Redirecting searches

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

Looking at the search statistics, the number 3 most common search phrase on one of my sites is: "powered by phpnuke". Another is "modules.php?namesearch".

It seems that these are primarily searched as a way to identify potential targets for attacks or spamming.

I'd like to solicit ideas for prohibiting this, or making it as painful as possible for the kiddies who use it.

registered · Posted: Mon Jul 17, 2006 11:27 am

Good idea

Posted: Mon Jul 17, 2006 11:33 am

Maybe we should called it "malicious searches blocker"

Posted: Mon Jul 17, 2006 12:49 pm

I'll second that. In the context that *normal* people would be searching for a specific subject of interest in the course of a *genuine* search and that search criteria would really only be used for the specific purpose of seeking out nuke site, regadless of their content.
I'll have to revisit the license criteria for 'not removing copyright notices' but I think it should at least be possible to remove the text itself and substitue an image with the copyright words and some tweaks to the meta.php to limit successful searches

Having said that, I'm all for giving the bad guys a nice suprise!

registered · Posted: Mon Jul 17, 2006 7:31 pm

Yeah, I like that too. Another "list" that Guardian can manage in his spare time... Wink

or is that really ROTFL

? No, seriously, I like the idea. Good one!

Posted: Mon Jul 17, 2006 7:51 pm

OK, perhaps I should go and buy another few reams of A4 lol.

registered · Posted: Wed Jul 19, 2006 12:16 am

String blocker anyone?

Posted: Wed Jul 19, 2006 4:20 am

I'll look into using that, evaders99, but I don't necessarily want to ban people who use those terms in a post, comment or story.

Posted: Wed Jul 19, 2006 6:35 am

OK I know I have been awake for several days now but I don't understand your post evaders.
You could use a string blocker internally on a nuke site but how does that effect search terms used for google looking for phpnuke sites?

Ah, second brain cell has just kicked in - the search engines redirection url would contain the search criteria so in affect you could use a filter on the referering url and redirect or whatever you wanted to do with it.

Regular Joined: Jun 02, 2004 Posts: 88

OK..... Maybe this is a wild and crazy idea, but here goes Wink

Instead of having "Powered by PHP Nuke" in the footer, why not confuse those searching for that phrase?

Why not create a class in the style.css file and name it "hideit" for example. Then make its property: {display:none} It could look like this:

span.hideit {display:none}

Then in the footer, put something like:

Powered time()by time()PHP Nuke

If my mind is thinking right, which is not always the case Wink

, the web page would display Powered by PHP Nuke but the search engines would see timestamp inside the words.

hmmmmmmm..... if that worked, then one could put mailto: on the web pages with that code inside it and the spam harvesters would never get the proper email address, but the browser would be able to open the mailto: link etc.

....just thinking out loud

Posted: Fri Jul 21, 2006 2:56 pm

spottedhog, that is an extremely innovative idea! Love the way you think. It could possibly work if the search phrase included the quotes where the exact phrase was required, but I have a feeling it would still find the site if exact phrase wasn't requested.

BUT, very interesting indeed...

Don't think it will work for the mailto as that needs to be within an anchor tag's href attribute.

Posted: Fri Jul 21, 2006 3:48 pm

ah...... yes.... did not think about the "a" tag..... hmmmm... but the site admin could put the admin email address and put that span code on either side of the "@", thus giving the spam harvester a bad email.

ohhhhhh..... you could even put that span code inside of the word "Powered" and then "Nuke". That would keep it out of reach.

..... Smile

just thnking outside the box......

hmmmm.... could even make a $hideit variable in the config.php file containing the span code, provided the theme had the corresponding class in it. Then one could place the $hideit variable where in the code was needed to mask "stuff".

-----maybe thinking too much now.... lol

Posted: Fri Jul 21, 2006 3:58 pm

... and would this be HTML 4.01 Transitional compliant or create any cross browser compatibility issues?

Posted: Fri Jul 21, 2006 4:03 pm

....hmmmm.... like minds..... Just ran the compliance test and it validated, and the simple css class has no errors or warnings. It worked on IE 6 and the latest Firefox, with the source code showing the hidden words I used.

Posted: Fri Jul 21, 2006 4:14 pm

Very interesting.

