This topic contains 0 replies, has 1 voice. Last updated by Rob Reid 4 years, 4 months ago.
Topic Author | Topic |
---|---|
Posted: Wednesday Aug 15th, 2012 at 4:56 am #22058 | |
I am trying to verify my site with the s2Member security badge but it at the moment it just won’t verify. I have ensured: I also use 2 other plugins I don’t know why I cannot get verified but when I use the test button I get back a “0” and the badge in the setup section says “not verified” As I do block a lot of hackbots & spambots I use a rule (amongst many) that blocks any agent without a user-agent defined as they are usually signs of script kiddy’s and hackers who can’t be bothered to write a proper scraper that tries to be undetectable. I also block people using default HTTP library scrapers e.g those that use CURL, snoopy, WinHTTP etc as their user-agent as I have found this is a similar reason for people not scraping properly. When I check my access log after running the manual check I can see my own request is allowed 22.22.22.22- – [12/Aug/2012:22:03:39 +0000] “GET /?s2member_s_badge_status=1 HTTP/1.1” 200 27 “http://www.mysite.com/wp-admin/admin.php?page=ws-plugin–s2member-gen-ops” “Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.75 Safari/537.1” 0/331633 But when I run a search for s2member I can see their own attempts are being blocked due to their not passing a useragent e.g 199.168.175.123 – – [19/Jul/2012:12:32:09 +0000] “GET /?s2member_s_badge_status=1 HTTP/1.0” 403 417 “-” “-” 0/1556 As a developer who deals in scraping, hacking defence and crawling all day long in my day job I would obviously recommend s2member to pass a user-agent identifying themselves so that they don’t get blocked by htaccess rules etc. However as it seems they are just crawling the same page the admin area links to e.g /?s2member_s_badge_status=1 it would seem the actual status code is set internally and not from an external crawl which probably just gets the success code and stores it on the s2member DB so that the badge can show the right wording. Therefore I am wondering what should I check for to see why I am not being verified. I can run SQL against the DB if that would help as long as I knew what I was looking for – I guess it would be in wp_options OR a custom s2member table. Any help would be much appreciated. Thanks |