WordPress.org

Ready to get started?Download WordPress

Forums

WP-Piwik
[resolved] Not working with 5G Blacklist (3 posts)

  1. eikaramba
    Member
    Posted 2 years ago #

    Hey guys, i recently "installed" the 5G Blacklist into my apache htaccess file. This is a nice pice of rules to block a lot of spam/bad boys and simplify network traffic. Nevertheless i found out that since doing that my wp-piwik and piwik at all stoped working. So i just wanted to give you the line that is causing this. When removing this line it should again work, maybe the developer even knows what to do in order to prevent this behaviour, as everythin else worked.

    Here is the full blacklist code(courtesy http://perishablepress.com/5g-blacklist/). THE BOLD LINE SHOULD BE REMOVED!

    # 5G blacklist/firewall
    # @ http://perishablepress.com/5g-blacklist/

    # 5G:[QUERY STRINGS]
    <ifModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{QUERY_STRING} (environ|localhost|mosconfig|scanner) [NC,OR]
    RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC,OR]
    RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
    RewriteCond %{QUERY_STRING} echo.*kae [NC,OR]
    RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
    RewriteCond %{QUERY_STRING} \=\\%27$ [NC,OR]
    RewriteCond %{QUERY_STRING} \=\\\'$ [NC,OR]
    RewriteCond %{QUERY_STRING} \.\./ [NC,OR]
    RewriteCond %{QUERY_STRING} \? [NC,OR]
    RewriteCond %{QUERY_STRING} \: [NC,OR]
    RewriteCond %{QUERY_STRING} \[ [NC,OR]
    RewriteCond %{QUERY_STRING} \] [NC]
    RewriteRule .* - [F]
    </ifModule>

    # 5G:[USER AGENTS]
    <ifModule mod_setenvif.c>
    SetEnvIfNoCase User-Agent ^$ keep_out
    SetEnvIfNoCase User-Agent (casper|cmsworldmap|diavol|dotbot) keep_out
    SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
    SetEnvIfNoCase User-Agent (libwww|planetwork|pycurl|skygrid) keep_out
    SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|turnit) keep_out
    SetEnvIfNoCase User-Agent (zmeu|nutch|vikspider|binlar|sucker) keep_out
    <limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    Deny from env=keep_out
    </limit>
    </ifModule>

    # 5G:[REQUEST STRINGS]
    <ifModule mod_alias.c>
    RedirectMatch 403 (https?|ftp|php)\://
    RedirectMatch 403 /(cgi|https?|ima|ucp)/
    RedirectMatch 403 /(Permanent|Better)$
    RedirectMatch 403 (\=\\\'|\=\\%27|/\\\'/?|\)\.css\()$
    RedirectMatch 403 (\,|//|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
    RedirectMatch 403 \.(cgi|asp|aspx|cfg|dll|exe|jsp|mdb|sql|ini|rar)$
    RedirectMatch 403 /(contac|fpw|install|pingserver|register)\.php$
    RedirectMatch 403 (base64|crossdomain|localhost|wwwroot|e107\_)
    RedirectMatch 403 (eval\(|\_vti\_|\(null\)|echo.*kae|config\.xml)
    RedirectMatch 403 \.well\-known/host\-meta
    RedirectMatch 403 /function\.array\-rand
    RedirectMatch 403 \)\;\$\(this\)\.html\(
    RedirectMatch 403 proc/self/environ
    RedirectMatch 403 msnbot\.htm\)\.\_
    RedirectMatch 403 /ref\.outcontrol
    RedirectMatch 403 com\_cropimage
    RedirectMatch 403 indonesia\.htm
    RedirectMatch 403 \{\$itemURL\}
    RedirectMatch 403 function\(\)
    RedirectMatch 403 labels\.rdf
    RedirectMatch 403 /playing.php
    RedirectMatch 403 muieblackcat
    </ifModule>

    # 5G:[BAD IPS]
    <limit GET POST PUT>
    Order Allow,Deny
    Allow from all
    # uncomment/edit/repeat next line to block IPs
    # Deny from 123.456.789
    </limit>

    http://wordpress.org/extend/plugins/wp-piwik/

  2. braekling
    Member
    Plugin Author

    Posted 2 years ago #

    Alternatively you can configure PHP to send a user agent or use the PHP API (beta) instead of REST API.

    Because there are obviously a lot of users running such lists I'll also think about an option to set the user agent in WP-Piwik itself.

    By the way: Of course such a list will reduce your network traffic, but I don't think it'll work fine to block spam and bad guys. Spammers can set their (software's) user agent to everything they want, so "real" bad guys won't tell you they are bad guys ;-)

  3. braekling
    Member
    Plugin Author

    Posted 1 year ago #

    0.9.6 allows to set an own user agent if not done by PHP itself.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.