IntegraMOD

The character limit in this field is only 255. I tried to add several urls to this field and when it broke the 255 char. limit I ended up being banned from my website and when I added the one that broke the field the only letter it was able to take was the "H" in http and ended up banning all referers with an "H".

Can this field be made with no character limit? Or can it be made so that each entry is calculated seperately

How much of it was is the db, just the H or everything?

all the ones I added where in the db. But because of the character limit when I added the last one. only the "H" in the url http... was included as character 255 and it proceeded to block everyone because of the "H"

I understood the how part the first time.
I was after if it had been limited in size trough db or code. Could you do one more thing go to admin and check the phpbb security version number off your forum.

1.0.3 ?

Unless the limit is imposed on the install, I don't see it.
I'll check in the db next.

Hey Cannon just got off work. Sorry if I misunderstood you. The only thing I can tell you is that if you look at that line in the db it says there is a 255 char. limit. I have done no changes to the install so I assume it is installed like that. And I am on 1.0.3

I really hope there is a way to change the character limit. Take a look at this. Almost 3000 hits in 12.5 hours from this dam one.

Referrer Host Hits First visit Last visit
http://www.ixtractor.com 2973 Wed Jan 30, 2008 5:22 pm Thu Jan 31, 2008 6:02 am
musicforum.org.ua 1354 Wed Jan 30, 2008 5:22 pm Thu Jan 31, 2008 6:03 am

If you can see the limit in the db, can you change it there?
I asked the version because I have updated some security stuff before it's included in the package and wanted to make sure we were looking at the same versions.

you should add that url to your htaccess file.

My host has been trying to add them to the hta access file but it is not working for some reason.

--------------------------------------------------------------------------------
Hello,

I have looked into the http referer issue, and for some reason can't get the .htaccess to block it. For the the time being, please just block it with the existing .script you have. Kaumil has advised me to remind you of the 255 character limit.

See how we're making Vistapages better: http://www.vistapagesforum.com/showthread.php?t=3885

Peter Wakefield
Customer Service Manager
VistaPages, Inc.
WWW: http://www.vistapages.com
SUPPORT: http://support.vistapages.com
BILLING: http://billing.vistapages.com


http://www.vistapagesforum.com/showthread.php?t=3885

Peter Wakefield
Customer Service Manager
VistaPages, Inc.
WWW: http://www.vistapages.com
SUPPORT: http://support.vistapages.com
BILLING: http://billing.vistapages.com

I dont know if I can change the limit but I dont think so. Anyone have any ideas on how to do that..

"phpBBSecurity_disallowed_referers" This is the table name?

This is a serious problem...

I noticed already that the number of sites you can block is quite small. The reason is that the list of URL is stocked in the config table, and the config_value is limited to 255 characters (config_name : phpBBSecurity_disallowed_referers).

Either we can increase the size of that field, but this would be applied for all fields in the config table, or we should use this with care. As you explain, it is easy to block URL starting with "www.", too...

sanji

On my install I don't even seem to have the table... <img>

You MUST have the config table, it is the basis of the IM... search for "phpBBSecurity_disallowed_referers", it is an entry in that config table

sanji

thanks sanji you know I was thinking it should be in php_phpbbsecurity. <img>

*** edit it was a stupid idea

*** edit - idea removed -> comment on idea removed <img>

Clearly, either we increase the size of all fields, or we have to reprogram the way the URL are checked - adding them in a different table, for example.

sanji