[dw-free] sysban by IP not blocking IPs
[commit: http://hg.dwscoalition.org/dw-free/rev/f178b980dfa1]
http://bugs.dwscoalition.org/show_bug.cgi?id=1285
Make sysban by IP address and uniq cookie work with no BLOCKED_BOT_URI
Patch by
alierak.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=1285
Make sysban by IP address and uniq cookie work with no BLOCKED_BOT_URI
Patch by
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
Files modified:
- cgi-bin/Apache/LiveJournal.pm
- cgi-bin/LJ/UniqCookie.pm
- doc/config-private.pl.txt
-------------------------------------------------------------------------------- diff -r ad818972bb86 -r f178b980dfa1 cgi-bin/Apache/LiveJournal.pm --- a/cgi-bin/Apache/LiveJournal.pm Sat Jun 06 17:03:25 2009 +0000 +++ b/cgi-bin/Apache/LiveJournal.pm Sat Jun 06 21:34:52 2009 +0000 @@ -351,17 +351,19 @@ sub trans } # check for sysbans on ip address - foreach my $ip (@req_hosts) { - if (LJ::sysban_check('ip', $ip) && index($uri, $LJ::BLOCKED_BOT_URI) != 0) { - $r->handler("perl-script"); - $r->push_handlers(PerlResponseHandler => \&blocked_bot ); + unless ( $LJ::BLOCKED_BOT_URI && index( $uri, $LJ::BLOCKED_BOT_URI ) == 0 ) { + foreach my $ip (@req_hosts) { + if ( LJ::sysban_check( 'ip', $ip ) ) { + $r->handler( "perl-script" ); + $r->push_handlers( PerlResponseHandler => \&blocked_bot ); + return OK; + } + } + if ( LJ::run_hook( "forbid_request", $r ) { + $r->handler( "perl-script" ); + $r->push_handlers( PerlResponseHandler => \&blocked_bot ); return OK; } - } - if (LJ::run_hook("forbid_request", $r) && index($uri, $LJ::BLOCKED_BOT_URI) != 0) { - $r->handler("perl-script"); - $r->push_handlers(PerlResponseHandler => \&blocked_bot ); - return OK; } # see if we should setup a minimal scheme based on the initial part of the diff -r ad818972bb86 -r f178b980dfa1 cgi-bin/LJ/UniqCookie.pm --- a/cgi-bin/LJ/UniqCookie.pm Sat Jun 06 17:03:25 2009 +0000 +++ b/cgi-bin/LJ/UniqCookie.pm Sat Jun 06 21:34:52 2009 +0000 @@ -440,13 +440,12 @@ sub sysban_should_block { my $r = BML::get_request(); my $uri = $r->uri; + return 0 if ( $LJ::BLOCKED_BOT_URI && index( $uri, $LJ::BLOCKED_BOT_URI ) == 0 ); # if cookie exists, check for sysban if (my @cookieparts = $class->parts_from_cookie) { my ($uniq, $uniq_time, $uniq_extra) = @cookieparts; - if (LJ::sysban_check('uniq', $uniq) && index($uri, $LJ::BLOCKED_BOT_URI) != 0) { - return 1; - } + return 1 if LJ::sysban_check( 'uniq', $uniq ); } return 0; diff -r ad818972bb86 -r f178b980dfa1 doc/config-private.pl.txt --- a/doc/config-private.pl.txt Sat Jun 06 17:03:25 2009 +0000 +++ b/doc/config-private.pl.txt Sat Jun 06 21:34:52 2009 +0000 @@ -40,6 +40,13 @@ %SITE_PAGESTAT_CONFIG = ( # google_analytics => 'UA-xxxxxx-x', ); + + # Path (e.g. /bots) at which a informational page about your acceptable bot + # policies are documented. This URI is excluded from anti-bot measures, so + # make sure it's as permissive as possible to allow humans in who may be + # lazy in their typing. For example, leave off the trailing slash (/bots + # instead of /bots/) if your URI is a directory. + #$BLOCKED_BOT_URI = '/bots'; } { --------------------------------------------------------------------------------