Using require_once("path/index.php") to load AntiDDOS Protection

Need some custom code changes to the phpBB core simple enough that you feel doesn't require an extension? Then post your request here so that community members can provide some assistance.

NOTE: NO OFFICIAL SUPPORT IS PROVIDED IN THIS SUB-FORUM
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

NOTE: NO OFFICIAL SUPPORT IS PROVIDED IN THIS SUB-FORUM
Post Reply
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

To protect my site from DDOS attacks and bots, I have created myself an antiDDOS system. It holds a visitor at a page for a few seconds while it does some "antiDDOS magic", then forwards the user to a captcha page for him to write in the correct code, and then it finally forwards the visitor back to the index page of the site. It does this by placing a simple one liner at the top of the index.php page that reads:

Code: Select all

require_once("anti_DDOS/index.php")
The problem is I don't know where to place the line of code in my phpbb installation in order for it to work. I have tried placing it at the top of one of my template files, and I have tried placing it within my index.php at the root of my phpbb folder. Neither of the two worked as it should. Either it tried to combine the antiddos page with my site index, or it rejected both flat and gave an blank screen. Does anyone have an idea on how to do this?
Last edited by HiFiKabin on Sun Feb 21, 2021 10:07 am, edited 1 time in total.
Reason: Moved to Custom Coding
User avatar
AmigoJack
Registered User
Posts: 5841
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by AmigoJack »

confidentdepartment wrote:
Sun Feb 21, 2021 7:12 am
then it finally forwards the visitor back to the index page
What if the visitor did not come thru /index.php?

confidentdepartment wrote:
Sun Feb 21, 2021 7:12 am
gave an blank screen
Programming 101: check the HTTP server's error.log where PHP will write severe error messages to.
  • "The problem is probably not my English but you do not want to understand correctly. ... We will not come anybody anyway, nevertheless, it's best to shit this." Affin, 2018-11-20
  • "But this shit is not here for you. You can follow with your. Maybe the question, instead, was for you, who know, so you shoved us how you are." axe70, 2020-10-10
  • "My reaction is not to everyone, especially to you." Raptiye, 2021-02-28
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

So the "blank" screen was the result of some bad code I had added in order to activate super globals temporarily. Below is the error message put out by apache:

Code: Select all

PHP Fatal error:  Uncaught Error: Call to a member function enable_super_globals() on null in /var/www/phpbb/anti_DDOS/index.php:22\nStack trace:\n#0 /var/www/phpbb/index.php(20): require_once()\n#1 {main}\n  thrown in /var/www/phpbb/anti_DDOS/index.php on line 22
And here is the problematic block of code that created the error.

Code: Select all

* Enable Superglobals */                                                                                                                                      
$request->enable_super_globals();                                                                                                                            
/* Captcha Creation */                                                                                                                                         
$captcha = new CaptchaBuilder();                                                                                                                               
$captcha->build();                                                                                                                                             
if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                                                                                                    
    // Checking that the posted phrase match the phrase stored in the session                                                                                  
    if (isset($_SESSION['phrase']) && PhraseBuilder::comparePhrases($_SESSION['phrase'], $_POST['phrase'])) {                                                  
        header("Location: ../index.php");                                                                                                                      
        //echo "<h1>Captcha is valid !</h1>";                                                                                                                  
    } else {                                                                                                                                                   
        echo "<h1>Captcha is not valid!</h1>";                                                                                                                 
    }                                                                                                                                                          
    // The phrase can't be used twice                                                                                                                          
    unset($_SESSION['phrase']);                                                                                                                                
};                                                                                                                                                             
/* Disable Super Globals */                                                                                                                                    
$request->disable_super_globals();
When I removed it, phpbb started squaking at me again for trying to use them and having them disabled.

Code: Select all

Illegal use of $_SERVER. You must use the request class to access input data. Found in /var/www/anti_DDOS/index.php on line 26. This error message was generated by deactivated_super_global.
For security reasons, I prefer to leave them disabled, but I still need the script to work and not get over my head in php. I probably buggered something up.
User avatar
david63
Registered User
Posts: 19067
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Contact:

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by david63 »

confidentdepartment wrote:
Sun Feb 21, 2021 7:12 am
To protect my site from DDOS attacks
Out of curiosity why do you need to go to such lengths? This is normally something that I would expect to be dealt with at server level.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

david63 wrote:
Sun Feb 21, 2021 10:53 am
confidentdepartment wrote:
Sun Feb 21, 2021 7:12 am
To protect my site from DDOS attacks
Out of curiosity why do you need to go to such lengths? This is normally something that I would expect to be dealt with at server level.
Network constraints.
User avatar
3Di
Former Team Member
Posts: 16174
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milano 🇮🇹 Frankfurt 🇩🇪
Name: Marco
Contact:

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by 3Di »

Call to a member function enable_super_globals() on null

Code: Select all

* Enable Superglobals */                                                                                                                                      
$request->enable_super_globals();
Try

Code: Select all

global $request;

