Welcome! Log In Create A New Profile

Protect search against bots

Posted by elmotard

elmotard

Protect search against bots
February 01, 2021 02:39PM

Registered: 6 years ago
Posts: 21

Hello,

There a lot of request from bots against the internal phorum search, with attempts of sql inject, loading the server.

I would like to protect the search against bots with a simple rule, having the search working only if somebody is logged in.

the working code is :

Language: PHP
if(!$PHORUM["DATA"]["LOGGEDIN"]) {
		$search_request_data="";
	}

if i add this in the search.php file, it is working fine except that it throws a lot of backend errors like Illegal string offset 'urlargs' or Invalid argument supplied for foreach().
I guess It's not at the right line.

Any idea ?

Thanks

Reply Quote

elmotard

Re: Protect search against bots
February 01, 2021 02:57PM

Registered: 6 years ago
Posts: 21

I found what sounds a solution by adding the test on an other line

Language: PHP
if(isset($PHORUM["args"]["search"]) && $PHORUM["DATA"]["LOGGEDIN"]){

Does block the search, except if loggedin.

If you think it is a bad modification or any idea to improve is welcome

Reply Quote

Newer Topic Older Topic

Print View RSS

Sorry, only registered users may post in this forum.

Click here to login

Official Forums Add-ons and Hacks Support in other languages Outdated forums Recent Messages

5.2 Phorum Support Developers Corner Phorum Development Announcements

5.2 Templates 5.2 Language Files 5.2 Modules/Add-Ons Phorum Integration Phorum Hack/Mod Requests

French Support / forum francophone Soporte en español Русская поддержка движка Phorum Polish Support

Phorum 5.1/5.0

5.1 Phorum Support 5.1 Phorum Templates/Themes 5.1 Phorum Language Files 5.1 Phorum Modules / Add-Ons 5.1 Phorum Hacks