From 0a46ccb01827b1e3f38eba285f91530a877e58d9 Mon Sep 17 00:00:00 2001 From: andibraeu Date: Sun, 14 Jun 2015 13:05:47 +0200 Subject: [PATCH 1/3] add forbidden ips and browsers to .htaccess --- web/.htaccess | 245 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 244 insertions(+), 1 deletion(-) diff --git a/web/.htaccess b/web/.htaccess index 0c5f37d..2a0ed73 100644 --- a/web/.htaccess +++ b/web/.htaccess @@ -5,9 +5,183 @@ # to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl). DirectoryIndex app.php +RewriteEngine On +# Begin HackRepair.com Blacklist +# Abuse Agent Blocking + RewriteEngine on +# RewriteCond %{REQUEST_URI} .*\.ics [NC] +# RewriteRule ^(.*) app.php [L] + RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Acunetix [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^binlar [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Bolt\ 0 [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot\@yahoo\.com [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^BOT\ for\ JCE [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^casper [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^checkprivacy [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^clshttp [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^cmsworldmap [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^comodo [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Default\ Browser\ 0 [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^diavol [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^DIIbot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^dotbot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^extract [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^feedfinder [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^FHscan [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^flicky [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^g00g1e [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^grab [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^harvest [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^InternetSeer\.com [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^jakarta [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^kanagawa [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^kmccrew [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^libwww [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Maxthon$ [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^microsoft\.url [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^miner [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*Indy [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Mozilla\.*NEWT [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^MSFrontPage [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^nutch [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^PeoplePal [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^planetwork [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^purebot [NC,OR] +# RewriteCond %{HTTP_USER_AGENT} ^pycurl [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Rippers\ 0 [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^SeaMonkey$ [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^sitecheck\.internetseer\.com [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^skygrid [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^sucker [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Toata\ dragostea\ mea\ pentru\ diavola [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^turnit [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^vikspider [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WPScan [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR] +# RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WWW-Mechanize [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Yandex [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ^zmeu [NC,OR] + RewriteCond %{HTTP_USER_AGENT} AhrefsBot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} CazoodleBot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} discobot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ecxi [NC,OR] + RewriteCond %{HTTP_USER_AGENT} GT::WWW [NC,OR] + RewriteCond %{HTTP_USER_AGENT} heritrix [NC,OR] + RewriteCond %{HTTP_USER_AGENT} HTTP::Lite [NC,OR] + RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ia_archiver [NC,OR] + RewriteCond %{HTTP_USER_AGENT} id-search [NC,OR] + RewriteCond %{HTTP_USER_AGENT} id-search\.org [NC,OR] + RewriteCond %{HTTP_USER_AGENT} IDBot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] + RewriteCond %{HTTP_USER_AGENT} IRLbot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ISC\ Systems\ iRc\ Search\ 2\.1 [NC,OR] + RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR] + RewriteCond %{HTTP_USER_AGENT} lwp-trivial [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Microsoft\ URL\ Control [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Missigua\ Locator [NC,OR] + RewriteCond %{HTTP_USER_AGENT} MJ12bot [NC,OR] + RewriteCond %{HTTP_USER_AGENT} panscient.com [NC,OR] + RewriteCond %{HTTP_USER_AGENT} PECL::HTTP [NC,OR] + RewriteCond %{HTTP_USER_AGENT} PHPCrawl [NC,OR] + RewriteCond %{HTTP_USER_AGENT} PleaseCrawl [NC,OR] + RewriteCond %{HTTP_USER_AGENT} SBIder [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Snoopy [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Steeler [NC,OR] +# RewriteCond %{HTTP_USER_AGENT} URI::Fetch [NC,OR] + RewriteCond %{HTTP_USER_AGENT} urllib [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Web\ Sucker [NC,OR] + RewriteCond %{HTTP_USER_AGENT} webalta [NC,OR] + RewriteCond %{HTTP_USER_AGENT} WebCollage [NC,OR] + RewriteCond %{HTTP_USER_AGENT} Wells\ Search\ II [NC,OR] + RewriteCond %{HTTP_USER_AGENT} WEP\ Search [NC,OR] + RewriteCond %{HTTP_USER_AGENT} zermelo [NC,OR] + RewriteCond %{HTTP_USER_AGENT} ZyBorg [NC] + RewriteRule ^.* - [F,L] + + +# Abuse HTTP Referrer Blocking end + RewriteEngine On - # Determine the RewriteBase automatically and set it as environment variable. # If you are using Apache aliases to do mass virtual hosting or installed the # project in a subdirectory, the base path will be prepended to allow proper @@ -39,7 +213,76 @@ DirectoryIndex app.php # Rewrite all other queries to the front controller. RewriteRule .? %{ENV:BASE}/app.php [L] + + + +# Start Custom Blocks +# Bluecoat +deny from 8.21.4.254 +deny from 65.46.48.192/30 +deny from 65.160.238.176/28 +deny from 85.92.222.0/24 +deny from 206.51.36.0/22 +deny from 216.52.23.0/24 +# cyveillance +deny from 38.100.19.8/29 +deny from 38.100.21.0/24 +deny from 38.100.41.64/26 +deny from 38.105.71.0/25 +deny from 38.105.83.0/27 +deny from 38.112.21.140/30 +deny from 38.118.42.32/29 +deny from 65.213.208.128/27 +deny from 65.222.176.96/27 +deny from 65.222.185.72/29 +# Cyberpatrol +deny from 38.103.17.160/27 +# Internet Identity - Anti-Phishing +deny from 66.113.96.0/20 +deny from 70.35.113.192/27 +# Ironport +deny from 204.15.80.0/22 +# Lightspeed Systems Security +deny from 66.17.15.128/26 +deny from 69.84.207.32/27 +deny from 69.84.207.128/25 +# Layered Technologies +deny from 72.36.128.0/17 +deny from 72.232.0.0/16 +deny from 72.233.0.0/17 +deny from 216.32.0.0/14 +# M86 +deny from 67.192.231.224/29 +deny from 208.90.236.0/22 +# Phish-Inspector.com +deny from 209.147.127.208/28 +# Prescient Software, Inc. Phishmongers +deny from 198.186.190.0/23 +deny from 198.186.192.0/23 +deny from 198.186.194.0/24 +# urlfilterdb +deny from 207.210.99.32/29 +# websense-in.car1.sandiego1.level3.net +deny from 4.53.120.22 +# Websense +deny from 66.194.6.0/24 +deny from 67.117.201.128/28 +deny from 69.67.32.0/20 +deny from 131.191.87.0/24 +deny from 204.15.64.0/21 +deny from 208.80.192.0/21 +deny from 212.62.26.64/27 +deny from 213.168.226.0/24 +deny from 213.168.241.0/30 +deny from 213.168.242.0/30 +deny from 213.236.150.16/28 +# End Custom Blocks. Add a couple line breaks below this as well. +# Block comment spammers and bad bots +# Add your custom IP block list here. Example format: +# deny from 4.53.120.22 +# End Block comment spammers, bad bots and some proxies +# End HackRepair.com Blacklist, http://pastebin.com/u/hackrepair From 3d4500b846a042108366668f63873ac06c58ba65 Mon Sep 17 00:00:00 2001 From: andibraeu Date: Sun, 14 Jun 2015 15:05:09 +0200 Subject: [PATCH 2/3] updated forms to protect them from spamming --- .../Controller/EventController.php | 27 ++++++++++--------- .../Controller/RepeatingEventController.php | 3 +++ .../views/Event/event_form.html.twig | 17 +++++++++++- .../repeating_event_form.html.twig | 17 +++++++++++- 4 files changed, 50 insertions(+), 14 deletions(-) diff --git a/src/Hackspace/Bundle/CalciferBundle/Controller/EventController.php b/src/Hackspace/Bundle/CalciferBundle/Controller/EventController.php index 79ccc0d..d477cad 100755 --- a/src/Hackspace/Bundle/CalciferBundle/Controller/EventController.php +++ b/src/Hackspace/Bundle/CalciferBundle/Controller/EventController.php @@ -156,16 +156,17 @@ public function createAction(Request $request) { $entity = new Event(); - $em = $this->saveEvent($request, $entity); - - - $errors = $entity->isValid(); - if ($errors === true) { - $em = $this->getDoctrine()->getManager(); - $em->persist($entity); - $em->flush(); - - return $this->redirect($this->generateUrl('_show', array('slug' => $entity->slug))); + if (! $request->get('origin')) { + $em = $this->saveEvent($request, $entity); + $errors = $entity->isValid(); + if ( $errors === true ) { + $em = $this->getDoctrine()->getManager(); + $em->persist($entity); + $em->flush(); + return $this->redirect($this->generateUrl('_show', array('slug' => $entity->slug))); + } + } else { + return $this->redirect($this->generateUrl('')); } return array( @@ -284,16 +285,18 @@ public function updateAction(Request $request, $slug) throw $this->createNotFoundException('Unable to find Event entity.'); } - $em = $this->saveEvent($request, $entity); $errors = $entity->isValid(); - if ($errors === true) { + if ($errors === true && (! $request->get('origin'))) { + $em = $this->saveEvent($request, $entity); $em = $this->getDoctrine()->getManager(); $em->persist($entity); $em->flush(); return $this->redirect($this->generateUrl('_show', array('slug' => $entity->slug))); + } else { + return $this->redirect($this->generateUrl('')); } return array( diff --git a/src/Hackspace/Bundle/CalciferBundle/Controller/RepeatingEventController.php b/src/Hackspace/Bundle/CalciferBundle/Controller/RepeatingEventController.php index 28b1341..50ad4fb 100755 --- a/src/Hackspace/Bundle/CalciferBundle/Controller/RepeatingEventController.php +++ b/src/Hackspace/Bundle/CalciferBundle/Controller/RepeatingEventController.php @@ -178,6 +178,9 @@ private function fillEntity(Request $request, RepeatingEvent $entity) private function saveRepeatingEvent(Request $request, RepeatingEvent $entity) { + if ( $request->get('origin')) { + return false; + } $location = $request->get('location'); $location_lat = $request->get('location_lat'); $location_lon = $request->get('location_lon'); diff --git a/src/Hackspace/Bundle/CalciferBundle/Resources/views/Event/event_form.html.twig b/src/Hackspace/Bundle/CalciferBundle/Resources/views/Event/event_form.html.twig index e584fe3..c502296 100755 --- a/src/Hackspace/Bundle/CalciferBundle/Resources/views/Event/event_form.html.twig +++ b/src/Hackspace/Bundle/CalciferBundle/Resources/views/Event/event_form.html.twig @@ -147,7 +147,22 @@ +
+ +
+ + +
+ +
+
+
- \ No newline at end of file + diff --git a/src/Hackspace/Bundle/CalciferBundle/Resources/views/RepeatingEvent/repeating_event_form.html.twig b/src/Hackspace/Bundle/CalciferBundle/Resources/views/RepeatingEvent/repeating_event_form.html.twig index f258b28..fb8e121 100755 --- a/src/Hackspace/Bundle/CalciferBundle/Resources/views/RepeatingEvent/repeating_event_form.html.twig +++ b/src/Hackspace/Bundle/CalciferBundle/Resources/views/RepeatingEvent/repeating_event_form.html.twig @@ -157,8 +157,23 @@
Du kannst hier kommasepariert Tags angeben.
+
+ +
+ + +
+ +
+
+
- \ No newline at end of file + From 59cb3afddbecb3a35ea7a9cba891644deb256119 Mon Sep 17 00:00:00 2001 From: andibraeu Date: Sun, 14 Jun 2015 15:08:06 +0200 Subject: [PATCH 3/3] updated css for oos spam fields --- .../CalciferBundle/Resources/assets/css/events.scss | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/Hackspace/Bundle/CalciferBundle/Resources/assets/css/events.scss b/src/Hackspace/Bundle/CalciferBundle/Resources/assets/css/events.scss index 2abe00a..6d4581b 100755 --- a/src/Hackspace/Bundle/CalciferBundle/Resources/assets/css/events.scss +++ b/src/Hackspace/Bundle/CalciferBundle/Resources/assets/css/events.scss @@ -34,4 +34,13 @@ margin-top: 0; margin-bottom: 0; } -} \ No newline at end of file +} + +.oos { + position:absolute; + left:-10000px; + top:auto; + width:1px; + height:1px; + overflow:hidden; +}