1 Topic by MaraKat (edited by MaraKat 2016-08-18 12:52)

  • From: France
  • Registered: 2016-06-07
  • Posts: 112

Topic: Change sensitive files name

Hello !

I would like the ability for the administrator to change the name of the sensitive files, such as register.php, login.php, post.php.
The spamming bots learns that when they meet a PunBB forum, they can send automatic registration requests with register.php. If they do not find this file immediately, the bot may quit the site and never come back. Moreover, if the administrator modified the file's name, a request for register.php can be only a spam from a bot and could be automatically banned by the forum.

I am no coder, but I have used such technics in other CMS. Please be so kind as to explain me if such an idea is stupid or dangerous or impossible or if such a feature already exists in PunBB or an extension.
Thanks for taking the time to read me.

PS : I know about captcha features to prevent spamming, it is not what I am inquiring about today.

https://agora.chauvigne.info/
PunBB 1.4.6
PHP: 8.0.24
Base de données    SQLite3 3.27.2

MaraKat's Website

2 Reply by PanBB.Ru (edited by PanBB.Ru 2016-08-18 10:55)

  • Registered: 2015-05-02
  • Posts: 541

Re: Change sensitive files name

What if you change the name of the file. Then, adjust the URL scheme.

Excemple:
Rename reg.php

Go to include/url/ ???/

Edite
forum_urls.php string

    'register'                        =>    'register.php',

replace to

    'register'                        =>    'reg.php',
  • From: France
  • Registered: 2016-06-07
  • Posts: 112

Re: Change sensitive files name

Thank you. I did it ! I am always shy with url-rewriting. I tested the default scheme, and it has no effect to spammers, I will try the other ways.

https://agora.chauvigne.info/
PunBB 1.4.6
PHP: 8.0.24
Base de données    SQLite3 3.27.2

MaraKat's Website

  • From: France
  • Registered: 2016-06-07
  • Posts: 112

Re: Change sensitive files name

I tried with an other url scheme : folder based fancy. I managed to enable the url rewriting, but if I try to rename a file, I get a 404 error.
Where can I find a tutorial about url-rewriting in PunBB , please ?

https://agora.chauvigne.info/
PunBB 1.4.6
PHP: 8.0.24
Base de données    SQLite3 3.27.2

MaraKat's Website

  • From: France
  • Registered: 2016-06-07
  • Posts: 112

Re: Change sensitive files name

After 2 days of testing, I can tell that the renaming stopped the spam registrations, while the url re-writing without renaming did not.

https://agora.chauvigne.info/
PunBB 1.4.6
PHP: 8.0.24
Base de données    SQLite3 3.27.2

MaraKat's Website

6 Reply by PanBB.Ru (edited by PanBB.Ru 2016-08-20 08:54)

  • Registered: 2015-05-02
  • Posts: 541

Re: Change sensitive files name

Very good!

I use fancy_stopspam

  • From: France
  • Registered: 2016-06-07
  • Posts: 112

Re: Change sensitive files name

Hello !
I just noticed that after implementing url-rewriting with the option folder/fancy, my attachments made with pan_uploader extension cannot be found anymore, after the url was modified
I checked about the files : they are in the uploads folders. But in the extension administration, no file is displayed, either in images or in files. Why did they disappear from administration ?
How can I make them available again ? Must I attach them one by one in every message ? But if I change again the url-rewriting system ... I will have to redo it once more ???
http://katryne.legtux.org/agora/forum/3/punbb/

https://agora.chauvigne.info/
PunBB 1.4.6
PHP: 8.0.24
Base de données    SQLite3 3.27.2

MaraKat's Website

8 Reply by PanBB.Ru (edited by PanBB.Ru 2016-08-27 17:19)

  • Registered: 2015-05-02
  • Posts: 541

Re: Change sensitive files name

I can not identify the problem. Your forum is not even available for registration. Check.

_http://katryne.legtux.org/agora/agora/

Not Found

The requested URL /agora/agora/ was not found on this server.

9 Reply by MaraKat (edited by MaraKat 2016-08-27 17:33)

  • From: France
  • Registered: 2016-06-07
  • Posts: 112

Re: Change sensitive files name

You are already a member there, you even have admin rights.
I just restored the register link : I had tried fancy folder rewriting + file renaming, and it cannot work, apparently. So, i came back to default file name. But fancy folder rewriting is still enabled.
Thanks for the look.

https://agora.chauvigne.info/
PunBB 1.4.6
PHP: 8.0.24
Base de données    SQLite3 3.27.2

MaraKat's Website