[Hybr!d]

What is http:BL?

http:BL is basically a script that when installed on a website means every visitor is checked against Project Honey Pot's massive and ever growing spambot list.

What does this mean?

It means that spammers, harvesters and scrapers get blocked before they even see your website content. This reduces spam in the form of threads and posts or via harvesting email addresses left on your site. It also reduces server load and bandwidth. Finally, if your content is all nice and original do you really want to let scrapers steal it and pass it off as their own? This script stops them before any content loads.

Why am I doing this?

Since no guides or information on implementing this setup on vBulletin exists I thought I would write one up as I have set this up a few times and it is definitely working and making a positive impact.

Installation:

You will need to sign up to Project Honey Pot here > http://www.projecthoneypot.org/

Then goto your dashboard and get your personal http:BL key. It's on the left at the bottom of your stats.

Follow these steps to get http:BL installed on vBulletin.

Step 1:

Open your header template and at the top add.

$projecthp

Step 2:

Goto plugins and products > add new plugin in the admin CP.

Use the defaults unless changed below.

Hook Location: global_start

Title: Insert PHP For Project Honey Pot Block

Plugin PHP code:

ob_start();
include('projecthp.php');
$projecthp = ob_get_contents();
ob_end_clean();

Set as active, then save.

Step 3:

Using your PHP editor of choice, create a file named projecthp.php and add the code below.

<?php require('/var/www/vhosts/domain.com/httpdocs/httpbl.php'); ?>

*Note* You will need to enter the path for your domain root in the format used on your server, it will differ from the one above. If in doubt, ask your host.

Now upload the projecthp.php file to the root of your domain.

Step 4:

Now we need to create the http:BL PHP file, open your PHP editor again.

Add the code below. Remember to change the http:BL key with the one from your Project Honey Pot control panel.

Code:

<?php
/*
Script Name: Simple PHP http:BL implementation
Description: Simple script to check an IP against Project Honey Pot's database and let only legitimate users access your script
*/

/*** EDIT LINE 22 WITH YOUR OWN HTTP:BL ACCESS KEY ! ***/

if ($_COOKIE['notabot']) {
    ozh_httpbl_logme(false,    $_SERVER['REMOTE_ADDR']);
} else {
    ozh_httpbl_check();
}


function ozh_httpbl_check() {    
    // your http:BL key 
    $apikey = 'aabbccddeeffgg';
    
    // IP to test
    $ip = $_SERVER['REMOTE_ADDR'];
    
    // build the lookup DNS query
    // Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org'
    $lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org';
    
    // check query response
    $result = explode( '.', gethostbyname($lookup));
    
    if ($result[0] == 127) {
        // query successful !
        $activity = $result[1];
        $threat = $result[2];
        $type = $result[3];
        
        if ($type & 0) $typemeaning .= 'Search Engine, ';
        if ($type & 1) $typemeaning .= 'Suspicious, ';
        if ($type & 2) $typemeaning .= 'Harvester, ';
        if ($type & 4) $typemeaning .= 'Comment Spammer, ';
        $typemeaning = trim($typemeaning,', ');
        
        // echo "$type : $typemeaning of level $threat ";
        
        // Now determine some blocking policy
        if (
        ($type >= 4 && $threat > 0) // Comment spammer with any threat level
            ||
        ($type < 4 && $threat > 20) // Other types, with threat level greater than 20
        ) {
            $block = true;
        }
        
        if ($block) {
            ozh_httpbl_logme($block,$ip,$type,$threat,$activity);
            ozh_httpbl_blockme();
            die();
        }
    
    }
}


function ozh_httpbl_logme($block = false, $ip='', $type='',$threat='',$activity='') {
    $log = fopen('./block.log','a');
    $stamp = date('Y-m-d :: H-i-s');
    
    // Some stuff you could log for further analysis
    $page = $_SERVER['REQUEST_URI'];
    $ua = $_SERVER["HTTP_USER_AGENT"];
        
    if ($block) {
        fputs($log,"$stamp :: BLOCKED $ip :: $type :: $threat :: $activity :: $page :: $ua\n");
    } else {
        fputs($log,"$stamp :: UNBLCKD $ip :: $page :: $ua\n");
    }
    fclose($log);
}


function ozh_httpbl_blockme() {
    header('HTTP/1.0 403 Forbidden');
    echo <<<HTML
    <script type="text/javascript">
    function setcookie( name, value, expires, path, domain, secure ) {
        // set time, it's in milliseconds
        var today = new Date();
        today.setTime( today.getTime() );
    
        if ( expires ) {
            expires = expires * 1000 * 60 * 60 * 24;
        }
        var expires_date = new Date( today.getTime() + (expires) );
    
        document.cookie = name + "=" +escape( value ) +
        ( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) + 
        ( ( path ) ? ";path=" + path : "" ) + 
        ( ( domain ) ? ";domain=" + domain : "" ) +
        ( ( secure ) ? ";secure" : "" );
    }    
    function letmein() {
        setcookie('notabot','true',1,'/', '', '');
        location.reload(true);
    }
    </script>
    <h1>Forbidden</h1>
    <p>Sorry. You are using a suspicious IP.</p>
    <p>If you are NOT a bot of any kind please <a href="javascript:letmein()">click here</a> to access the page.</p>
    
HTML;
}


?>

Now save the file as httpbl.php and also upload the file to the root of your domain.

