Category Archives: Drupal

Drupal: Search for users by eMail address

Posted on by
5

This Drupal tip is probably obvious for 98% of Drupal admins out there – but I’ll post it here for that 2% that have no idea that searching for users by email address is possible/so simple. I used Drupal for over 2 YEARS before I stumbled on how to do this!

To search for a user by email address:
In most themes, you can simply leave the ‘search box’ empty and hit the SEARCH button. This will bring you to a search page with a ‘content’ tab and a ‘users’ tab. Simply enter the email address or partial email address in the search field in the ‘users’ tab, and press search. No need for special wildcard characters. For example, to list all of your users with Hotmail addresses, just type in ‘hotmail.com’.

That’s it!
Happy Christmas everyone and I hope that Santa brings you what we’ve all wished for – much traffic and earnings!

Keep Track of What You Break!

Posted on by
Reply

Do you make a lot of changes to your site?
Do you realize later that you broke something?
Do you pull out your hair because you don’t remember exactly what you changed days or weeks ago?

..yah, me too.

I can’t remember how many times I’ve made a bunch of changes, installed new modules, change my Apache config, deleted modules, etc, then find something broken days or even weeks later. What’s more frustrating is remembering “i know I changed something.. I just can’t remember exactly what!

There is a easy way to avoid this frustration: Keep a simple “change-log” of everything you do. Create a txt file and keep in a handy location – like on your desktop. Every time you change something, jot it down in the file. For example:

Dec 12 9:50AM - changed Boost-module cache settings to 9-hrs
Dec 11 10:20pm - changed PHP.INI memory_limit = 16M to memory_limit = 32M

It’s simple and free, and I can’t tell you how many times it’s saved my butt.. I also can’t tell you how many times i’ve kicked myself for being lazy and NOT recording something in my changelog file and realizing days later that something is broke and I can’t remember what I did to break it.

Make Kontera Load Faster

Posted on by
4

From the first day I started touting Kontera as a money-maker I have been hearing from other webmasters that they tried Kontera but had to drop it because it slowed-down their webpages as the Kontera tags/ads loaded. I never experienced this issue so i just poo-phoo’d them.

Recently however, imagine my horror when i found that Kontera had started to slow-down my web pages as well! I contacted my Kontera account manager and he mentioned that there are some updated Kontera tags in the works that may help improve performance by not loading until after the content on your page has loaded. I tried the new tags and sure ’nuff, the new tags are indeed teh snappier!

To get the new Kontera tags for your site contact your account manager and he or she will hook you up.

DRUPAL: How To Use dnsBL and RBLs

Posted on by
Reply

Most of my recent yammering about using DNSBLs to block spammers, trolls and other riff-raff has focused on using the DNSBL with Mod_security rules and IPTables firewall which requires either a dedicated server or at least a VPS – leaving all you shared-hosting users out in the cold to fend for yourselves..

But Drupal users in shared-hosting environments rejoice and fear not! You can easily incorporate some of the fun and function of these DNSBLs too! You won’t have the same ability to totally drop their packets but you can block the posts that they make or redirect them to an error page.. Here’s how:

The Drupal TROLL module will not only allow you to block IP’s of users or other IP’s that you add to the block-list, but it will also make-use of DNS Blacklists (DNSBL) to prevent the spammers/trolls, etc from making any posts. They can still read your pages, they just can’t make posts. To use the DNSBL option in TROLL, install as usual, then on the DNS BLACKLIST tab in the configuration page click the “Enable Operation” checkbox and specify how many blacklists the IP must appear on before being “blacklisted” (1 should be plenty).

By default the Troll module uses dnsbl.sorbs.net, bl.spamcop.net, dnsbl.njabl.org, cbl.abuseat.org, & sbl-xbl.spamhaus.org. I would be careful with some of those – particularly spamcop.net and the sbl-xlb.spamhaus.org list. I would change sbl-xbl.spamhaus.org to XBL.spamhaus.org and maybe replace the others with some from my favorite black lists. Remember – be careful. I dont think the Troll module will log when IP’s are blocked so you wont have a good gauge of who is being blocked.

