#5369 - Problems with IP banning

By Chris Graham
Added 25th Feb 2023, 7:45 PM
3 views

Identifier	#5369
Issue type	Major issue (breaks an entire feature)
Title	Problems with IP banning
Status	Completed
Handling member	Chris Graham
Version	10.0.43
Addon	securitylogging
Description	A number of big problems exist within IP banning, for both negative and time-limited bans, particularly when Composr is able to write to the .htaccess file. Negative bans are not preventing bans. Negative bans are being written into .htaccess as positive bans, if it is writable. Time-limited bans are not handled at all if the .htaccess is writable. Wildcard bans are not detectable by Composr if the .htaccess is writable (so they work on the Apache level, but not recognised by Composr) Internal caching for checking bans does not segment against different parameters for ban checks. regressions came into the project when it was optimised to be able to store bans in this file, and perhaps after other changes. Added extensive testing to avoid problems in the future.
Steps to reproduce
Funded?	No

The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".

Rating

Unrated

Comments

By Guest posted 25th Feb 2023, 7:45 PM

A hotfix (a TAR of files to upload) has been uploaded to this issue. These files are made to the latest intra-version state (i.e. may roll in earlier fixes too if made to the same files) - so only upload files newer than what you have already. If there are files in a hot-fix that you don't have then they probably relate to addons that you don't have installed and should be skipped. Always take backups of files you are replacing or keep a copy of the manual installer for your version, and only apply fixes you need. These hotfixes are not necessarily reliable or well supported. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/).

#5369 - Problems with IP banning

Rating

Comments

Statistics