Block spammers in vBulletin through Project Honey Pot

Forums are popular targets of spammers. Besides the automatic bots and robots which are usually blocked through different techniques like  captcha scripts, there are many human spammers. Project Honey Pot provides an enormous database with IPs from which spam attacks have been performed.

You can integrate their script in your vBulletin forum and block all access from suspicious and malicious IPs. Follow these steps to complete the integration:

1. Sign up at the Project Honey Pot web site.

2. Get your personal httpBL API key.

3. Open your vBulletin admin area->Styles & Templates->Style Manager. Pick the "Edit Templates" option from the drop-down menu next to your default style and click on the "Go" button. Pick the "header" option from the left drop-down menu and click on the "Edit" button. Paste the following line at the top of the source code:

$projecthp

and save the changes.

4. Navigate to Plugins & Products->Add New Plugin. Change the following options:

Hook Location: global_start


Title: Insert PHP For Project Honey Pot Block


Plugin PHP code:


ob_start();

include('projecthp.php');

$projecthp = ob_get_contents();

ob_end_clean();


Plugin is Active : Yes

Save the configuration.

5. Use a text editor like NotePad and create the projecthp.php file.

Enter the following code in it:

<?php
require_once('./httpbl.php');

?>

Upload the file in the root folder of your forum.

For example, if your forum is located at forum.yourdomainname.com and the absolute path to it is /home/user/public_html/forum/, upload the file in the forum subfolder.

You can find more details on how to upload files in our FTP tutorial.

6. Create httpbl.php and enter the following code in it:

<?php
/*
Script Name: Simple PHP http:BL implementation
Description: Simple script to check an IP against Project Honey Pot's database and let only legitimate users access your script
*/

/*** EDIT LINE 22 WITH YOUR OWN HTTP:BL ACCESS KEY ! ***/

if ($_COOKIE['notabot']) {
   ozh_httpbl_logme(false,    $_SERVER['REMOTE_ADDR']);
} else {
   ozh_httpbl_check();
}

function ozh_httpbl_check() {       // your http:BL key
   $apikey = 'YOUR_API_KEY';
      // IP to test
   $ip = $_SERVER['REMOTE_ADDR'];
      // build the lookup DNS query
   // Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org'
   $lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org';
      // check query response
   $result = explode( '.', gethostbyname($lookup));
      if ($result[0] == 127) {
       // query successful !
       $activity = $result[1];
       $threat = $result[2];
       $type = $result[3];
              if ($type & 0) $typemeaning .= 'Search Engine, ';
       if ($type & 1) $typemeaning .= 'Suspicious, ';
       if ($type & 2) $typemeaning .= 'Harvester, ';
       if ($type & 4) $typemeaning .= 'Comment Spammer, ';
       $typemeaning = trim($typemeaning,', ');
              // echo "$type : $typemeaning of level $threat ";
              // Now determine some blocking policy
       if (
       ($type >= 4 && $threat > 0) // Comment spammer with any threat level
           ||
       ($type < 4 && $threat > 20) // Other types, with threat level greater than 20
       ) {
           $block = true;
       }
              if ($block) {
           ozh_httpbl_logme($block,$ip,$type,$threat,$activity);
           ozh_httpbl_blockme();
           die();
       }
      }
}

function ozh_httpbl_logme($block = false, $ip='', $type='',$threat='',$activity='') {
   $log = fopen('./block.log','a');
   $stamp = date('Y-m-d :: H-i-s');
      // Some stuff you could log for further analysis
   $page = $_SERVER['REQUEST_URI'];
   $ua = $_SERVER["HTTP_USER_AGENT"];
          if ($block) {
       fputs($log,"$stamp :: BLOCKED $ip :: $type :: $threat :: $activity :: $page :: $uan");
   } else {
       fputs($log,"$stamp :: UNBLCKD $ip :: $page :: $uan");
   }
   fclose($log);
}

function ozh_httpbl_blockme() {
   header('HTTP/1.0 403 Forbidden');
   echo <<<HTML
   <script type="text/javascript">
   function setcookie( name, value, expires, path, domain, secure ) {
       // set time, it's in milliseconds
       var today = new Date();
       today.setTime( today.getTime() );
          if ( expires ) {
           expires = expires * 1000 * 60 * 60 * 24;
       }
       var expires_date = new Date( today.getTime() + (expires) );
          document.cookie = name + "=" +escape( value ) +
       ( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
       ( ( path ) ? ";path=" + path : "" ) +
       ( ( domain ) ? ";domain=" + domain : "" ) +
       ( ( secure ) ? ";secure" : "" );
   }       function letmein() {
       setcookie('notabot','true',1,'/', '', '');
       location.reload(true);
   }
   </script>
   <h1>Forbidden</h1>
   <p>Sorry. You are using a suspicious IP.</p>
   <p>If you are NOT a bot of any kind please <a href="javascript:letmein()">click here</a> to access the page.</p>
   HTML;
}

?>

Change "YOUR_API_KEY" in the $apikey = 'YOUR_API_KEY'; line with your httpBL API key.

Upload the file in the same folder as projecthp.php.

7. The blocked connections along with the IPs will be stored in the block.log file under the forum root folder.

You can check the IPs listed in this file at: http://www.projecthoneypot.org/search_ip.php

There you will see the reason for the IP blocking.

You need help with an application? SiteGround is specialized in hosting and supporting more than 200 scripts. Sign up for our web hosting services and let us help you with your application, 24/7!