v.1.0.6

backdrop-contrib · Sep 24, 2021 · 77f5d8e · 77f5d8e
1 parent 74c5932
commit 77f5d8e
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -3,15 +3,15 @@ Antiscan
 
 Automatic block (ban) IP addresses used by bad crawlers or vulnerability scanners.
 
-**Antiscan** is an add-on module that extends the **IP address blocking** 
+**Antiscan** is an add-on module that extends the [IP address blocking](https://backdropcms.org/project/ip_blocking) 
 module (version 1.x-1.0.5 or newest) to automatically block anyone who tries to access paths defined as restricted.
 
 Usually it is a bad crawler looking for known potentially vulnerable paths, 
 such as "wp-admin.php", "xmlrpc.php" and so on.
 
 Also, since version 1.x-1.0.5, you can block bad bots using their well-known User-Agent strings and spam referrer domains.
 
-**New in version version 1.x-1.0.4:** option "Report to AbuseIPDB" can be enabled for automatic reporting to AbuseIPDB about blocked scanners activity.  
+**New in version version 1.x-1.0.4:** option "Report to AbuseIPDB" can be enabled for automatic reporting to AbuseIPDB about blocked scanners activity.    
 You need to install [AbuseIPDB report](https://backdropcms.org/project/abuseipdb_report) module to see and use this option.
 
 Installation

diff --git a/antiscan.info b/antiscan.info
@@ -8,4 +8,4 @@ dependencies[] = ip_blocking (>=1.0.5)
 
 configure = admin/config/people/antiscan
 
-version = 1.0.5 
+version = 1.0.6 
diff --git a/antiscan.install b/antiscan.install
@@ -67,3 +67,7 @@ function antiscan_update_1001() {
   $config->set('blocked_referrer', 'semalt.com,buttons-for-website.com,simple-share-buttons.com,simplesharebuttons.com');
   $config->save();  
 }
+
+/**
+ * Note: next update function will be named antiscan_update_1003 - skip 1002.
+*/
diff --git a/antiscan.module b/antiscan.module
@@ -264,6 +264,8 @@ function antiscan_cron() {
   $unblock_after    = $config->get('unblock_after');
   $time_expired     = time() - $unblock_after;  
 
+  antiscan_fix_duplicated_ips();
+
   if ($unblock) {
     antiscan_unblock($time_expired);
   }
@@ -273,6 +275,22 @@ function antiscan_cron() {
   }
 }
 
+/**
+ * Remove duplicated blocked IP records from DB. 
+ * Also helps to avoid repeating the reports to AbuseIPDB.
+ * There can be several such records with the same IP and timestamp, 
+ * as a result of the attack of bots.
+ */
+function antiscan_fix_duplicated_ips() {
+  $query = 'DELETE i1 FROM {blocked_ips} i1 INNER  JOIN {blocked_ips} i2 WHERE i1.iid < i2.iid AND i1.ip = i2.ip';
+  $result = db_query($query);
+
+  if ($result->rowCount()) {
+    $duplicated = $result->rowCount();
+    watchdog('antiscan', 'Removed %duplicated duplicate(s) of blocked IP.', array('%duplicated' => $duplicated));
+  }
+}
+
 /**
  * Remove blocked IP records from DB
  * @param int $time_expired
@@ -285,7 +303,7 @@ function antiscan_unblock($time_expired) {
     ->execute();
 
   if ($unblocked > 0) {
-    watchdog('antiscan', 'Unblocked %unblocked IP(s). Selected blocking period has expired.', array('%unblocked' => $unblocked));
+    watchdog('antiscan', 'Unblocked %unblocked IP(s). Blocking period expired.', array('%unblocked' => $unblocked));
   }
 }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -8,4 +8,4 @@ dependencies[] = ip_blocking (>=1.0.5)

		configure = admin/config/people/antiscan

		version = 1.0.5
		version = 1.0.6