MyBB Community Forums

MyBB Community Forums > Resources > Third Party Integration > Website Firewall (Anti Spam)
Full Version: Website Firewall (Anti Spam)
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

spamtrawler

2010-08-05, 03:33 PM
Hi,

I am the developer and one of the admins on:
www.SpamTrawler.net

We are actively developing a "Website Firewall" solution, which can be used to protect any PHP based website against multiple threats.

In order to find out if there would be any interest/need of our solution, we thought we would ask here directly before we start testing it with mybb and begin writing an integration manual Smile

Please note: The SpamTrawler Website Firewall is not free, nor is it OpenSource.

Reasons for that:
Not free: I am developing Software for a living and need to keep the Server running and lights switched on

Not OpenSource:I guess we don't want to spill all the juices and allow spammers/attackers to study our SourceCode.

However that said, the software is not expensive and I am certainly not getting rich from the sales hehe... ($5 per license)

I hope this thread is not classified as "Spam", cause it is not intended to be.

(Please note, we are currently blocking traffic from China and Hong Kong on our website.)


Please let me know what you think.

Kind Regards
Oliver
Hi,

Thanks for your votes on the poll.

As 2 people were interested in the SpamTrawler to protect their MyBB, we have successfully used it to protect an installation of MyBB 1.6

The integration needs 1 file edit (about 2 minutes) once the SpamTrawler is installed in your DocumentRoot.

Everybody who is interested, please join us on: www.spamtrawler.net
And contact me there: Spamtrawler (EMEA)

Thank you Smile

Kind Regards
Oliver

pyridine

2010-08-06, 09:53 AM
I would definitely get this.

spamtrawler

2010-08-06, 03:09 PM
(2010-08-06, 09:53 AM)pyridine Wrote: [ -> ]I would definitely get this.

Thank you Smile

good to hear

I hope nobody felt spammed by me announcing the integration of a non-open source product, but for this kind of application open-source wouldn't make any sense at all.

For example:
One reason why Akismet is so successful is that nobody knows their algorithms (the "secret sauce" to quote Akismet)

Lo.

2010-08-06, 08:05 PM
Who cares if its FOSS? Sure its great and prefered, but if its not and you need it, what are yea gonna do right? I was actually quite interested, what file change needs to be done? (I don't like doing them because of upgrades.)

querschlaeger

2010-08-07, 12:32 AM
How does it work? Is there a demo available? Your website is just a social community, I can't find no real information about SpamTrawler... Undecided

spamtrawler

2010-08-07, 08:27 PM
(2010-08-07, 12:32 AM)querschlaeger Wrote: [ -> ]How does it work? Is there a demo available? Your website is just a social community, I can't find no real information about SpamTrawler... Undecided

Thank you Smile

Of course I can tell you more about it.
Just didn't want to spam the forum.

The SpamTrawler can be included into any PHP based websitescript.

As there are config files, which will be loaded into all scripts contained in a WebApplication, you only have to include the SpamTrawler once and it will protect the whole application against Spam and other Threats.

Idea behind it is that you can use the SpamTrawler to protect all applications running on your domain and you only need to maintain 1 AntiSpam Solution instead of 1 plugin for each application you use on your domain.

The Admin Panel allows to setup a variety of functions currently including: CountryBlacklist, IP Blacklist, DNSBLs (DNS Blackholes), IP Whitelist, Bot Whitelist

Important here is that you can import your own IP Blacklists and add/remove items from the lists.

You can additionally activate Project Honeypot from within the Admin Panel, which will query their DNSBL as well.

If a spammer gets caught, you can choose between 2 options:
Redirect and Exit

You can define your own redirection target and your own exit message.

In case of detection, SpamTrawler will try to block the machine in order to not have to run through all the tests again on it's next visit.

As the SpamTrawler is doing it's work before your Website even starts, Spammers will never even get to see your Website, which will save you System Ressources and Traffic and might even result in a better performance for legitimate users.

This product is actively developed and the next Version will come with some additional security features like "File Integrity Check"

The Admin Panel uses Ajax and is simple and quick to handle.

As the SpamTrawler does not produce any output, it is completely invisible to your visitors and of course search engines.

A little benchmark:
First visit, all checks: Time: 0.2359 Seconds
Second Visit, machine identified: Time: 0.0019 Seconds

We do not use MySQL for this application, as it would increase the time to run through the checks and would also increase system load.
SpamTrawler uses SQlite3, which is much more performant for this kind of application.

Thanks to SQlite, you will also not run into any MySQL query limit by adding it to your website.

We have to put some more info on the website that's true Smile

The community behind this software is to pool information on how to configure the software and how to keep it most effective, as the SpamTrawler is completely configurable by the admin.

So knowing which configurations work best will save you a lot of time and headache figuring out the best combination of Blacklists, Whitelists and DNSBLs

As for the demo version, if you are interested I could give you a look at the admin panel.

Everything else is just invisible except statistics and logfiles.

Kind Regards
Oliver
@Mark.M:
The only file which needs to be edited is:
global.php (as it is included into every frontend script before any output)

The only edit that needs to be done is adding 2 lines of code to the very beginning of the file:
$SpamTrawlerCustomDistanceFromDocRoot = '../../';
include($SpamTrawlerCustomDistanceFromDocRoot.'spamtrawler/index.php');

Thats all which needs to be done.

So even after an update, you would be able to just add these 2 lines and you're ready to go again Smile

To show that this program really does it work, please have a look at the statistic below, which is taken from a real statistic:
[Image: chart.png]

These statistics show the performance over a few days for 1 website.
Other statistics show much more traffic, but they are curtesy of our customers and we would need their agreement in order to publish them.



Lo.

2010-08-07, 11:52 PM
Where is the order page? I'm willing to give this a shot. (not soon mind you, in about a months time?)

spamtrawler

2010-08-08, 06:56 AM
(2010-08-07, 11:52 PM)Mark.M Wrote: [ -> ]Where is the order page? I'm willing to give this a shot. (not soon mind you, in about a months time?)

Hi,

You can order the software anytime you want from the marketplace on: www.spamtrawler.net

To get to the marketplace you will need to sign up and after you have been verified, you will be able to open: Explore -> Marketplace

I am not sure if people like the idea of signing up, but having all customers in 1 place will help to build up a knowledge base and will provide a better experience when it comes to support.

I hope that makes sense Smile

pyridine

2010-08-08, 01:37 PM
Please tell me when MyBB integration is available, I'd love to try this out.

spamtrawler

2010-08-08, 03:22 PM
Hi Pyridine,

MyBB is already tested as being compatible.
The software is the same for any platform.

The only thing that differs is where the SpamTrawler needs to be integrated.

In MyBB this is the global.php :-)

You can buy it on the marketplace on the community page.

As I am not working today (sunday), orders which come in today will be processed tomorrow morning :-)

You would get the SpamTrawler via email to your PayPal email address.

Kind Regards
Oliver
Pages: 1 2
MyBB Community Forums > Resources > Third Party Integration > Website Firewall (Anti Spam)