Issue with URL Blacklist

Discussion in 'General Help' started by aikidesi, Feb 13, 2019 at 3:04 PM.

  1. aikidesi
    • Licensed

    aikidesi Member

    Just started noticing this in the past few weeks... If I click URL, under Blacklist on a new sign up, instead of getting a message saying the URL has been blacklisted, I am taken to my actual homepage.
  2. Basti
    • Staff

    Basti Administrator Staff Member

    I can not reproduce this on my 1.6 test list.

    Please let us know the following
    1) Which vl version you use?
    2) On which page does that happen? manage members? approve members?
    3) Also please hover over the blacklist -> url field for the site in question and copy the link address so I can validate it has nothing to do with that
    4) Does it only happen with the url field?
    5) Does it happen for any user?
    6) sources/admin/manage_ban.php exist?
    7) sources/admin.php search for the following. Is it found?
    Code:
    'manage_ban' => 1
    8) Do you have a plugin which adds new admin source files? Namely a plugin file named admin_include_source.php.
    If so, it might be integrated wrongly
    Last edited: Feb 13, 2019 at 8:11 PM
  3. aikidesi
    • Licensed

    aikidesi Member

    Hi Seb,
    1) Which vl version you use? 1.5
    2) On which page does that happen? manage members? approve members? Approve Members
    3) Also please hover over the blacklist -> url field for the site in question and copy the link address so I can validate it has nothing to do with that. http://www.topbandsandmusicians.com...itter.com/DouglasAldridg&field=url&matching=1
    4) Does it only happen with the url field? Yes
    5) Does it happen for any user? Every new user that I've blacklisted.
    6) sources/admin/manage_ban.php exist? Yes
    7) sources/admin.php search for the following. Is it found? Yes
    8) Do you have a plugin which adds new admin source files? Namely a plugin file named admin_include_source.php. Yes; remember that voting script you wrote for me years ago? I see that file in that folder. But this is a very recent problem... I get multiple bogus signups every day and have been blacklisting everyday for years. :)
  4. cajkan
    • Licensed

    cajkan Active Member

    Make sure you add re-captcha since I've added newest re-captcha bots are blocked 99%

    Some can join but thats not a big deal, 99% are off
    Basti likes this.
  5. Basti
    • Staff

    Basti Administrator Staff Member

    Also works as expected on approve members. Can you PM me url/ftp/admin login please? As everything works over here I don't see what might trigger that.

    Ah and yea do as cajkan said, add captcha to signups
  6. Basti
    • Staff

    Basti Administrator Staff Member

    There is definitely some redirect issue somewhere, http://www.topbandsandmusicians.com...itter.com/DouglasAldridg&field=url&matching=1 should normally redirect /admin/?fail=1 since im not logged as admin.
    As soon as string= contains a url, this odd behavior is triggered.

    And as we get redirected to to homepage before the normal admin fail redirect, it means whatever code that is, is happened before any admin check happens
  7. aikidesi
    • Licensed

    aikidesi Member

    Thanks for the suggestion, cajkan! Do I want reCAPTCHA v2 or reCAPTCHA v3?
    If it's v2, is one of these options better than the other... "I'm not a robot" Checkbox or Invisible reCAPTCHA badge?
  8. aikidesi
    • Licensed

    aikidesi Member

    Seb - Before you spend a lot of time debugging, should I wait to see if the recaptcha essentially negates the need for blacklisting? Most of the time I just blacklist the IP address anyway.
  9. Basti
    • Staff

    Basti Administrator Staff Member

    If you want to use recaptcha, you have to use V2, V3 is not tested on VisioList, so I don't know if that works. And use the checkbox one. Invisible should work also, but I think you need to adjust your join_recaptcha.html then

    And no problem for the debug. Have to know if its a race condition bug on our side or not
    Last edited: Feb 14, 2019 at 6:27 PM
  10. aikidesi
    • Licensed

    aikidesi Member

    I used the V2 checkbox one... it requests information but doesn't show anything nor provide a place to enter it.

    Attached Files:

  11. Basti
    • Staff

    Basti Administrator Staff Member

    Looks like you not updated the recaptcha file. It updated it 1.3 or 1.4, I don't remember.
    Make sure join_recaptcha has this in it
    Code:
    <div class="{$error_style_recaptcha}">
        <label>{$lng->join_recaptcha_text}</label>
        <div class="g-recaptcha" data-sitekey="{$recaptcha_sitekey}"></div>
        {$error_recaptcha}
        <script type="text/javascript" src="https://www.google.com/recaptcha/api.js" async defer></script>
    </div>
  12. aikidesi
    • Licensed

    aikidesi Member

    Thanks, Seb; I think that worked!
    cajkan likes this.
  13. cajkan
    • Licensed

    cajkan Active Member

    Also make sure you are using latest VL version because it has MANY fixes
    aikidesi likes this.
  14. aikidesi
    • Licensed

    aikidesi Member

    I think that recaptcha really did the trick! Thanks cajkan!
    cajkan likes this.
  15. cajkan
    • Licensed

    cajkan Active Member

    Try to register account just in case login is broken, happened to me many times where users couldnt register :D

Share This Page