En vous promenant sur Beamreactor, nous stockons votre IP 48h pour des raisons de sécurité.

Lecteur Markdown

abuse Documentation › ABUSE_DOCUMENTATION_EN

Abuse Documentation En

Feature: Abuse #

Public abuse and security incident reporting form. Lets any visitor report a network attack, phishing, copyright violation, illegal content, CSAM, product misuse or a GDPR violation. The form adapts to the abuse type, accepts an attachment and notifies the administrator by email.

Installation and Configuration

Via FTP: Upload the abuse/ directory into /plugins/.

Via package manager: Select abuse from the available plugins list.

Paths:

  • Main plugin: /plugins/abuse/abuse.php
  • Upload directory: $cfg[20]/abuse_reports/ (created automatically)

Configuration parameters:

| Variable | Default | Description |

|---|---|---|

| $basedatadisplay | 'yes' | Visible in the management interface |

| $basedisplevel | BASE_LEVEL_USER | Available to everyone, including visitors |

| $ftype | 4 | Community type |

| $abuse_max_file_size | 10485760 (10 MB) | Max attachment size |

| $abuse_allowed_extensions | txt, log, pdf, png, jpg, jpeg, gif, zip, docx, xlsx, eml | Allowed extensions |

| $abuse_notification_email | $cfg[10] (admin email) | Notification recipient |

| $abuse_upload_dir | $cfg[20]/abuse_reports/ | Attachment storage directory |

Report types ($abuse_report_types): each type maps a label and a field type — 1 = source/document (URL, reference), 2 = domain name, 3 = IP address.

| Key | Expected field |

|---|---|

| network_attack | IP address |

| phishing | Domain name |

| copyright | Source / document |

| illegal_content | Source / document |

| csam | Source / document |

| product_misuse | Source / document |

| gdpr | Source / document |

SQL tables used: abuse_reports (created automatically on first access; statuses: pending, investigating, resolved, closed)

Usage

1. The user opens the form and chooses an abuse type.

2. The form adapts: the requested field (source, domain or IP) changes with the type.

3. They fill in the details, may attach a supporting file (log, screenshot…) and solve a simple math captcha for anti-spam.

4. On submission, the report is saved, the attachment stored, and an email notification is sent to the administrator. The reporter's IP address is logged for traceability.

Hooks and Entry Points

text
?obj=abuse.php        — Public reporting form

Submission is done via POST (with $_FILES for the optional attachment).

Dependencies

  • Beamreactor\Sanitizer\Parser
  • Beamreactor\Database\SQL
  • Beamreactor\Notifications\Toast
  • Beamreactor\Core\Sessions

Security

Publicly available (including non-logged-in visitors). Anti-spam protection via captcha. Uploads are restricted by size and extension, and stored outside the plugin's public tree. Input is sanitized through Parser::sanitize() and queries use bound parameters. The reporter's IP is logged.

← Toutes les docs abuse
de en fr