Commit 78884530 authored by dmorley's avatar dmorley

updates

parent 663f4055
......@@ -699,6 +699,8 @@ GEM
simplecov-html (0.10.2)
sinon-rails (1.15.0)
railties (>= 3.1)
sitemap_generator (5.3.1)
builder (~> 3.0)
spring (2.1.0)
spring-commands-cucumber (1.0.1)
spring (>= 0.9.1)
......@@ -922,6 +924,7 @@ DEPENDENCIES
simple_captcha2 (= 0.5.0)
simplecov (= 0.16.1)
sinon-rails (= 1.15.0)
sitemap_generator (~> 5.1)
spring (= 2.1.0)
spring-commands-cucumber (= 1.0.1)
spring-commands-rspec (= 1.0.4)
......
.section
.container-fluid
<h2>Thank you for your help! Without I would have to put ads on the site.</h2><br>
<h2>Thank you for your help! Without I would have to put ads on the site and we would not exist.</h2><br>
<h3>Paypal Options:</h3>
<hr><table border=0><tr><td>
<b>Subscribing is prefered as it helps make sure we have money to keep going each month and plan for upgrades as needed</b><br>
......
......@@ -136,7 +136,7 @@
!= t("bookmarklet.explanation", link: link_to(t("bookmarklet.post_something"), bookmarklet_code))
- if donations_enabled?
.section.collapsed
.section
.title
%h5.title-header
.entypo-triangle-right
......
......@@ -35,7 +35,7 @@
%h1
#{AppConfig.settings.pod_name} - Terms of Service
%small
Last Updated: 24rd December, 2019
Last Updated: 18rd October, 2020
%p
Here are the important things you need to know about accessing and using the <strong>#{AppConfig.settings.pod_name}</strong> (#{AppConfig.environment.url}) website and service (collectively, "Service"). These are our terms of service ("Terms"). Please read them carefully.
......@@ -78,6 +78,9 @@
%p
When you create an account, you may use any name (real, fake or otherwise) for other users to see. However, if you create a "parody" account of a real living person, you must clearly label your account as such. Accounts that are not clearly marked as such and that impersonate other people without permission can be deleted without warning.
%p
Supporting the pod is not optional, donation or other help is required for using this server.
%p
When you create an account you only create one account, multiple accounts for spam or placeholders will be deleted and you will be banned. Accounts are intended for real users to use for real purposes.
......
......@@ -8,7 +8,6 @@ use warnings;
## name : web_server_abuse_detection.pl
## version : 0.04
## which log file do you want to watch?
my $log = "/home/david/diaspora/log/production.log";
## how many seconds before an unseen ip is considered old and removed from the hash?
......@@ -32,7 +31,7 @@ use warnings;
## open the log file. we are using the system binary tail which is smart enough
## to follow rotating logs. We could have used File::Tail, but tail is easier.
open(LOG,"/usr/bin/tail -300000 $log |") || die "ERROR: could not open log file.\n";
open(LOG,"/usr/bin/tail -200000 $log |") || die "ERROR: could not open log file.\n";
while(<LOG>) {
## process the log line if it contains one of these error codes
......@@ -40,9 +39,6 @@ use warnings;
{
## Whitelisted ips. This is where you can whitelist ips that cause errors,
## but you do NOT want them to be blocked. Googlebot at 66.249/16 is a good
## example. We also whitelisted the private subnet 192.168/16 so web
## developers inside the firewall can test and never be blocked.
if ($_ !~ m/^(66\.249\.|192\.168\.)/)
{
......@@ -60,12 +56,6 @@ use warnings;
$abusive_ips{ $ip }{ 'errors' } = $abusive_ips{ $ip }->{ 'errors' } + 1;
$abusive_ips{ $ip }{ 'time' } = $time;
## DEBUG: show detailed output
if ( $debug_mode == 1 ) {
$newerrors = $abusive_ips{ $ip }->{ 'errors' };
$newtime = $abusive_ips{ $ip }->{ 'time' };
print "unix_time: $newtime, errors: $newerrors, ip: $ip, cleanup_time: $trigger_count\n";
}
if ($abusive_ips{ $ip }->{ 'errors' } >= 4 ) {
my $newhash = "\"$hash\"";
......@@ -74,29 +64,11 @@ if ($abusive_ips{ $ip }->{ 'errors' } >= 4 ) {
($username)= lc($_) =~ /username\"=>"(.*?)"/;
($email)= lc($_) =~ /email\"=>"(.*?)"/;
$date = (split ' ')[0];
print "Abuse detected for new accounts. time: $date ip: $ip email: $email https://diasp.org/u/$username \n\n";
print "Abuse detected for new accounts $newhash . time: $date ip: $ip email: $email https://diasp.org/u/$username \n\n";
print "fail2ban-client set manban banip $ip";
}
}
## if an ip has triggered the $errors_block value we block them
if ($abusive_ips{ $ip }->{ 'errors' } >= 4 ) {
## Untaint the ip variable for use by the following external system() calls
# my $ip_ext = "$1" if ($ip =~ m/^([0-9\.]+)$/ or die "\nError: Illegal characters in ip\n\n" );
print "You should IP ban $ip now in webserver or iptables\n";
## USER EDIT: this is the system call you will set to block the abuser. You can add the command
## line you want to execute on the ip address of the abuser. For example, we are using logger to
## echo the line out to /var/log/messages and then we are adding the offending ip address to our
## FreeBSD Pf table which we have setup to block ips at Pf firewall.
#system("/usr/bin/logger", "$ip_ext", "is", "abusive,", "sent", "to", "BLOCKTEMP");
#system("/sbin/pfctl", "-t", "BLOCKTEMP", "-T", "add", "$ip_ext");
# system("/usr/bin/whois", "$ip_ext");
## after the ip is blocked it does need to be in the hash anymore
delete($abusive_ips{ $ip });
}
## increment the trigger counter which is used for the following clean up function.
$trigger_count++;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment