? Any documentation will be welcome as soon as you have it available.

Thanks to you!
 
 Re: Joomla! 1.5 Plugin
Author: M.Bijland   (29 Aug 07 10:49am)
The Plugin works just fine on its own.

If you want whitelisting and logging of the blocks, you need JSecure. JSecure is written as a extra level of security and a central point for security related plugins to log activity. So you can easily see what's happening.
This is just a component and not a core component, as it isn't developed by Joomla! core developers.

Jsecure is almost ready, there will be no user part, just needs some more testing and some finishing touches, but it will install and runs perfectly on 2 test sites of mine. Just make zip from the trunk and you can install it.

kind regards,
Michiel
 
 Re: Joomla! 1.5 Plugin
Author: P.Hauser   (29 Aug 07 11:21am)
I will keep an eye on your repository and will test both with joomla 1.5 definitely!
Just a great job, you do there indeed!

Thanks for your reply, Michiel!
 
 Re: Joomla! 1.5 Plugin
Author: M.Bijland   (9 Sep 07 1:36pm)
Released version 1.1

Changes:
* caching of request, to reduce dns requests.
* option to disable checking of logged in users
* option to disable checking for back-end
* added functionality to report/log blogs.

kind regards,
Michiel
 
 Re: Joomla! 1.5 Plugin
Author: M.Bijland   (24 Feb 08 11:20am)
Released version 2.2

Changes:
* fixed bug: backwards incompatilbe name change in Joomla!

kind regards,
Michiel
 
 Re: Joomla! 1.5 Plugin
Author: M.Bijland   (16 Sep 08 4:01am)
Released version 1.5

Changes:
* new default value for age.
* reduced cache size needed for a request.

kind regards,
Michiel
 
 Re: Joomla! 1.5 Plugin
Author: A.M9   (22 Oct 08 12:06pm)
I've just installed http:bl and so far all is well. Under parameters it lists an API Key. What is this for? and where do I find it?
 
 Re: Joomla! 1.5 Plugin
Author: M.Prince   (22 Oct 08 4:13pm)
After you register/login to the Project Honey Pot website, there is an option on your dashboard to request an http:BL Access Key. You'll need that to make your plugin fully functional. It's free.

I also encourage you to install a honey pot or include QuickLinks on your website in order to provide more information back to the Project.
 
 Re: Joomla! 1.5 Plugin
Author: C.Condo   (28 Oct 08 11:33pm)
I just registered and I do not see anything in the dashboard about requesting an access key
 
 Re: Joomla! 1.5 Plugin
Author: M.Prince   (29 Oct 08 4:16pm)
Try this link:

http://projecthoneypot.org/httpbl_configure.php

Or, if that doesn't work, click the Services tab and then HTTP Blacklist.
 
 Re: Joomla! 1.5 Plugin
Author: D.Kerr   (30 Nov 08 7:37pm)
Hi,

I installed the following on Joomla 1.5.8

1. JSecure. Found it would not block any blacklisted sites until I changed the module name from 'secure' to 'com_secure' where the plugin references the component. Found this from a post on the original JSecure site. Now it is blocking but not logging anything.

2. httpbl latest (Sept 08) and bad behavior latest (Sept 08) installed okay but no sign of any logging. I need to run a trace and see if they are contacting honeypot with the API key but I assume they probably are. However, I can find nothing logged. Should there be something in the joomla logs? I guess so, but nothing found. I have tried the settings to use JSecure and also the settings to not use JSecure.

EDIT: I have done a TCPDUMP and when a connect request comes in, I can find no traffic out to check the HoneyPot. So, for some reason these two plugins do not seem to be working even though all appears otherwise fine. I'll have a trawl through the database to see if anything is recorded there.

3. However, I am a little confused. I assume JSecure is still needed? There is a brief comment that "logging now happens with JLog". It seems that JSecure is being discontinued but is it still used by the other two plugins?

EDIT: In what way is it supposed to work, if used? Are the other two plugins supposed to update the blacklist table and also put info into the log? I understand that httpbl and bad_behavior are supposed to be able to run standalone so my next experiment will be to uninstall JSecure as I am unlikely to be manually entering IPs, I had to modify it to make blacklisting work, the logging is not working and it seems to be stopped as a project. Perhaps removing it will make the other plugins work....

So, if someone could point me in the right direction, I would be grateful. I want to have httpbl and the bad behavior plugins but should I have or not have JSecure for them to work properly? Does logging work?

Regds,
Dave

Post Edited (30 Nov 08 9:49pm)
 
 Re: Joomla! 1.5 Plugin
Author: M.Bijland   (8 Apr 09 9:26am)
Hi,

The latest version is 1.8 this fixed a bug where guest users wheren't checked, see changes on the project page.
Please update to this version and all should be well.

You are correct JSecure is no more, http:bl and bad_behaviour are stand alone plugins now. They use Joomla! build in logging facility.

Kind regards,
Michiel Bijland
 
 Re: Joomla! 1.5 Plugin
Author: N.Ho3   (14 Oct 10 12:35pm)
Hi Michiel,

I have installed http:bl thanks very much.

where can I find the logs produced by the plugin?

Many Thanks

Nic

actually found it /logs - doh!!

the plugin is working thanks heaps

Post Edited (14 Oct 10 12:49pm)
 
 Re: Joomla! 1.5 Plugin
Author: E.Everts   (24 Jul 11 6:48am)
Hallo Michiel,

Link is not working.
 
 Re: Joomla! 1.5 Plugin
Author: M.Mayer3   (8 Apr 12 9:37am)
To everyone how uses Joomla 2.5,

I will port it to Joomla 2.5, if you are interested, please mail me. mike(a)uumm.de

Currently live test on one of my web sites.

Cheers
Mike
 
 Re: Joomla! 2.5 Plugin
Author: C.Gibson   (22 Apr 12 6:39am)
Yes Mike I am interested in a Joomla 2.5 port of BB and I bet a lot of others will be too!

Post Edited (22 Apr 12 6:40am)
 
 Re: Joomla! 1.5 Plugin
Author: M.MD   (22 May 12 3:57am)
http://trac.4theweb.nl/jprojects/wiki/plg_httpbl

..Site is OFF...



do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email