This add-on is register_globals compatible
Will work with any version 2.2 and onwards
This contribution traps bad bots and anyone taking too much interest is you site
It’s a full contribution that is automatic and hassle free for you to have.
It offers you security from some of the nasty’s out there.
The contribution works by setting up a trap in a folder that only bad bots, or someone poking around in your site will come across (hackers use the Robots.txt to try and find sensitive file on your server) it then redirects then to a message page that tells them they are blocked, at the same time writing their IP number to file.
If they try to return they will only get the blocked message.
If you want to see it in action go to
http://www.opensourcecommerce.net/personal you will be banned but will also see it working, please contact me to un-ban you!!!
Contribution is a culmination of various forums and some work of my own, thank you to all those who have been part of the topic, I cannot remember who they are but let me know and I will put your credit on file.
Files to change are :-
.htaccess (optional)
Index.php
Plus some new files.
ALWAYS BACK UP FIRST !!
Legend: 
Download
Report
IP Trap Version 4
This release has updated code and a re-coded whitelist set.
The includes / secret has been overhauled and a lot of code removed
The code did check for an empty useragent which gave some problems with return tokens, i have removed this layer of security.
Added a php.ini file (in the instructions) for those that have fopen() disabled.
A very big thank you to
Coopco and newtest for testing this release, and for their valuable feedback.
Forum address is http://forums.oscommerce.com/topic/340290-ip-trap-version-3-released/
Please post your comments there.
I suggest that anyone who already uses the IP trap upgrade to this version.
Easy install of around 10 minutes, please read the included readme before installing and as always back up.
All files are drop in, no osCommerce files are replaced.
I came across this simple but effective way of blocking folder listing and thought I'd share it.
All credits go to http://www.ibdhost.com/errors/
With this method, when you call the folder in a browser the fake index will load so you won't be able to see the list of files contained in the folder.
The page will show the date and time of visit, the visitor's IP number, the folder they tried to view, and browser info.
***WARNING: do not use in folders that already contain an index.php file!***
Example: http://www.arlisa-bijoux.com/images
This package has and updated install file and an updated robots.txt
Thanks to Isabella for the testing and feedback
Updated features
Cleaned code,
Added a Whitelist, with Search engine IP numbers loaded
Redesigned the Blocked.php page.
Added correct syntax for robots.txt
Updated install file.
You can see the trap in action by visiting http://www.development-server.net/j/personal you will be blocked!
Some minor code change
full package included.
thanks to EricK for the heads up.
Same version, last had a TYPO
It DOES work on a windows server!
Updated core code in the personal/index.php
Updated core code in includes/secret.php
added $DOCUMENT_ROOT=$_SERVER['DOCUMENT_ROOT']; over absolute path to give the user less set up to do.
now install is only a couple of changes to make.
Install takes only 5 minute to do,
DOES NOT RUN ON WINDOWS
V 1.2
This version addresses IP numbers not being written to the text file, or added to the e mails.
This version should also prevent the problem of all users being banned on occasion!
banned.php I have re-worded this to a more friendly theme with a message just in case
a real customer should somehow manage to stumble upon it.
E-Mail has a better construction format, I have added a link so that you can copy the IP number
click the link and go to a web site to see where the IP resolves [just in case its a search engine].
More reliable and less prone to permission problems.
This version should install and work from the off.
As always, back up first & use at your own risk.
DOES NOT WORK ON WINDOWS SERVERS
Updated:-
includes a new secret.php file that takes the code from the index.php and puts it into your includes directory.
called from application_top.php it will now protect your whole site as opposed to the earlier version that only checked out your index.php.
Full package.
Will work with any version 2.2 and onwards
This contribution traps bad bots and anyone taking too much interest is you site
It’s a full contribution that is automatic and hassle free for you to have.
It offers you security from some of the nasty’s out there.
The contribution works by setting up a trap in a folder that only bad bots, or someone poking around in your site will come across (hackers use the Robots.txt to try and find sensitive file on your server) it then redirects then to a message page that tells them they are blocked, at the same time writing their IP number to file.
If they try to return they will only get the blocked message.
If you want to see it in action go to
http://www.opensourcecommerce.net/personal you will be banned but will also see it working, please contact me to un-ban you!!!
Contribution is a culmination of various forums and some work of my own, thank you to all those who have been part of the topic, I cannot remember who they are but let me know and I will put your credit on file.
Files to change are :-
.htaccess (optional)
Index.php
Plus some new files.
ALWAYS BACK UP FIRST !!
No public uploads allowed