Hi, I am and have so for a while now, receiving empty mail with just the sender IP from IPs that I have, as well as over 1000 others, signalled in AbuseIPDB
and
I have added the following script on top of the Load Actions, and as this did not make any difference I have moved the script to top of the Load Actions - but still these mails are come through. I have added my own IP and it gets blocked.
<?php
$banned_ips = array(
'46.229.168.129','46.229.168.131','46.229.168.132','46.229.168.133','46.229.168.134','46.229.168.135','46.229.168.136','46.229.168.137'
);
$ip_address = JRequest::getString( 'REMOTE_ADDR', '', 'server' );
if ( in_array($ip_address, $banned_ips) ) {
$app = JFactory::getApplication();
$app->redirect('index.php');
}
?>
Does anybody have any experience or idea with regards to these kind of abuses?
kind regards
Daniele
and
I have added the following script on top of the Load Actions, and as this did not make any difference I have moved the script to top of the Load Actions - but still these mails are come through. I have added my own IP and it gets blocked.
<?php
$banned_ips = array(
'46.229.168.129','46.229.168.131','46.229.168.132','46.229.168.133','46.229.168.134','46.229.168.135','46.229.168.136','46.229.168.137'
);
$ip_address = JRequest::getString( 'REMOTE_ADDR', '', 'server' );
if ( in_array($ip_address, $banned_ips) ) {
$app = JFactory::getApplication();
$app->redirect('index.php');
}
?>
Does anybody have any experience or idea with regards to these kind of abuses?
kind regards
Daniele
Hi Daniele,
I'd suggest that you use an event switcher, ChronoForms should capture the User IP address for you (add a Debugger to check what the data item is called). Then you can block - for example all addresses starting with 46.229.168. I guess that you have checked to be sure that this isn't the address of your own host as sometimes there are security checks run that test all URLs on a site and these can trigger false emails.
Bob
I'd suggest that you use an event switcher, ChronoForms should capture the User IP address for you (add a Debugger to check what the data item is called). Then you can block - for example all addresses starting with 46.229.168. I guess that you have checked to be sure that this isn't the address of your own host as sometimes there are security checks run that test all URLs on a site and these can trigger false emails.
Bob
Very many thanks Bob,
I will have a go and try and hope to set something working as I have absolutely no experience on switcher or similar and I hope the tutorial is of help to me as my technical knowledge is rather limited.
Yes, I have checked the IPs - they are all signaled as abusers and actually I have many more of them.
Should you come accross an example of a setting for event switching to block certain IPs from sending - you would make me very happy.
Have a nice day
kind regards
Daniele
I will have a go and try and hope to set something working as I have absolutely no experience on switcher or similar and I hope the tutorial is of help to me as my technical knowledge is rather limited.
Yes, I have checked the IPs - they are all signaled as abusers and actually I have many more of them.
Should you come accross an example of a setting for event switching to block certain IPs from sending - you would make me very happy.
Have a nice day
kind regards
Daniele
The data item is called {ip:}
If you want to go with an array, you would have a PHP block let's say called "is_banned". Check if $_SERVER['REMOTE_ADDR'] is in the array of banned IPs, return true / false, then have your event switcher look at {var:is_banned}
And you're better off doing this on a server level anyway - ban those IPs from your entire site, not just your form. Make sure they're not VPN ips though
If you want to go with an array, you would have a PHP block let's say called "is_banned". Check if $_SERVER['REMOTE_ADDR'] is in the array of banned IPs, return true / false, then have your event switcher look at {var:is_banned}
And you're better off doing this on a server level anyway - ban those IPs from your entire site, not just your form. Make sure they're not VPN ips though
This topic is locked and no more replies can be posted.
