vBulletin Mods

The Official vBulletin Modifications Site
https://www.vbulletin.org/forum/showthread.php?t=183501

Blocking Proxy Scams
by Hostboard
25 Jun 2008 19:19

1 Attachment(s)
I came across the article/website below and feel if we can make it easier and safer for our members to come to our sites all the better.

The article and where credit should be given:
http://www.proxyscam.com/

I am not a coder, take absolutly zero credit for this. I posted this in the programming discussion forum but got no replies so no idea if I am implementing it correctly (cosses fingers). I read a reply to a thread on another modification that it was better to call javascript due to it being cached at the browser level thus saving bandwidth which why I did not add it directly to the template.

Unzip file and upload it to your /forums/clientscript/ directory.

OR

In notepad save the following code to vbulletin_proxyscam.js and upload to your /forums/clientscript/ directory.


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


Next edit your headinclude template, and add the following:

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


Hostboard 25 Jun 2008 19:22

No idea why but everyone else does it...

Reserved...

KURTZ 25 Jun 2008 19:23

i'm interested in this ... but need some testers ... :p

soundbarrierpro 25 Jun 2008 20:08

I read but don't understand what it is?

Hostboard 25 Jun 2008 20:16

The second page on the site explains what could technically happen.

Stoebi 25 Jun 2008 23:28

Quote:

<script defer type="text/javascript" src="clientscript/vbulletin_proxyscam.js?v=$vboptions[simpleversion]"></script>
Please explain defer.

neto614 25 Jun 2008 23:43

So what does this do ?????


hmmm ?????????????????????

mark370 26 Jun 2008 00:19

yea plz explain wot this actualy does.

TheInsaneManiac 26 Jun 2008 01:00

No offense, but this just wastes server space. All it does is remove those proxies that have the url frames at the top of the page. It will still load other proxies fine, in which not all of them use frames and since many of the account stealers no longer use frames this script is just stopping some of the good proxies.

Quote:

For example at the top of the html code there was this JavaScript:
<script language="JavaScript">
var sThisURL = window.location.href;
function doFramesBuster()
{
if ( top.location != self.location )
{
top.location.replace( sThisURL );
}
}
</script>
Which tells the web-browser "If you're in a frame break out and load the page normally". This is a small security measure by EBay to break out of any IFrame where a person can read an unsuspecting persons inputs into the UserID, and Password input boxes, but it didn't break out of our PHP Script.
As you can see ebay breaks out of iframes and not php. The best solution is to stop proxy servers all together. Plus it will stop those pesky members you ban their IP and they come back on those proxy servers. Here is a nice mod that will prevent web proxies:
http://www.vbulletin.org/forum/showthread.php?t=147280

Hostboard 26 Jun 2008 01:54

Quote:

Originally Posted by Stoebi (Post 1558975)
Please explain defer.

http://www.websiteoptimization.com/speed/tweak/defer/

Hostboard 26 Jun 2008 02:12

Quote:

Originally Posted by TheInsaneManiac (Post 1559021)
...many of the account stealers no longer use frames this script is just stopping some of the good proxies.

It does not block anything. All it does is break you out of a frame nothing more. If you are sent to a site within a frame technicaly the proxy then can record what ever you input (i.e. account information). While many don't there are still some that do. All it takes is 1 bad proxy. Why take the chance? If you consider 4k wasting space well ok.

Stopping proxies all together is a completly different scenario. Apples and oranges. Here we are just trying to stop potential account hijacking not block banned users or stop users from spoofing their IP address.


All times are GMT. The time now is 19:50.

Powered by vBulletin® Version 3.8.14
Copyright © 2021, MH Sub I, LLC dba vBulletin. All Rights Reserved. vBulletin® is a registered trademark of MH Sub I, LLC
Copyright ©2001 - , vbulletin.org. All rights reserved.