Issue with URL Blacklist

aikidesi

aikidesi

Member
Just started noticing this in the past few weeks... If I click URL, under Blacklist on a new sign up, instead of getting a message saying the URL has been blacklisted, I am taken to my actual homepage.
 
Basti

Basti

Administrator
Staff member
I can not reproduce this on my 1.6 test list.

Please let us know the following
1) Which vl version you use?
2) On which page does that happen? manage members? approve members?
3) Also please hover over the blacklist -> url field for the site in question and copy the link address so I can validate it has nothing to do with that
4) Does it only happen with the url field?
5) Does it happen for any user?
6) sources/admin/manage_ban.php exist?
7) sources/admin.php search for the following. Is it found?
Code: 
'manage_ban' => 1
8) Do you have a plugin which adds new admin source files? Namely a plugin file named admin_include_source.php.
If so, it might be integrated wrongly
 
Last edited:
aikidesi

aikidesi

Member
Hi Seb,
1) Which vl version you use? 1.5
2) On which page does that happen? manage members? approve members? Approve Members
3) Also please hover over the blacklist -> url field for the site in question and copy the link address so I can validate it has nothing to do with that. http://www.topbandsandmusicians.com...itter.com/DouglasAldridg&field=url&matching=1
4) Does it only happen with the url field? Yes
5) Does it happen for any user? Every new user that I've blacklisted.
6) sources/admin/manage_ban.php exist? Yes
7) sources/admin.php search for the following. Is it found? Yes
8) Do you have a plugin which adds new admin source files? Namely a plugin file named admin_include_source.php. Yes; remember that voting script you wrote for me years ago? I see that file in that folder. But this is a very recent problem... I get multiple bogus signups every day and have been blacklisting everyday for years. :)
 
cajkan

cajkan

Active Member
aikidesi said:
Hi Seb,
1) Which vl version you use? 1.5
2) On which page does that happen? manage members? approve members? Approve Members
3) Also please hover over the blacklist -> url field for the site in question and copy the link address so I can validate it has nothing to do with that. http://www.topbandsandmusicians.com/topbands/index.php?a=admin&b=manage_ban&string=http://twitter.com/DouglasAldridg&field=url&matching=1
4) Does it only happen with the url field? Yes
5) Does it happen for any user? Every new user that I've blacklisted.
6) sources/admin/manage_ban.php exist? Yes
7) sources/admin.php search for the following. Is it found? Yes
8) Do you have a plugin which adds new admin source files? Namely a plugin file named admin_include_source.php. Yes; remember that voting script you wrote for me years ago? I see that file in that folder. But this is a very recent problem... I get multiple bogus signups every day and have been blacklisting everyday for years. :)
Click to expand...
Make sure you add re-captcha since I've added newest re-captcha bots are blocked 99%

Some can join but thats not a big deal, 99% are off
 
Basti

Basti

Administrator
Staff member
Also works as expected on approve members. Can you PM me url/ftp/admin login please? As everything works over here I don't see what might trigger that.

Ah and yea do as cajkan said, add captcha to signups
 
aikidesi

aikidesi

Member
Thanks for the suggestion, cajkan! Do I want reCAPTCHA v2 or reCAPTCHA v3?
If it's v2, is one of these options better than the other... "I'm not a robot" Checkbox or Invisible reCAPTCHA badge?
 
aikidesi

aikidesi

Member
Seb - Before you spend a lot of time debugging, should I wait to see if the recaptcha essentially negates the need for blacklisting? Most of the time I just blacklist the IP address anyway.
 
Basti

Basti

Administrator
Staff member
If you want to use recaptcha, you have to use V2, V3 is not tested on VisioList, so I don't know if that works. And use the checkbox one. Invisible should work also, but I think you need to adjust your join_recaptcha.html then

And no problem for the debug. Have to know if its a race condition bug on our side or not
 
Last edited:
Basti

Basti

Administrator
Staff member
Looks like you not updated the recaptcha file. It updated it 1.3 or 1.4, I don't remember.
Make sure join_recaptcha has this in it
Code: 
<div class="{$error_style_recaptcha}">
    <label>{$lng->join_recaptcha_text}</label>
    <div class="g-recaptcha" data-sitekey="{$recaptcha_sitekey}"></div>
    {$error_recaptcha}
    <script type="text/javascript" src="https://www.google.com/recaptcha/api.js" async defer></script>
</div>
 
aikidesi

aikidesi

Member
Basti said:
If you want to use recaptcha, you have to use V2, V3 is not tested on VisioList, so I don't know if that works. And use the checkbox one. Invisible should work also, but I think you need to adjust your join_recaptcha.html then

And no problem for the debug. Have to know if its a race condition bug on our side or not
Click to expand...
Hey Seb... URL Blacklisting is still not working but, instead of it redirecting to the homepage, I now get this...

Forbidden
You don't have permission to access /topbands/index.php on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
 
Basti

Basti

Administrator
Staff member
Yes, it is what I mentioned in PM, its mod_security issue. Ill remind mark again
 
Mark

Mark

Administrator
Staff member
mod_sec rules have been updated, you should be all set now. Let me know if you have any issues.
 
You must log in or register to reply here.
Top