Addendum: We should still look at that stupid meta.php file though

Sells PC To Pay For Divorce Joined: Posts: 5661

wonder if you can stop it...
cause you can find nuke in a thousand ways...

i did some reading about this and people talk about an exclusion list but i couldnt find a sample..

but what might be interesting is a script of almost 4mb i got my hands on...
the purpose of the script is to post into websites.....like news or guestbooks...

yes the spamming stuff we see around...
so anyone that is interested and wanna check out the script to learn what techniques they use can request it on my site...,it might be of some help...

Posted: Sat Jul 22, 2006 7:53 am

spottedhog wrote:

....hmmmm.... like minds..... Just ran the compliance test and it validated, and the simple css class has no errors or warnings. It worked on IE 6 and the latest Firefox, with the source code showing the hidden words I used.

It may very well be compliant. Are you able to click the "revised" mailto link and have it work right? Just curious.

Posted: Sat Jul 22, 2006 9:00 am

oh.... no..... I did not try inside the a tag. That had not crossed my mind initially when I threw out the idea. However, it works if one puts that code on either side of the admin email address. Maybe I am thinking wrong, but I think I can now list the admin email address in the Modules block for example, and not worry so much about spam bots.

Welll..... to be more honest here..... I was more concerned about putting the admin email address on a customized 403 document, one I created using php. I had put the $adminmail there so those who got banned erroneously due to whatever, could at least send the admin an email and explain or "plead their case" if you will on why their IP should not be banned.

Posted: Sat Jul 22, 2006 9:05 am

ok.... yet another "out of the box" idea.....

Why not put the tiny footer words onto a graphic file like is now done for security codes? Site visitors can still see it, however, bots would not. Maybe the $adminmail could be surplanted on the codebg.gif file so site visitors could email the admin but the admin would not have that address picked up by bots?

....not sure if it would interfere with the User Info block code..... But if it did not, well... Smile

hmmmmm.... What about moving those copyright words to another file and only supply a link to it in the footer? You could create a separate/new folder that is maybe the same name or URL as other popular software.

What about making a series of say 5 or more small images that have the copyright words on them, and then randomly post the image in the footer? The image filenames could be the same as those of another popular web software so then the Nuke site would be mixed in with numerous others if the search bot could only seek out image filenames and/or URL's.

Posted: Sat Jul 22, 2006 3:52 pm

nice idea, But Heres one I saw when getting the ip of someone and posting it on a webpage.

This was when I had no clue how to script this myself but now that I see, the document write function could be used to write powered by phpnuke without it showing in the source.

To what extent this could be used is beyond my knowledge.

heres a simple example of what I mean:

<?
Header("content-type: application/x-javascript");
$text=" Powered by phpNUKE;
echo "document.write(\"" . $text . "\")";
?>

and heres my source:

<scr ipt language="javascript" src="text.php"></scr ipt>

there is NO reference to powered by phpnuke at all in the source but it displays on the webpage.

and change it to

<?
Header("content-type: application/x-javascript");
$text=" Powered by phpNUKE;
echo "document.write(\"<a href=\"http://phpnuke.org\">" . $text . "</a>\")";
?>

This too worked without showing anything in the source.

Posted: Sat Jul 22, 2006 7:42 pm

I like this..... Wink

thanks!

Posted: Sat Jul 22, 2006 9:34 pm

I've thought about just removing the copyright - or some variation on that to disguise it. But the bottom line is that it still wouldn't be hard for people to find nuke sites...

Posted: Sat Jul 22, 2006 10:11 pm

This is true to a degree,

But what if we make the metatags be for an sql call and setup a panel in admin for the admin to enter search Items theyd like to allow.

This would not be 100% but as they enter them, it would input into a databse and then the metas.php could be altered to grab from the sql, then nuke would no longer be searchable unless they wanted to find specifically nuke.

Would be REALLY nice if we could redo the echo function and write in document write.

But I dont think that would be plausible (not on nuke itself or custom modules but might for a new cms Wink

)
Arent you involved in the making and design of a new cms?

Posted: Sat Jul 22, 2006 10:30 pm

Not sure I understand what you're suggesting. I agree it would be helpful to have META tags stored in a database (and am planning that for the next release of nukeSEO). But the rest I do not understand.

Posted: Sun Jul 23, 2006 1:29 am

like in my previous post, the index.php called on text.php for the info.

Now text.php has a document.write function which works to write something to the document just as echo does, only difference is, It doesnt show in the source.

So if this was takin to the extreme, Nothing would need to be echo'd, It could all be document.writen if that makes any sence. After which the source file would look like a ton of scripts.