* Enable Superglobals */                                                                                                                                      
$request->enable_super_globals();
🆓 Free support for our extensions also provided here: phpBB Studio
🚀 Looking for a specific feature or alternative option? We will rock you!
Please PM me only to request paid works. Thx. Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user º Extensions, Scripts, MOD porting, Update/Upgrades
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

I was able to eliminate one of the two different results received from placing the desired phrase `require_once("antidos/index.php");`in the index.php at the base of the phpbb installation. Now I get the same result regardless of where the desire phrase is place, it melds both the page I would like to require once and the index.php page of my site together into one. So, it is less likely that using the index.php at the root folder of my site will work.
I have one other guess, and that is placing my snippet of custom code into the overall_header.html file.
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

3Di wrote:
Mon Feb 22, 2021 4:59 am
Call to a member function enable_super_globals() on null

Code: Select all

* Enable Superglobals */                                                                                                                                      
$request->enable_super_globals();
Try

Code: Select all

global $request;

* Enable Superglobals */                                                                                                                                      
$request->enable_super_globals();
@3Di - Got a different result from your suggestion that I have not seen before, but I am not sure if this is a good thing or not. Upon adding the extra line of code, I received the following error:

Code: Select all

PHP Fatal error:  Uncaught Error: Call to a member function enable_super_globals() on null in /var/www/phpbb/antidos/index.php:27\nStack trace:\n#0 /var/www/phpbb/index.php(17): require_once()\n#1 {main}\n  thrown in /var/www/phpbb/antidos/index.php on line 27
I am going to need to debug this much further to discover what the error is,
User avatar
3Di
Former Team Member
Posts: 16174
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milano 🇮🇹 Frankfurt 🇩🇪
Name: Marco
Contact:

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by 3Di »

confidentdepartment wrote:
Tue Feb 23, 2021 2:05 am
...

@3Di - Got a different result from your suggestion that I have not seen before, but I am not sure if this is a good thing or not. Upon adding the extra line of code, I received the following error:

Code: Select all

PHP Fatal error:  Uncaught Error: Call to a member function enable_super_globals() on null in /var/www/phpbb/antidos/index.php:27\nStack trace:\n#0 /var/www/phpbb/index.php(17): require_once()\n#1 {main}\n  thrown in /var/www/phpbb/antidos/index.php on line 27
...
Wrong, is the same error as per one of your posts.
confidentdepartment wrote:
Sun Feb 21, 2021 10:43 am
So the "blank" screen was the result of some bad code I had added in order to activate super globals temporarily. Below is the error message put out by apache:

Code: Select all

PHP Fatal error:  Uncaught Error: Call to a member function enable_super_globals() on null in /var/www/phpbb/anti_DDOS/index.php:22\nStack trace:\n#0 /var/www/phpbb/index.php(20): require_once()\n#1 {main}\n  thrown in /var/www/phpbb/anti_DDOS/index.php on line 22
The only error I can see is there, change that line
FROM

Code: Select all

* Enable Superglobals */
TO

Code: Select all

/* Enable Superglobals */
🆓 Free support for our extensions also provided here: phpBB Studio
🚀 Looking for a specific feature or alternative option? We will rock you!
Please PM me only to request paid works. Thx. Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user º Extensions, Scripts, MOD porting, Update/Upgrades
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

I must have deleted the beginning "/" somehow before posting. When I opened index.php to make the correction that line was not even present. The full block of code is as follows:

Code: Select all


/* Captcha Creation */                                                                                                                                         
$captcha = new CaptchaBuilder();                                                                                                                               
$captcha->build();                                                                                                                                             
global $request;
$request->enable_super_globals();                                                                                                                              
if ($_SERVER['REQUEST_METHOD'] == 'POST') {                                                                                                                    
    // Checking that the posted phrase match the phrase stored in the session                                                                                  
    if (isset($_SESSION['phrase']) && PhraseBuilder::comparePhrases($_SESSION['phrase'], $_POST['phrase'])) {                                                  
        header("Location: ../index.php");                                                                                                                      
        //echo "<h1>Captcha is valid !</h1>";                                                                                                                  
    } else {                                                                                                                                                   
        echo "<h1>Captcha is not valid!</h1>";                                                                                                                 
    }                                                                                                                                                          
    // The phrase can't be used twice                                                                                                                          
    unset($_SESSION['phrase']);                                                                                                                                
}                                                                                                                                                             
$request->disable_super_globals();
User avatar
confidentdepartment
Registered User
Posts: 29
Joined: Sat Nov 17, 2018 10:25 pm

Re: Using require_once("path/index.php") to load AntiDDOS Protection

Post by confidentdepartment »

Oh, Snap!!!

I got it figured, and it is such a bloody rookie mistake, I am so embarrassed. :oops: There was nothing wrong with the placement of the code or even the code itself. The problem lied in how $PATH was setup on the server, inevitably it was attempting to read a file that was not there. :lol:

This one is closed out. Thanks for the patience and support. :D
Post Reply

Return to “phpBB Custom Coding”