init

acp/main_info.php

@@ -0,0 +1,37 @@
+<?php
+/**
+ *
+ * Onionbb: Tor hardening. An extension for the phpBB Forum Software package.
+ *
+ * @copyright (c) 2019, cypherbits
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ */
+
+namespace cypherbits\onionbb\acp;
+
+/**
+ * Onionbb: Tor hardening ACP module info.
+ */
+class main_info
+{
+	public function module()
+	{
+		return array(
+			'filename'	=> '\cypherbits\onionbb\acp\main_module',
+			'title'		=> 'ACP_ONIONBB_TITLE',
+			'modes'		=> array(
+				'settings'	=> array(
+					'title'	=> 'ACP_ONIONBB',
+					'auth'	=> 'ext_cypherbits/onionbb && acl_a_board',
+					'cat'	=> array('ACP_ONIONBB_TITLE')
+				),
+				'checks'	=> array(
+					'title'	=> 'ACP_ONIONBB_CHECKS',
+					'auth'	=> 'ext_cypherbits/onionbb && acl_a_board',
+					'cat'	=> array('ACP_ONIONBB_TITLE')
+				),
+			),
+		);
+	}
+}

acp/main_module.php

@@ -0,0 +1,70 @@
+<?php
+/**
+*
+* Onionbb: Tor hardening. An extension for the phpBB Forum Software package.
+*
+* @copyright (c) 2019, cypherbits
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+*/
+
+namespace cypherbits\onionbb\acp;
+
+/**
+* Onionbb: Tor hardening ACP module.
+*/
+class main_module
+{
+	public $page_title;
+	public $tpl_name;
+	public $u_action;
+
+	/**
+	* Main ACP module
+	*
+	* @param int    $id   The module ID
+	* @param string $mode The module mode (for example: manage or settings)
+	* @throws \Exception
+	*/
+	public function main($id, $mode)
+	{
+		global $phpbb_container;
+
+		/** @var \cypherbits\onionbb\controller\acp_controller $acp_controller */
+		$acp_controller = $phpbb_container->get('cypherbits.onionbb.controller.acp');
+
+		/** @var \phpbb\language\language $language */
+		$language = $phpbb_container->get('language');
+
+		switch($mode){
+			case "settings":
+			// Load a template from adm/style for our ACP page
+			$this->tpl_name = 'acp_onionbb_settings';
+
+			// Set the page title for our ACP page
+			$this->page_title = $language->lang('ACP_ONIONBB_TITLE');
+
+			// Make the $u_action url available in our ACP controller
+			$acp_controller->set_page_url($this->u_action);
+
+			// Load the display options handle in our ACP controller
+			$acp_controller->display_settings();
+			break;
+			case "checks":
+			// Load a template from adm/style for our ACP page
+			$this->tpl_name = 'acp_onionbb_checks';
+
+			// Set the page title for our ACP page
+			$this->page_title = $language->lang('ACP_ONIONBB_TITLE');
+
+			// Make the $u_action url available in our ACP controller
+			$acp_controller->set_page_url($this->u_action);
+
+			// Load the display options handle in our ACP controller
+			$acp_controller->display_checks();
+			break;
+		}
+
+
+	}
+}

adm/style/acp_onionbb_checks.html

@@ -0,0 +1,38 @@
+{% include 'overall_header.html' %}
+
+<h1>{{ lang('ACP_ONIONBB_TITLE') }}</h1>
+
+{% if S_ERROR %}
+	<div class="errorbox">
+		<h3>{{ lang('WARNING') }}</h3>
+		<p>{{ ERROR_MSG }}</p>
+	</div>
+{% endif %}
+
+<table class="table1 two-columns no-header responsive show-header" data-no-responsive-header="true">
+		<caption>Hardening checks</caption>
+		<colgroup>
+<col class="col1"><col class="col2"><col class="col2">
+	</colgroup>
+<thead>
+	<tr>
+		<th>Setting</th>
+		<th>Current value</th>
+<th>Recommended</th>
+	</tr>
+	</thead>
+	<tbody>
+	<tr>
+		<td>Min password lenght: </td>
+		<td><strong>{{ CYPHERBITS_ONIONBB_CHECK_PASSWORDLENGHT }}</strong></td>
+<td><strong>10</strong></td>
+	</tr>
+	<tr>
+		<td>Min username lenght: </td>
+		<td><strong>{{ CYPHERBITS_ONIONBB_CHECK_USERNAMELENGHT }}</strong></td>
+<td><strong>8</strong></td>
+	</tr>
+		</tbody>
+	</table>
+
+{% include 'overall_footer.html' %}

adm/style/acp_onionbb_settings.html

@@ -0,0 +1,49 @@
+{% include 'overall_header.html' %}
+
+<h1>{{ lang('ACP_ONIONBB_TITLE') }}</h1>
+
+{% if S_ERROR %}
+<div class="errorbox">
+	<h3>{{ lang('WARNING') }}</h3>
+	<p>{{ ERROR_MSG }}</p>
+</div>
+{% endif %}
+
+<form id="cypherbits_onionbb_acp" name="cypherbits_onionbb_acp" method="post" action="{{ U_ACTION }}">
+
+	<fieldset>
+		<legend>{{ lang('SETTINGS') }}</legend>
+		<dl>
+			<dt><label>Only allow request from this IPs (recommended)</label></dt>
+			<dd><label><input type="checkbox" name="cypherbits_onionbb_checkIP" value="1" {% if CYPHERBITS_ONIONBB_CHECKIP %} checked {% endif %}> Enable. Separated with commas (,)</label>INFO: current IP is {{ CURRENT_IP }}<br>
+				<textarea name="cypherbits_onionbb_checkIP_list">{{ CYPHERBITS_ONIONBB_CHECKIP_LIST }}</textarea></dd>
+			</dl>
+			<dl>
+				<dt><label>Block Tor2Web (recommended)</label></dt>
+				<dd><label><input type="checkbox" name="cypherbits_onionbb_blockTor2Web" value="1" {% if CYPHERBITS_ONIONBB_BLOCKTOR2WEB %} checked {% endif %}> Yes, block it.</label><br>
+					<label><input type="checkbox" name="cypherbits_onionbb_blockTor2Web_DNT" value="1" {% if CYPHERBITS_ONIONBB_BLOCKTOR2WEB_DNT %} checked {% endif %}> Block DNT header too. (Improves Tor2Web detection)</label>
+				</dd>
+			</dl>
+			<dl>
+				<dt><label>Only allow request with this Host header (recommended)</label></dt>
+				<dd><label><input type="checkbox" name="cypherbits_onionbb_host" value="1" {% if CYPHERBITS_ONIONBB_HOST %} checked {% endif %}> Enable. Separated with commas (,)</label>INFO: current Host header is {{ CURRENT_HOST }}<br>
+					<textarea name="cypherbits_onionbb_host_list">{{ CYPHERBITS_ONIONBB_HOST_LIST }}</textarea></dd>
+				</dl>
+				<dl>
+					<dt><label>Block non-standard User-Agents (recommended)</label></dt>
+					<dd><label><input type="checkbox" name="cypherbits_onionbb_userAgents" value="1" {% if CYPHERBITS_ONIONBB_USERAGENTS %} checked {% endif %}> Yes, block it.</label>INFO: current User-Agent is {{ HTTP_USER_AGENT }}<br>
+						<label><input type="checkbox" name="cypherbits_onionbb_userAgentsTB8" value="1" {% if CYPHERBITS_ONIONBB_USERAGENTSTB8 %} checked {% endif %}> Only allow the latest Tor Browser 8.x Windows, Linux and Android.</label>
+					</dd>
+				</dl>
+
+			</fieldset>
+
+			<fieldset class="submit-buttons">
+				<input class="button1" type="submit" id="submit" name="submit" value="{{ lang('SUBMIT') }}" />
+				<!--<input class="button2" type="submit" id="preview" name="preview" value="{{ lang('PREVIEW') }}" />-->
+				{{ S_FORM_TOKEN }}
+			</fieldset>
+
+		</form>
+
+		{% include 'overall_footer.html' %}

composer.json

@@ -0,0 +1,27 @@
+{
+    "name": "cypherbits/onionbb",
+    "type": "phpbb-extension",
+    "description": "Help phpBB on Tor Hidden Services prevent attacks",
+    "homepage": "",
+    "version": "1.0.0-dev",
+    "time": "2019-05-22",
+    "license": "GPL-2.0-only",
+    "authors": [
+        {
+            "name": "cypherbits",
+            "email": "",
+            "homepage": "",
+            "role": ""
+        }
+    ],
+    "require": {
+        "php": ">=7.3",
+        "composer/installers": "~1.0"
+    },
+    "extra": {
+        "display-name": "Onionbb: Tor hardening",
+        "soft-require": {
+            "phpbb/phpbb": ">=3.2.0,<3.3.0@dev"
+        }
+    }
+}

config/parameters.yml

@@ -0,0 +1,2 @@
+parameters:
+    cypherbits.onionbb.tables.onionbb_table: '%core.table_prefix%cypherbits_onionbb_table'

config/routing.yml

@@ -0,0 +1,3 @@
+cypherbits_onionbb_controller:
+    path: /demo/{name}
+    defaults: { _controller: cypherbits.onionbb.controller.main:handle }

config/services.yml

@@ -0,0 +1,37 @@
+imports:
+    - { resource: parameters.yml }
+
+services:
+    cypherbits.onionbb.controller.main:
+        class: cypherbits\onionbb\controller\main_controller
+        arguments:
+            - '@config'
+            - '@controller.helper'
+            - '@template'
+            - '@language'
+
+    cypherbits.onionbb.controller.acp:
+        class: cypherbits\onionbb\controller\acp_controller
+        arguments:
+            - '@config'
+            - '@language'
+            - '@log'
+            - '@request'
+            - '@template'
+            - '@user'
+
+    cypherbits.onionbb.service:
+        class: cypherbits\onionbb\service
+        arguments:
+            - '@user'
+            - '%cypherbits.onionbb.tables.onionbb_table%'
+
+    cypherbits.onionbb.listener:
+        class: cypherbits\onionbb\event\main_listener
+        arguments:
+            - '@language'
+            - '@controller.helper'
+            - '@template'
+            - '%core.php_ext%'
+        tags:
+            - { name: event.listener }