Does not work, security issue, ineffective

  • Firstly, it installed fine, but when I go to report a comment I get this on SFS:

    403 FORBIDDEN!
    Either the address you are accessing this site from has been banned for previous malicious behavior or the action you attempted is considered to be hostile to the proper functioning of this system.

    The detected reason(s) you were blocked are:
    RFI attack/SQL injection (Unprintable ASCII escaping). RFI (http).

    Your IP, and Domain Name (if resolvable) has been logged to a local honeypot, along with the referring page (if any), QUERY, POST, User Agent, time of access, and date. Please either 1. Stop the bad behavior, or 2. Cease accessing this system.

    So now instead of reporting a spammer I’ve been added as one. That’s brilliant.

    Secondly, having to click “report” on EVERY comment is a VERY long and tedious thing for me. This mod needs to be updated to support bulk actions. I know it can be done, my SMF forum has it.

Viewing 3 replies - 1 through 3 (of 3 total)

  • “Does not work, security issue, ineffective.”

    Who are you mad it? The plugin did not report your ip, but someone did.

    I would like to know why you are on the SFS forum. Please post your IP here and we can check SFS.

    Thread Starter Alundra

    (@alundra)

    I’m not mad, sorry, I’m just really frustrated :(.

    I clicked the report button and it gave me that quote up there, saying I was trying to inject and it was adding me to its honeypot :(. Then it had all my details.

    I’ve checked and I’m not listed as a spammer, but I don’t know what honeypot means really so I don’t know about that. I’m not comfortable giving my IP on here though, sorry. If you could tell me where to check I can do it myself :).

    The plugins failure to work with the SFS site is what reported me. When you click the report link it tells you you’re injecting SQL :(.

    I could be that your spammer has a nasty piece of code hidden in their url. If you click on it you might infect your own site.

    Right now, the code just sends “evidence” of any click-able links in the spam. In the next release I will “sanitize” the links before sending them over to SFS. This is an important piece of information and I thank you.

    I am trying to create a spam reporting page where you can click the pages that you want reported and do them all at once. This is not working correctly, yet and is why I did not include it the previous releases.

    Keith

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Does not work, security issue, ineffective’ is closed to new replies.