e107.org: Forums / Core Support / Using ZB Block with E107

e107.org :: Forums :: e107 Support :: Core Support		<< Previous thread \| Next thread >>
Using ZB Block with E107

Go to page 1 2 3 4 5 [6]
Moderators: jalist, McFly, bkwon, streaky, C6Dave, SecretR, steved, bugrain, AndyDev, Hansi64, nlstart

Author

Post

Liquid_Squelch

Wed Aug 25 2010, 04:36PM

Registered Member #22677

Joined: Mon Nov 28 2005, 05:06PM
Location: Long Island, NY
Posts: 357

Fudsey wrote ...

OK I must have triggered an alert from my own IP, I got a 503 error when I tried to go to my site. I found my IP in the IPPBDB.csv file. I removed it and can view the site again.

Is this a bug?

No, it isn't a bug. You need to read the install document included with ZB Block.
It will explain how to add your IP address to the ZB Block platform so you don't ban yourself.

zaphodb777

Wed Aug 25 2010, 05:50PM

Registered Member #57750

Joined: Wed Jul 14 2010, 01:55PM
Location:
Posts: 64

La Mite en Pull wrote ...

ZBblock is so strong it sanitised even my affiliation iframes... Not cool at all to remove them !

How to remove ZBblock please ? I delete the folder, check class2 and config but it is still there.

ZB Block cannot sanitize frames on your site! Unless you see the "403 FORBIDDEN" or a "Error 503 : Service Temporarily Unavailable", which are pretty much the only 2 outputs possible of ZB Block, it is some other function's fault.

ZB Block does not modify pagecode, it can only stop protected pages from loading, or allow them to load. So if you are seeing [sanitized] on your site, please look elsewhere.

However, if you are seeing actual ZB Block error pages where your frames were, please share the code to load those frames, and I'll see where it is running awry of ZB Block.

ANYWAY, on part 2...

To turn off ZB Block, just replace zbblock.php with a 0 byte file. You might want to rename zbblock.php to some other filename instead of deleting it though, just incase you find out it wasn't ZB Block's fault.

Zap

--------------
Get Protected, Stay Protected with ZB Block
--------------

zaphodb777

Wed Aug 25 2010, 05:54PM

Registered Member #57750

Joined: Wed Jul 14 2010, 01:55PM
Location:
Posts: 64

jmg4life wrote ...
I did exactly what you told me to do, but the errors keep appearing:

Warning: file_get_contents(/customers/lm/lm/httpd.www/zbblock/vault/NOLOOKUP.CSV) [function.file-get-contents]: failed to open stream: No such file or directory, Line 287 of /customers/lm/lm/httpd.www/zbblock/zbblock.php

Notice: Undefined index: PATH_INFO, Line 374 of /customers/lm/lm/httpd.www/zbblock/zbblock.php

Warning: file_get_contents(/customers/lm/lm/httpd.www/zbblock/vault/IPWLDB.CSV) [function.file-get-contents]: failed to open stream: No such file or directory, Line 287 of /customers/lm/lm/httpd.www/zbblock/zbblock.php

I checked the folder vault, but I there is no NOLOOKUP.CSV or IPWDLB.CSV... ???

1. Your php.ini has error reporting on, dangerous.

2. Yes, that's a minor error, I will make a note that the installer needs to create those files.

3. Those files will be created by ZB Block as soon an an unnamed IP address touches your site, and you whitelist yourself.

4. If you can't wait for creation, make 2 0 byte files in their place. But do read the manual and whitelist yourself!

Zap

--------------
Get Protected, Stay Protected with ZB Block
--------------

Fudsey

Wed Aug 25 2010, 06:44PM

Registered Member #24897

Joined: Thu Feb 16 2006, 04:18PM
Location:
Posts: 69

Liquid_Squelch wrote ...

No, it isn't a bug. You need to read the install document included with ZB Block.
It will explain how to add your IP address to the ZB Block platform so you don't ban yourself.

OK did this and got the error

Warning: parse_ini_file() has been disabled for security reasons in \zbblock\zbblock.php on line 312

zaphodb777

Thu Aug 26 2010, 02:49AM

Registered Member #57750

Joined: Wed Jul 14 2010, 01:55PM
Location:
Posts: 64

It looks like your host has crippled php in the name of security.

They may have misunderstood that parsing an ini file is different from modifying/overriding the php.ini file.

http://php.net/manual/en/function.parse-ini-file.php wrote ...
"Note: This function has nothing to do with the php.ini file. It is already processed by the time you run your script. This function can be used to read in your own application's configuration files."

Sorry I can't help with a host caused problem.

Zap

--------------
Get Protected, Stay Protected with ZB Block
--------------

Fudsey

Thu Aug 26 2010, 02:32PM

Registered Member #24897

Joined: Thu Feb 16 2006, 04:18PM
Location:
Posts: 69

OK I figured that out. I am my own host so that just needed to be edited in the php.ini. I got it to work on one of my sites, but I get a new error on the other site

Warning: parse_ini_file (zbblock\vault/zbblock.ini) [function.parse-ini-file]: failed to open stream: Invalid argument in \zbblock\zbblock.php on line 312

Is this the same error?

Fudsey

Thu Aug 26 2010, 07:47PM

Registered Member #24897

Joined: Thu Feb 16 2006, 04:18PM
Location:
Posts: 69

OK some clarification, I opened the Vault folder in the 2nd site and there are a few files missing.

