Add Error Limit for submissions that works similar to Speed Limit

[eSilverStrike]

Bots constantly are hitting all websites testing the url variables for weakness and draining server resources. We should add functionality that works similar to the Geeklog Speed Limit (that is expandable to plugins) but keeps track of the number of submission errors (including incorrect variables content passed, spam found, etc...) a session has (or ip???). It should also work for potentially other errors like trying to access the admin section, going beyond page limits, etc.. (like counting 404 errors)

This way plugins like Ban can take this information and based on the type of error (likes submission, comment submission, etc...) apply restrictions (ie IP banned for 10 like submission errors in 60 seconds).

Should have config option to disable this as if user doesn't have a plugin like Ban that can take advantage of this there is most likely no reason to record errors.

[mystralkk]

How about changing COM_checkSpeedlimit like this:

COM_checkSpeedlimit($type = 'submit', $max = 1, $property = '')

-->

COM_checkSpeedlimit($type = 'submit', $max = 1, $property = '', &$isSpeeding)

In this function, if the number of records in the $_TABLES['speedlimit'] table exceeds the value of $max, we set $isSpeeding to true. And at the same time, we call PLG_onSpeeding($ipAddress) (this function is not implemented yet) and let the plugins know that the user is hitting the limit. This way we don't have to have a new config option. How does this change sound, @eSilverStrike ?

[eSilverStrike]

That sounds like a good idea.

So we could then add some general error tracking for maybe 404 errors handled by Geeklog in COM_handle404 and the SPAM-X plugin using the isSpeeding flag. Types could be "error-404" and "error-spam"

Then the ban plugin could have the required function for PLG_onSpeeding and then know to ban the ip when a certain threshold is met for those types.

[mystralkk]

Implemented. I defined $max argument for COM_checkSpeedlimit explicitly in the top of "lib-plugins.php" and added a fourth argument &$isSpeeding to the function.

[eSilverStrike]

Added a feature request to the ban plugin for this and was just quickly going over things to see how it worked.

COM_checkSpeedlimit will call plugin_onSpeeding_ban($type, $property, $last). At this point ban needs to determine what to do based on what is stored in the speedlimit database table either by using the constants stored in lib-plugins or by having its own config values.

So doesn't this mean COM_updateSpeedlimit() function calls needs to be added to Geeklog Core for the types? 'error-403', 'error-404', 'error-spam'? Or am I not looking at this right?

[mystralkk]

I forgot about COM_updateSpeedlimit(). I added calling COM_updateSpeedlimit() after calling COM_checkSpeedlimit with $type being 'error-403', 'error-404' and 'error-spam'.

[eSilverStrike]

@mystralkk FYI I also added error-speedlimit type that tracks when speedlimit errors happen.