Also block request methods such as CONNECT as they can be used for proxying

(means "hiding") other requests such as SMTP (spam) or POP3 (people try to read
their mails but wasting your bandwidth).

Signed-off-by: Roland Häder <roland@mxchange.org>

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index bb7173395858dc931b31c5ac77fd99117f535920..0ebdf4dcc7e5a681749f44a52690676ea41b67e5 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -191,6 +191,9 @@ function initCrackerTrackerArrays () {
                'starhack', 'DeLiMehmet', 'hisset', 'Hisset', 'delimert', 'MecTruy'
        );
 
+       // Also block these requests (mostly you don't want CONNECT to some SMTP sites)
+       $GLOBALS['ctracker_blocked_requests'] = array('CONNECT' => TRUE);
+
        // Init more elements
        $GLOBALS['ctracker_post_track']   = '';
        $GLOBALS['ctracker_checked_get']  = '';
@@ -213,6 +216,8 @@ function isCrackerTrackerWormDetected () {
                        $GLOBALS['ctracker_checked_get'] != crackerTrackerQueryString(TRUE) && (!in_array(crackerTrackerQueryString(TRUE), $GLOBALS['ctracker_whitelist']))
                ) || (
                        $GLOBALS['ctracker_checked_ua'] != crackerTrackerUserAgent(TRUE)
+               ) || (
+                       isset($GLOBALS['ctracker_blocked_requests'][crackerTrackerRequestMethod()])
                )
        );
        //* DEBUG-DIE: */ die('isWorm='.intval($isWorm).PHP_EOL.'get='.PHP_EOL.'"'.$GLOBALS['ctracker_checked_get'].'"'.PHP_EOL.'"'.crackerTrackerQueryString().'"'.PHP_EOL.'ua='.PHP_EOL.'"'.$GLOBALS['ctracker_checked_ua'].'"'.PHP_EOL.'"'.crackerTrackerUserAgent().'"'.PHP_EOL);

diff --git a/libs/lib_general.php b/libs/lib_general.php
index c13a5690f68f7cb2bd85e3812753f4b325a138e7..f4b956ef385fed6d09cdd4030f86ce9402c47fdc 100644 (file)
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -578,6 +578,7 @@ function unsetCtrackerData () {
                        'ctracker_language',
                        'ctracker_localized',
                        'ctracker_link',
+                       'ctracker_blocked_requests',
                ) as $key) {
                        // Unset it
                        unset($GLOBALS[$key]);