What have we done here?

Some of you may have noticed that this was quite long winded. With a regular website the PHP code can be added straight to the php files or even with a html page it would be done in less steps.

Basically vBulletin runs on templates and does not allow PHP code to be added straight to the source code.

With a regular website the first 1/2/3 steps are not needed, with vBulletin the first 1/2/3 steps are used to inject the code in the httpbl.php file.

How do I test this?

Apart from getting your IP blacklisted on the Project Honey Pots spamlist there doesn't seem to be much in the way of testing this. As there are a few jumps to get to the httpbl.php file I did the following to make sure the final code (step 4) is being called.

Open httpbl.php, find.

$_SERVER['REMOTE_ADDR']

Replace with.

123.44.66.99

Re-upload the file, then test your site. If the file is being called correct you will get a white screen as the code called in the final stage is now broken. It's a crude way but it works. Undo the changes to the file and re-upload again.

I also have a honey trap setup on my sites that invokes after the http:BL block script. Since installing http:BL I have had no traps triggered, prior to this I had 91 on one site in a matter of days. So the script seems to be blocking bots before they hit the traps, another confirmation that this works. You can add your own honey traps if you need further confirmation. Make sure you add the code after the http:BL block you have setup here, so below $projecthp in the header.

[Emrys88]

Nice Guide:D.

[Saviour]

Hybr!d...

You should also state in your instructions above, that they need to request this http:BL key using the following link, once they've registered and logged in at Honey Pot: Request an Access Key

Once they've completed the simple form submission, they will be given this key. It will then be viewable in their Dashboard at the location you specified, above.

I'm in the process of implementing this myself...in addition to the vBulletin StopForumSpam mod.

[Saviour]

I'm also assuming, from the below quote...

Quote:

I also have a honey trap setup on my sites that invokes after the http:BL block script. Since installing http:BL I have had no traps triggered, prior to this I had 91 on one site in a matter of days. So the script seems to be blocking bots before they hit the traps, another confirmation that this works. You can add your own honey traps if you need further confirmation. Make sure you add the code after the http:BL block you have setup here, so below $projecthp in the header.

...that a honey trap isn't needed. Am I correct in assuming this?

[Hybr!d]

No necessarily, if a new bot comes to your site it will not be blocked, so I still run one to catch new stuff not on the http:bl list.

[Hybr!d]

Quote:

Originally Posted by Saviour

Hybr!d...

You should also state in your instructions above, that they need to request this http:BL key using the following link, once they've registered and logged in at Honey Pot: Request an Access Key

Once they've completed the simple form submission, they will be given this key. It will then be viewable in their Dashboard at the location you specified, above.

I'm in the process of implementing this myself...in addition to the vBulletin StopForumSpam mod.

I did. Also where is there a stop forum spam mod, couldn't find one for vB myself.

Quote:

Installation:

You will need to sign up to Project Honey Pot here > http://www.projecthoneypot.org/

Then goto your dashboard and get your personal http:BL key. It's on the left at the bottom of your stats.

Follow these steps to get http:BL installed on vBulletin.

Step 1: ...................

[Saviour]

You never made mention that the script needed to be requested, though.

You just said you have to regster and then look for your key at the lower left of your stats. If you simply register...you're not automatically given a key...you have to request one.

Oh...and I tried your installation instructions..followed them to the "t"...and did not get it to work on my site.

The vbulletin mod can be found here: vbStopForumSpam

[Shimjocky]

Howdy, found your site while searching for this kind of vB plug in.
I just tried setting this up and I am getting some errors.

[php]Warning: include(projecthp.php) [function.include]: failed to open stream: No such file or directory in [path]/global.php(400) : eval()'d code on line 10

Warning: include(projecthp.php) [function.include]: failed to open stream: No such file or directory in [path]/global.php(400) : eval()'d code on line 10

Warning: include() [function.include]: Failed opening 'projecthp.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in [path]/global.php(400) : eval()'d code on line 10[/php]Anny suggestions?
I am running vB ver 3.8.1

[Hybr!d]

The projecthp.php file is not loading, so either it is not uploaded in the right place or your paths are wrong.

What is your forum?

[Shimjocky]

Hi Hybr!d.
Thanks for the ultra fast reply.

My forum is www.thedarkrealmphoenixclan.com

It is installed as a domain pointer on my account and it points to its own document root. I got the path from my website cp. My forum is in its own directory within the root of that domain. I also use vbadvanced and it's index is in the doc root. Both projecthp.php and httpbl.php are in the root of that domain.

The plugin is currently turned off so that my visitors don't have to see the error messages being generated.