Anti-U?E Index Chris' Home Page

Improved FFA abuse logging


Overview

There are two simple things you can do to help victims track down people who abuse your FFA links page in order to mail-bomb them:

  1. You should include the IP address and date of the FFA link submission in the confirmation E-mail. If someone is mail-bombed, then they can identify the perpetrator without bothering you.
  2. You should maintain for your own records a log of all FFA submissions.

This page tells you how to modify your FFA script in order to do these two things. You will have to edit your FFA "submission" perl script. You do not need to know perl to follow these instructions. If you tried follow these instructions and got stuck, feel free to contact me and I will try to help you out.

NOTE: In the perl script, characters such as quotation marks and semicolons are significant. If you don't follow these instructions exactly, chances are that the resulting script will not work at all. I recommend that you copy-and-paste from this page into your script, to ensure that you don't miss any characters.


Step 1 - backup

Save a copy of your original FFA script. In the event that you get stuck, you can restore the copy to its original location and at least you won't have lost anything.


Step 2 - specify location of log file

Add the following lines near the top of your script. Note that it cannot be inserted at the very top. The very first line of the script will need to be the "#!" line that identifies the location of the perl interpreter. But it can be inserted anywhere after that.

# Location of logging file
$internalLog = "LOG-DIRECTORY/log.txt";

You should replace the text LOG-DIRECTORY below with the path of a directory where you wish the log to be placed. For example it might be "/wwwroot/links". If you leave the variable empty (i.e., $internalLog = "";) a log will not be kept.

If you place the log file in a location where your web server can serve it, then you can examine the log remotely with your web browser. For example, suppose that your script had these variable settings:

$htmlpath = "/www/site/linkpage/links.htm";
$htmlurl = "http://www.domain.com/linkpage/links.htm";

Then you could set the log file location to "/www/site/linkpage/log.txt" and you could access the log remotely as "http://www.domain.com/linkpage/log.txt".


Step 3 - notify recipient of IP address

Find the following (non-bold) lines near the bottom of the FFA script, and insert the bolded lines in the appropriate location.

print MAIL "the below link being placed.....\n\n";
print MAIL "Title: $title\n";
print MAIL "URL: $url\n";
print MAIL "Section: $section\n";
$ip = $ENV{'REMOTE_ADDR'};
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$sec = "0${sec}" if ( $sec < 10);
$min = "0${min}" if ( $min < 10);
$hour = "0${hour}" if ( $hour < 10);
$mday = "0${mday}" if ( $mday < 10);
$mon = ("JAN","FEB","MAR","APR","MAY","JUN","JUL","AUG","SEP",
    "OCT","NOV","DEC")[$mon];
$year = $year + 1900 if ( $year < 1000);
$date = "[${year}-${mon}-${mday} ${hour}:${min}:${sec}]"

print MAIL "Submitted from IP address: ${ip}\n";
print MAIL "Submitted at: ${date}\n";

print MAIL "Submitted by: $email\n\n\n";

Step 4 - log IP address

At the very bottom of the script, add the following lines. Note that they depend on the variables which are set in Step 3, and on the location of the log file specified in Step 2.

# Log to internal log
if ( $internalLog ne "" ) {
    if ( open( LOG, ">>$internalLog" ) ) {
    flock( LOG, 2 );
    print LOG "${date} IP ${ip} - EMAIL ${email} - URL ${url}\n";
    close( LOG );
    }
}

Step 5 - install and test

On your web server, replace your original FFA script with the one you have modified. Submit a link on your own FFA page and verify that three things happen:

  1. The link gets added as it should.
  2. You receive an E-mail that now includes date and IP address.
  3. The same information is appended to the log file.

Anti-U?E Index Chris' Home Page