The other way which you can use instead-of Troll or in addition-to Troll is one of my other favorite Drupal Modules, Bad Behavior. The newer version of BadBehavior includes httpBL support from ProjectHoneyPot which will catch/stop a lot of spammers and trolls. The Drupal BadBehavior module is no longer officially supported by the Author, but the community has been doing a good job at patching it and keeping it current. To get the newer versions of BadBehavior to work with Druapal and also enable httpBL support read-through this page at Drupal: Updated For BadBehavior 2.1. If all the posts in that thread are too much to follow, I have the fully-patched (with updated whitelists) version and I’d be happy to ZIP/gZIP it up and send to anyone that needs it.

Choosing The Best RBL or DNSBL

Posted on by
Reply

Now that I have reactivated the use of RBL’s/DNSBL’s on my web server I have been on the hunt for the “perfect” RBL. I define ‘perfect’ as providing fast responses, 99.98% or better uptime, and containing the type’s of IP’s I want to block: spammers, bots, troll’s and proxies.

Since most of the DNSBL’s out there are made for email servers, you cant just go slapping any one on your server to block the riff-raff. Many of the lists out there will block IP’s that dont have PTR records, are on dynamic IP’s, etc. Things like that are good for blocking email spammers, but not good for blocking access to your site. Any time you add a new blacklist you should watch your logs carefully and double-check every IP it blocks in Google/WHOIS, etc, and at a minimum make sure it’s not blocking too many IP’s. Lists like ZEN.spamhaus.org or barracudacentral.org can and will block damn-near anyone, so be careful.

Unfortunately there is no one, perfect DNSBL – each block list will block slightly different IP’s. Since I don’t like to have more than two or three DNSBL’s active at the same time for fear of page-load slowdowns, I’ve been rotating the DNSBL’s over the last week or two and carefully watching the stats for each one. These are my favorites so far:

xbl Spamhaus – Spamhaus is like the Cadillac of DNSBLs. XBL.spamhaus.org contains hijacked PCs, some open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits. – If I had to pick only ONE RBL to use, xbl.spamhaus.org would be my choice.

opm.tornevall.org – Great list for open proxies and TOR proxies. opm.tornevall was originally created by a forum webmaster that got sick of trolls and finally did something about it.

combined.abuse.ch – The DNSBL built in Switzerland – it must be good! combined.abuse.ch contains all three of abuse.ch’s DNSBLs – DRONE, httpBL, & SPAM and blocks everything from hijacked PC’s to referral spammers and compromised web-servers.

dnsbl-3.uceprotect.net – The BADASS of DNSBLs! USE WITH CAUTION – dnsbl-3.uceprotect.net is a very strict list of spammers. You may want to start out with dnsbl-2 or dnsbl-1.uceprotect.net and work your way up.

all.spamrats.com – Another hard-line spammer-blocking DNSBL. Like uceprotect.net, use all.spamrats.com with care.

One good way to find out what blocklist might be good for you is to run-thru the IP’s of known spammers (that you find caught by Akismet, BadBehavior, etc) and run the IP through a multi-block list checker like robotex.com – It can help point you to the exact DNSBL that is right for your website.

Do you use an RBL? What is your favorite? Have you tried using RBLs and had to stop? Why?

Keeping Spammers Away

Posted on by
2

I’ve spent a lot of late nights over the last two weeks fine-tuning my anti-spam, anti-troll, and anti-script kiddies setup. I’ve also spent a bit of time optimizing all of my MySQL databases and Apache memory usage, but that almost seemed easy compared to keeping the trolls and spammers away.

Over the last week I have also slowly re-enabled the use of RBL’s via MOD_SECURITY to catch the IP’s of known spammers, open SOCKS proxies, TOR nodes, etc then pass the IP address to the firewall to block them (semi) permanently. I had disabled the use of RBL’s and DNSBL’s a while back due to performance issues but I finally worked those problems out (DNS lookup & firewall problems).

The overall setup now looks something like this:
Layered Security
The funny thing is that even with all the fancy firewalls, mod_security, RBL, DNSBL’s and user-agent filtering, good-old Akismet and Bad-Behavior still catch things that all the others missed.