From: Roland Häder Date: Fri, 5 Aug 2016 08:58:46 +0000 (+0200) Subject: Also block request methods such as CONNECT as they can be used for proxying X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=50ac34ba3bc0f1983078d25486ce0b94ff26e347;p=ctracker.git Also block request methods such as CONNECT as they can be used for proxying (means "hiding") other requests such as SMTP (spam) or POP3 (people try to read their mails but wasting your bandwidth). Signed-off-by: Roland Häder --- diff --git a/libs/lib_detector.php b/libs/lib_detector.php index bb71733..0ebdf4d 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -191,6 +191,9 @@ function initCrackerTrackerArrays () { 'starhack', 'DeLiMehmet', 'hisset', 'Hisset', 'delimert', 'MecTruy' ); + // Also block these requests (mostly you don't want CONNECT to some SMTP sites) + $GLOBALS['ctracker_blocked_requests'] = array('CONNECT' => TRUE); + // Init more elements $GLOBALS['ctracker_post_track'] = ''; $GLOBALS['ctracker_checked_get'] = ''; @@ -213,6 +216,8 @@ function isCrackerTrackerWormDetected () { $GLOBALS['ctracker_checked_get'] != crackerTrackerQueryString(TRUE) && (!in_array(crackerTrackerQueryString(TRUE), $GLOBALS['ctracker_whitelist'])) ) || ( $GLOBALS['ctracker_checked_ua'] != crackerTrackerUserAgent(TRUE) + ) || ( + isset($GLOBALS['ctracker_blocked_requests'][crackerTrackerRequestMethod()]) ) ); //* DEBUG-DIE: */ die('isWorm='.intval($isWorm).PHP_EOL.'get='.PHP_EOL.'"'.$GLOBALS['ctracker_checked_get'].'"'.PHP_EOL.'"'.crackerTrackerQueryString().'"'.PHP_EOL.'ua='.PHP_EOL.'"'.$GLOBALS['ctracker_checked_ua'].'"'.PHP_EOL.'"'.crackerTrackerUserAgent().'"'.PHP_EOL); diff --git a/libs/lib_general.php b/libs/lib_general.php index c13a569..f4b956e 100644 --- a/libs/lib_general.php +++ b/libs/lib_general.php @@ -578,6 +578,7 @@ function unsetCtrackerData () { 'ctracker_language', 'ctracker_localized', 'ctracker_link', + 'ctracker_blocked_requests', ) as $key) { // Unset it unset($GLOBALS[$key]);