public function wpadmin() { $view = $this->getView(); $request = $this->getPageRequest(); if ($request->isPost()) { // Did they actually try to submit this form?...... silly bot ;) SystemLogModel::LogSecurityEvent('/wp-admin Honeypot POST', 'POST submission to /wp-admin detected!', print_r($_POST, true)); $expireback = new CoreDateTime(); $expireback->modify('+2 days'); $block = IpBlacklistModel::Find(['ip_addr = ' . REMOTE_IP . '/32'], 1); if (!$block) { $block = new IpBlacklistModel(); $block->set('ip_addr', REMOTE_IP . '/32'); } $block->setFromArray(['expires' => $expireback->getFormatted('U', Time::TIMEZONE_GMT), 'message' => 'You tried to submit a wp-admin page.... this is not a WP site!', 'comment' => 'Bot or user submitted to wp-admin']); $block->save(); } else { // Just record the hit. SystemLogModel::LogSecurityEvent('/wp-admin Honeypot GET', 'GET request to /wp-admin detected!'); } $view->templatename = 'pages/wphoneypot/wpadmin.phtml'; $view->mastertemplate = false; }
public function blacklistip_delete() { $view = $this->getView(); $request = $this->getPageRequest(); $ban = new IpBlacklistModel($request->getParameter(0)); if (!$ban->exists()) { return View::ERROR_NOTFOUND; } if (!$request->isPost()) { return View::ERROR_BADREQUEST; } $ban->delete(); \Core\set_message('Removed ban successfully', 'success'); \Core\go_back(); }
/** * This will check and see how many 404 requests there have been recently. * * @return bool */ public static function Check404Pages() { // How long back do I want to check the logs? $time = new DateTime(); $time->modify('-30 seconds'); $ds = Dataset::Init()->table('user_activity')->where(['status = 404', 'ip_addr = ' . REMOTE_IP, 'datetime > ' . $time->format('U')])->count()->execute(); if ($ds->num_rows > 30) { // CHILL THAR F****R! $time->modify('+6 minutes'); $blacklist = new \IpBlacklistModel(); $blacklist->setFromArray(['ip_addr' => REMOTE_IP . '/24', 'expires' => $time->format('U'), 'message' => 'You have requested too many "404" pages recently, please go get some coffee and wait for a short bit. If you are a bot and/or spammer, please bugger off.', 'comment' => '5-minute auto-ban for too many 404 requests in 30 seconds']); $blacklist->save(); \SystemLogModel::LogSecurityEvent('/security/blocked', 'Blocking IP due to too many 404 requests in 30 seconds.'); die($blacklist->get('message')); } }