IPDDB.CSV
IPPBDB.CSV
IPWLDB.CSV
NOLOOKUP.CSV

Can I just copy them from the folder from my other site or do I need to do a reinstall on the 2nd site??

zaphodb777

Thu Aug 26 2010, 11:14PM

Registered Member #57750

Joined: Wed Jul 14 2010, 01:55PM
Location:
Posts: 64

Set /vault/ to chmod 777, and make sure the NO ALLOW .htaccess is in there (The one that comes with ZB Block).

The files will auto generate when 1. you whitelist yourself, 2. the baddies visit, and 3. When the first un-resolvable IP touches your site.

(ZB Block learns what IPs are unresolvable, and knows not to try lookup a second time (speeds up sites considerably over .htaccess mods that keep trying to resolve.)

Or, just re-install.

Zap

[ Edited Thu Aug 26 2010, 11:20PM ]

--------------
Get Protected, Stay Protected with ZB Block
--------------

Fudsey

Fri Aug 27 2010, 02:56PM

Registered Member #24897

Joined: Thu Feb 16 2006, 04:18PM
Location:
Posts: 69

Did a reinstall and got that same error when trying to run the password script.

Warning: parse_ini_file(C:\xxxxxx\xxxxxx emkv\zbblock\vault/zbblock.ini) [function.parse-ini-file]: failed to open stream: Invalid argument in C:\xxxxxxx\xxxxx\nemkv\zbblock\zbblock.php on line 312

[ Edited Fri Aug 27 2010, 02:57PM ]

zollk60

Fri Aug 27 2010, 03:21PM

Registered Member #27052

Joined: Thu Apr 27 2006, 07:11PM
Location: Northern NY
Posts: 66

Looks to me that directory.inc is not being created in zbblock\vault, or the value of $path_to_zbblock is incorrect in directory.inc.

"Only those who fail greatly can ever achieve greatly" - Robert F. Kennedy
Microsoft Most Valuable Professional - Consumer Security (2007-2008)
Member - Alliance of Security Analysis Professionals - Since 2006

Fudsey

Fri Aug 27 2010, 03:59PM

Registered Member #24897

Joined: Thu Feb 16 2006, 04:18PM
Location:
Posts: 69

I just checked and directory.inc is there and is correct.

Could this be because I have 2 installs of zbblock on 1 machine?

I am my own host on a windows server2003 box hosted at a collocation site. It is running IIS and inside of wwwroot, I have 2 e107 sites, each in their own folder. Inside each site folder, I have a zbblock folder and installed it from each website.

Should the directory.inc have something different instead of "php global $path_to_zbblock" to "php local $path_to_zbblock" ?

Or should I try a single install for both sites in the wwwroot folder?

[ Edited Fri Aug 27 2010, 04:02PM ]

zollk60

Fri Aug 27 2010, 07:58PM

Registered Member #27052

Joined: Thu Apr 27 2006, 07:11PM
Location: Northern NY
Posts: 66

The problem is with the slashes.

Produces path errors

$path_to_zbblock="C:\xxxxxx\xxxxxx emkv\zbblock\";

Change to:

$path_to_zbblock="C:/xxxxxx/xxxxxx emkv/zbblock/";

Fudsey

Fri Aug 27 2010, 08:36PM

Registered Member #24897

Joined: Thu Feb 16 2006, 04:18PM
Location:
Posts: 69

OK that worked, but strange thing is, the other website it is the way above is not the way you showed....

not sure about why that is like that....

zollk60

Sat Aug 28 2010, 06:29AM

Registered Member #27052

Joined: Thu Apr 27 2006, 07:11PM
Location: Northern NY
Posts: 66

It may be that you chose different methods for determining the path during installation.

There are some significant differences between IIS and Apache when it comes to running PHP.

Boogey

Sun Aug 29 2010, 07:45AM

Registered Member #52383

Joined: Tue Aug 04 2009, 07:18AM
Location:
Posts: 77

Where do i need to insert my email adress ? Is ok if is like in this example ?

*** Email for Feedback *** ; ; Show an e-mail address in the 403 screen so ; the blocked innocent can notify admin of the ; accidental block? ; ; CAUTION: ONLY USE WITH A DISPOSABLE E-MAIL! ; Such as <a rel='external' href='javascript:window.location="mai"+"lto:"+"blocked"+"@"+"yourdomain.com";self.close();' onmouseover='window.status="mai"+"lto:"+"blocked"+"@"+"yourdomain.com"; return true;' onmouseout='window.status="";return true;'><img src='http://e107.org/e107_themes/lamb/images/email.png' style='border:0;' alt='click to send email' /></a> . As it's sure ; to generate spam! ; ; values: ; "" Turn off e-mail address ; notification. ; "email@domain.tld" (replace with proper data) ; Turn on e-mail link in 403 ; page. ; ; default: e_mail = "" e_mail = "email@domain.tld"

[ Edited Sun Aug 29 2010, 07:46AM ]

Noutati IT

zaphodb777

Sun Aug 29 2010, 01:31PM

Registered Member #57750

Joined: Wed Jul 14 2010, 01:55PM
Location:
Posts: 64

Yes, change email@domain.tld to your e-mail address.

If you have a Google service mail like I do, or your own mail-server, I suggest generating an account like blocked@domain.tld , so your normal inbox doesn't get swamped.

Zap

[ Edited Sun Aug 29 2010, 01:33PM ]

--------------
Get Protected, Stay Protected with ZB Block
--------------