pauamma: Cartooney crab wearing hot pink and acid green facemask holding drink with straw (Default)
Res facta quae tamen fingi potuit ([personal profile] pauamma) wrote in [site community profile] changelog2009-06-06 09:35 pm

[dw-free] sysban by IP not blocking IPs

[commit: http://hg.dwscoalition.org/dw-free/rev/f178b980dfa1]

http://bugs.dwscoalition.org/show_bug.cgi?id=1285

Make sysban by IP address and uniq cookie work with no BLOCKED_BOT_URI

Patch by [personal profile] alierak.

Files modified:
  • cgi-bin/Apache/LiveJournal.pm
  • cgi-bin/LJ/UniqCookie.pm
  • doc/config-private.pl.txt
--------------------------------------------------------------------------------
diff -r ad818972bb86 -r f178b980dfa1 cgi-bin/Apache/LiveJournal.pm
--- a/cgi-bin/Apache/LiveJournal.pm	Sat Jun 06 17:03:25 2009 +0000
+++ b/cgi-bin/Apache/LiveJournal.pm	Sat Jun 06 21:34:52 2009 +0000
@@ -351,17 +351,19 @@ sub trans
     }
 
     # check for sysbans on ip address
-    foreach my $ip (@req_hosts) {
-        if (LJ::sysban_check('ip', $ip) && index($uri, $LJ::BLOCKED_BOT_URI) != 0) {
-            $r->handler("perl-script");
-            $r->push_handlers(PerlResponseHandler => \&blocked_bot );
+    unless ( $LJ::BLOCKED_BOT_URI && index( $uri, $LJ::BLOCKED_BOT_URI ) == 0 ) {
+        foreach my $ip (@req_hosts) {
+            if ( LJ::sysban_check( 'ip', $ip ) ) {
+                $r->handler( "perl-script" );
+                $r->push_handlers( PerlResponseHandler => \&blocked_bot );
+                return OK;
+            }
+        }
+        if ( LJ::run_hook( "forbid_request", $r ) {
+            $r->handler( "perl-script" );
+            $r->push_handlers( PerlResponseHandler => \&blocked_bot );
             return OK;
         }
-    }
-    if (LJ::run_hook("forbid_request", $r) && index($uri, $LJ::BLOCKED_BOT_URI) != 0) {
-        $r->handler("perl-script");
-        $r->push_handlers(PerlResponseHandler => \&blocked_bot );
-        return OK;
     }
 
     # see if we should setup a minimal scheme based on the initial part of the
diff -r ad818972bb86 -r f178b980dfa1 cgi-bin/LJ/UniqCookie.pm
--- a/cgi-bin/LJ/UniqCookie.pm	Sat Jun 06 17:03:25 2009 +0000
+++ b/cgi-bin/LJ/UniqCookie.pm	Sat Jun 06 21:34:52 2009 +0000
@@ -440,13 +440,12 @@ sub sysban_should_block {
 
     my $r = BML::get_request();
     my $uri = $r->uri;
+    return 0 if ( $LJ::BLOCKED_BOT_URI && index( $uri, $LJ::BLOCKED_BOT_URI ) == 0 );
 
     # if cookie exists, check for sysban
     if (my @cookieparts = $class->parts_from_cookie) {
         my ($uniq, $uniq_time, $uniq_extra) = @cookieparts;
-        if (LJ::sysban_check('uniq', $uniq) && index($uri, $LJ::BLOCKED_BOT_URI) != 0) {
-            return 1;
-        }
+        return 1 if LJ::sysban_check( 'uniq', $uniq );
     }
 
     return 0;
diff -r ad818972bb86 -r f178b980dfa1 doc/config-private.pl.txt
--- a/doc/config-private.pl.txt	Sat Jun 06 17:03:25 2009 +0000
+++ b/doc/config-private.pl.txt	Sat Jun 06 21:34:52 2009 +0000
@@ -40,6 +40,13 @@
     %SITE_PAGESTAT_CONFIG = (
     #    google_analytics => 'UA-xxxxxx-x',
     );
+
+    # Path (e.g. /bots) at which a informational page about your acceptable bot
+    # policies are documented.  This URI is excluded from anti-bot measures, so
+    # make sure it's as permissive as possible to allow humans in who may be
+    # lazy in their typing.  For example, leave off the trailing slash (/bots
+    # instead of /bots/) if your URI is a directory.
+    #$BLOCKED_BOT_URI = '/bots';
 }
 
 {
--------------------------------------------------------------------------------