Skip to content

IP-Block-Ltd/ipblock-opencart

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

⚠️ Status: untested. This extension is provided as-is and has not been tested in production. Please feel free to fork, modify, improve, and open pull requests.

Licensed under GNU GPLv3 (see LICENSE).

IP Block Protection -- OpenCart extension

Screens storefront visitors against the ip-block.com IP-screening service and blocks flagged IP addresses. Built and verified against OpenCart 4.1.0.3.

What it does

  • Runs as early as possible on storefront requests via an event registered on catalog/controller/*/before (fires before the main page controller runs).
  • Because the trigger is catalog/-prefixed, the admin application never loads it -- you cannot be locked out of the back office.
  • Determines the real client IP (optionally from CF-Connecting-IP / X-Forwarded-For).
  • Sends POST https://api.ip-block.com/v1/check with a 1 second timeout.
  • Blocks the visitor only when the API returns {"action":"block"}.
  • On any error/timeout/non-2xx response it applies the fail mode (default fail open = allow).
  • Caches each decision (default 300s) keyed by md5(ip|user_agent|referrer) using OpenCart's native cache.
  • Always honours the whitelist.

Install

  1. Copy the contents of upload/ into your OpenCart root, so the extension lives at extension/ipblock/. (Or zip the extension per the OpenCart marketplace layout and upload it via Extensions > Installer.)
  2. Go to Extensions > Extensions, choose Modules from the dropdown, find IP Block Protection, and click the + (Install) button. Installing registers the storefront event automatically.
  3. Click the pencil (Edit) button to configure.

Configure

Setting Purpose
Enable protection Master on/off switch.
Site ID Your ip-block.com site identifier.
API key Your ip-block.com API key (sent in the request body).
API URL Endpoint. Default https://api.ip-block.com/v1/check.
Fail open On API failure: Yes = allow (default), No = block.
Cache TTL Seconds to cache a decision. 0 = check on every request. Default 300.
Behind a proxy/CDN Read real IP from CF-Connecting-IP / X-Forwarded-For.
Block action redirect (default) to the blocked page, or message (HTTP 403).
Block message Text shown when Block action = message.
Whitelist IP addresses never blocked, one per line.

Files

upload/extension/ipblock/
├── install.json                                   Extension metadata
├── admin/
│   ├── controller/module/ipblock.php              Settings + install()/uninstall() (event register)
│   ├── language/en-gb/module/ipblock.php          Admin language strings
│   └── view/template/module/ipblock.twig          Settings form
├── catalog/
│   └── controller/module/ipblock.php              Event guard (the .guard callback)
├── system/
│   └── library/ipblock/
│       ├── client.php                             HTTP POST client (1s timeout)
│       └── checker.php                            Whitelist + cache + fail mode + real IP
└── README.md

Notes

  • Settings are stored in the setting table under the module_ipblock group; the API key is stored there in clear text (OpenCart has no native at-rest encryption for settings) -- restrict DB/admin access accordingly.
  • The event is registered with code ipblock; uninstalling the module removes it.
  • Uninstall does not delete stored settings, so re-installing keeps your config.

About

IP Block protection for OpenCart — ip-block.com integration. Untested at the moment; please feel free to modify. GPLv3.

Topics

Resources

License

Contributing

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors