TMDHosting

One of the most advanced addons to protect your vBulletin from spam activities is Project Honey Pot. Integrating your vBulletin with Honey Pot will grant you a constantly updated databases of know spammer IP’s that will be blacklisted/denied acccess to your website.

 

You should follow the below steps when integrating vBulletin with Honey Pot:

 

1)      You should create an account with HoneyPot project here:

 

http://www.projecthoneypot.org/

 

2)      You should get your personal httpbl API key

3)      Go to your AdminCP >  Styles & Templates > Style Manager. Select Edit Templates from the drop-down menu choose Go, selecet the header option from the drop-down menu on the left and choose Edit. Apply the following code at the top:

 

$projecthp

 

4)      Go to Plugins & Products > Add new plugin and apply the below changes:

 

               Hook Location: global_start


Title: Insert PHP For Project Honey Pot Block

 

               Plugin PHP code:

 


              ob_start();

               include(‘projecthp.php’);

               $projecthp = ob_get_contents();

                ob_end_clean();

 

 

Plugin is Active : Yes

 

5)      Use an editor of your choice to create a new script with name projecthp.php applying the below code:

               <?php
require_once(‘./httpbl.php’);

?>

 

and upload it in your vBulletin forum web root directory.

 

6)      Create a new script via an editor with name httpbl.php  placing the below code:

 

<?php

/*

Script Name: Simple PHP http:BL implementation

Description: Simple script to check an IP against Project Honey Pot’s database and let only legitimate users access your script

*/

 

/*** EDIT LINE 22 WITH YOUR OWN HTTP:BL ACCESS KEY ! ***/

 

if ($_COOKIE['notabot']) {

   ozh_httpbl_logme(false,    $_SERVER['REMOTE_ADDR']);

} else {

   ozh_httpbl_check();

}

 

function ozh_httpbl_check() {       // your http:BL key

   $apikey = ‘YOUR_API_KEY’;

      // IP to test

   $ip = $_SERVER['REMOTE_ADDR'];

      // build the lookup DNS query

   // Example : for ’127.9.1.2′ you should query ‘abcdefghijkl.2.1.9.127.dnsbl.httpbl.org’

   $lookup = $apikey . ‘.’ . implode(‘.’, array_reverse(explode (‘.’, $ip ))) . ‘.dnsbl.httpbl.org’;

      // check query response

   $result = explode( ‘.’, gethostbyname($lookup));

      if ($result[0] == 127) {

       // query successful !

       $activity = $result[1];

       $threat = $result[2];

       $type = $result[3];

              if ($type & 0) $typemeaning .= ‘Search Engine, ‘;

       if ($type & 1) $typemeaning .= ‘Suspicious, ‘;

       if ($type & 2) $typemeaning .= ‘Harvester, ‘;

       if ($type & 4) $typemeaning .= ‘Comment Spammer, ‘;

       $typemeaning = trim($typemeaning,’, ‘);

              // echo “$type : $typemeaning of level $threat “;

              // Now determine some blocking policy

       if (

       ($type >= 4 && $threat > 0) // Comment spammer with any threat level

           ||

       ($type < 4 && $threat > 20) // Other types, with threat level greater than 20

       ) {

           $block = true;

       }

              if ($block) {

           ozh_httpbl_logme($block,$ip,$type,$threat,$activity);

           ozh_httpbl_blockme();

           die();

       }

      }

}

 

function ozh_httpbl_logme($block = false, $ip=”, $type=”,$threat=”,$activity=”) {

   $log = fopen(‘./block.log’,'a’);

   $stamp = date(‘Y-m-d :: H-i-s’);

      // Some stuff you could log for further analysis

   $page = $_SERVER['REQUEST_URI'];

   $ua = $_SERVER["HTTP_USER_AGENT"];

          if ($block) {

       fputs($log,”$stamp :: BLOCKED $ip :: $type :: $threat :: $activity :: $page :: $ua\n”);

   } else {

       fputs($log,”$stamp :: UNBLCKD $ip :: $page :: $ua\n”);

   }

   fclose($log);

}

 

function ozh_httpbl_blockme() {

   header(‘HTTP/1.0 403 Forbidden’);

   echo <<<HTML

   <script type=”text/javascript”>

   function setcookie( name, value, expires, path, domain, secure ) {

       // set time, it’s in milliseconds

       var today = new Date();

       today.setTime( today.getTime() );

          if ( expires ) {

           expires = expires * 1000 * 60 * 60 * 24;

       }

       var expires_date = new Date( today.getTime() + (expires) );

          document.cookie = name + “=” +escape( value ) +

       ( ( expires ) ? “;expires=” + expires_date.toGMTString() : “” ) +

       ( ( path ) ? “;path=” + path : “” ) +

       ( ( domain ) ? “;domain=” + domain : “” ) +

       ( ( secure ) ? “;secure” : “” );

   }       function letmein() {

       setcookie(‘notabot’,'true’,1,’/', ”, ”);

       location.reload(true);

   }

   </script>

   <h1>Forbidden</h1>

   <p>Sorry. You are using a suspicious IP.</p>

   <p>If you are NOT a bot of any kind please <a href=”javascript:letmein()”>click here</a> to access the page.</p>

   HTML;

}

 

?>

 

in the place of    ’YOUR_API_KEY’  you should place the API key you have acquired in step 2.

 

You should upload the file in your vBulletin forum web root directory.

 

The blocked  connections and IPs will be registered in block.log  file in your installation web root.

 

You will be able to see the reason for the block here:

 

http://www.projecthoneypot.org/search_ip.php