Recent Topics

1 May 02, 2006 03:27    

For some reason I am now unable to get to my site. I think my URL has somehow been blacklisted.

Here's the problem. If someone tries to get to my blog from a bookmark or by entering the address manually into their browser a 403 error comes up. Yet if you click on the link below you won't get the error:

www.alex-sara.com/blog

But now once you are at the site press your browsers 'Go' button or try manually re-entering the blog address into your browser and the 403 error will come up.

Please any help would be appreciated, I am fairly new to all this.

Thanks!

2 May 02, 2006 15:58

I got the 403 page when I visited your blog from this forum and when I reloaded your page, but not when I visited a permalink or an archive page. I'm going to guess that somehow you've locally blacklisted pages you didn't really want to blacklist. For example your own domain is blacklisted and possibly b2evolution.net?

I don't recall if .9.1 allows you to search for specific keywords in your local antispam list. If not you will have to use something like phpmyadmin to see if (any variation of) b2evolution is locally blocked. Same thing with your own domain.

I can verify beyond any doubt that your domain is not blocked by the official keyword list, though I understand that verification of this doesn't help you get where you want to be.

3 May 02, 2006 17:35

BigA, to hack this, you could uncomment the part that calls the "403 forbidden" page. (Search for "_referer_spam" in all .php files).

For what it's worth, I've just moved the functionality to the basic antispam plugin for Phoenix (which is still to be released): it won't get called for backoffice/admin requests in general and you can easily disable it completely.

Sorry for the inconvenience.

4 May 03, 2006 00:30

Thanks for the replies. What should I search for in the keyword list when I am looking to see if my domain or b2evolution is some how being blocked? I guess my question is what do I search for?

Thanks

5 May 03, 2006 00:42

The antispam system is a very basic "does it contain this string" type of thing. Obviously search for your domain name itself, and maybe alex then sara. The shorter you get the more you might match other stuff that isn't blocking you (obviously). b2evolution or b2evo or b2 or evolution or evo would all block b2evolution.net traffic.

6 May 03, 2006 01:49

BigA, the easiest would be to set $debug = 1 in /conf/_advanced.php. This will give you the reason why it has been blocked in the Debuglog output at the bottom of the output.

7 May 03, 2006 02:59

Thanks again for the reply. Ok I have set debug to true and it now displays the debuglog. It reports that 1 row has been found and is therefore causing the 403 error. Now how do I find which aspm_sting is causing the problem?

Thanks

8 May 03, 2006 03:58

There should be a line like


Url refused. Debug info: blacklisted word: XXX

As for the aspm_string, you could set


$EvoConfig->DB['debug_dump_rows'] = 100;


to get a table of the first 100 rows for each query (requires "Phoenix"), but the first info should be enough.

9 May 03, 2006 04:46

Hmm for some reson I don't see where it says

Url refused. Debug info: blacklisted word: XXX

Sorry I am a real noob so maybe I am confused. Where exactly is the debuglog and where would I find that info.

Also if this helps I am running v0.9.1.

Thanks again.

10 May 03, 2006 04:55

Then probably 0.9 does not display that info.. :(

In fact.. (I've just looked it up).

The place where it kills the request s in /b2evocore/_main.php. Just add


var_dump( $DB->last_result );


before the following line:


require dirname(__FILE__).'/_referer_spam.page.php';	// error & exit

..and please report back, what was causing this, of course.. :)

11 May 03, 2006 05:18

Thank you so much. I finally figured it out but I am just really confused. Apparently the list below were all the blacklisted words that were being caught. I have no idea why. . . there doesn't seem to be any connection. But I removed them all from my antispam list in the admin panel and now my site seems to work fine. Thank you very much for the help!

viagra
-porn
incest
ambien
sucks.nl
vdirect.com
celebrex
lol.to
goodcounter.net
mx.gs
dztalk.com
sborrate-in-faccia.com
webnooficial.com
menproblems.info
easysolution.be

12 May 03, 2006 06:07

You're welcome.

So, you removed them one by one, after they have triggered the "403" page again?

Really strange, I cannot see a match there, too.. 8|

13 May 08, 2006 07:58

I had the same problem in 1.6, I was considered referral spam if I came from a static page (non b2) in my site to a b2 page.

I commented out this:


		// Check if the referer is valid and is not blacklisted:
//		if( $error = validate_url( $this->referer,  $comments_allowed_uri_scheme ) )
//		{
//			$Debuglog->add( 'detect_referer(): '.$error, 'hit');
//			$this->referer_type = 'spam'; // Hazardous
//			$this->referer = false;
			// QUESTION: add domain to T_basedomains, type 'blacklist' ?

			// This is most probably referer spam,
			// In order to preserve server resources, we're going to stop processing immediatly!!
//	require dirname(__FILE__).'/_referer_spam.page.php';	// error & exit
			// THIS IS THE END!!
//		}


		// Check blacklist, see {@link $blackList}
		// NOTE: This is NOT the antispam!!
		// fplanque: we log these again, because if we didn't we woudln't detect
		// reloads on these... and that would be a problem!
		// foreach( $blackList as $lBlacklist )
//		{
//			if( strpos( $this->referer, $lBlacklist ) !== false )
//			{
//				$Debuglog->add( 'detect_referer(): blacklist ('.$lBlacklist.')', 'hit' );
//				$this->referer_type = 'blacklist';
//				return;
//			}
//		}

in _hit.class.php and the problem went away.

Thanks.


Form is loading...