I checked and both hooks are present, although I had to edit the xml file to change the version from 3.6.5 to 3.6.2 - but installed ok, after a quick text using an email address off the stop spam site ... I got the same error as above -

After a quick check it would appear that the class simplexmlelement is only in PHP 5 upwards ... I'm on 4.4.8 -- so this isn't compatible.

Ill add a test in the code for the php5 function, if it doesnt exist, then it will have to skip. Php4 is end of live. If I get the time, Ill right a replacement for it but it seems pointless in doing that when php provides a perfectly good function

Hmm, strange. I setup my firewall to drop all connections to SFS to test connection errors. Are you usign curl?

I suspect dropping connections (immediate failure) is probably exhibiting different behavior than a request stalling out from a delayed response?

I'm using default settings, so CURL if available.

My server is configured:

I'm not sure I understand what you mean, are you going to write a fix? I'd love to use this mod. I've got some pensy pests from germany and china, they were being blocked but otehrs couldn't register because of the error.

Thanks

Marck

ill write some code to check if youre using php5... if not, then Im still undecided what I should do. Tomorrow, I might write some code to parse the XML without php5 functions.

But you REALLY should move to php5

skippy - Ill test how it handles complete junk response and fix them up.

Aha! I was assuming I was on PHP 5.2 but i was not, somehow it was running on 4.8 (the other guy must have messd with the settings) changed it back, works like a charm now. Thanks :)

This is a very cool hack but I'm holding off until you get the bugs out.

Im on a heavily modified 3.6.5 so please keep developing this for 3.6 Looking forward to the stable release. :up:

From Russ regarding the slow down the other day:

Easier said than done when you're hosting with 1and1 who very likely won't upgrade if I ask nicely!

Ill back port the XML to work on PHP 4 and add a lot of error checking for results that arent a timeout or a valid XML response.. That should work things more stable and more people happy :)

Just for the folks "waiting for a more stable version"

I have been running this for a week or so on a live site with 10,000+ unique visitors a day. I average 100 spam registrations a day. I am running this plugin (VB 3.6.10) and the only issue I had is when stopforum.com went offline due to the power outage.

It cut my bogus registrations down > 50% .. anxiously awaiting the ability to add to stopforum direct from vbulletin!

Thanks for all of you great efforts pedigree!

Thanks skippy :)

Ive just completed v0.6, ready for testing

And just for skippy, Ive started on the code to integrate a submit form directly to the UI. Should be ready shortly, dependant on my work load in the office and my laptop battery life on the train :)

Installed and running.

Only feedback so far is the Db issue requiring uninstall before upgrade and the loss of historical logs when doing so.

Had a couple get caught already, seems to be doing its job.

I was pondering the logs situation. I guess I could code around them.. Dont delete them on uninstall and if I ever have to change the log database table, I can test for and then upgrade just that table....

Ill do that from now on with specific mention in the instructions that an uninstall wont remove the logs table, with instructions on just how to do that

Just installed, we'll see how it goes! Gotten a lot of human spammers in the past couple of days, but most are on that blacklist.

Just some notes to fix up the instruction file:

Thanks Wired1 - Ill make those changes right now.

With the next version, the templates will be automatically modded so no template changes will be required. Those that have changed them manually can safely revert, making vb patches much easier

Found the log, DAMN, in a 12 hour period, 21/46 registration attempts were blocked, SCHWEET :)

However, some names are duplicated, assuming this is because the registration page reloaded because the user didn't type in the password right or something.

Also, the permissions aren't working right for me. The buttons show up on the statistics page regardless of group. Rebuilt bitfields, no go.

The duplicates will come from two places
- The user refreshing and trying to reregister.
- Policy allowing a spammer. It will allow Spammer Allowed by Policy and then a Registration complete. This is to show that it has completed properly.

Ill retest the postbits, can you PM me a link or a small JPG, so that I can really concentrate on whats causing that error. Im going to remove the postfits and move to an options based group config. This will give a per group and a per user ganular control list and should work better for whitelisting control and group/user exclusion (dont want to submit your admin account right? :) )

It's the code for the MEMBERINFO_BLOCK_STATISTICS edit. I just removed the code for the time being, as it's not needed for the auto-blocking of spammers :)

I was trying to slap the edit into $template_hook[profile_stats_last] for awhile as well :)

Hmm, Ive done something bad here.

In between testing, copying/pasting from the server to my local machine to ZIP up the files, Ive made a bad mistake in the instructions

ALL THOSE THAT MODDED THEIR TEMPLATES, NEED TO DO THIS

Edit template MEMBERINFO

- Find this and delete

Or revert the template if youve made no other changes

God knows what I was thinking but unless you do this, people will see IP numbers of visitors.

Ive very sorry for this and thanks to Wired1 for making me think about it.

Ill be removing this from the instructions, reloading v0.61 without any template changes. In v0.7, the template changes will be automatic and verified completely

Instructions need to be clarified then (at least for 3.7.x). Currently they say edit MEMBERINFO and look for:
Looks like as of 3.7.x, they moved that code into the template I mentioned.

Thanks pedigree!

I have been blocking, using other mods, quite a lot of spammers coming from China lately. Will add this mod as an additional line of defense.

:up:

Well, I completely bollocks up one of the most basic mistakes in PHP, the = and == comparisons :( If you modded the MEMBERINFO template, you need to undo the changes (or revert the template if no other changes have been made to it)

Ive uploaded v0.61 without template mods in the instructions, have notified those with "installed" to undo the template changes.

The core backend code will work on 3.6 and 3.7 and Ive code most of the code written for 3.7 that integrates a tab in the User Profile, based on the group list in the options (new configuration lists in v0.7) Until then however, Ill be testing the access controls like a nut job trying to get out of a box. All the template changes will be automatically parsed with hooks.

Why remove that section of code? Just add conditionals around it, that'll hide it from normal users

That as well but I wanted to make sure that nothing sneaked out... It was "Panic stations"

Was that the only template edit in the old instructions?

When attempting to upgrade from 0.6 to 0.61, I get this error:

It was only the template edit, you dont need to reimport from 0.60 to 0.61

Although Im suprised to see that error. Ill have to add a check to test for suplicate posbfits like that.. It shouldnt ever happen

The uninstall drops those two columns from the database

You might have to run drop uninstall/reinstall and if that fails, drop them from phpMyAdmin.

Im going to look how that could possibly happen

Theyre going to be gone in v0.7 anyway.

Great work - I think this is very promising.

@pedigree: You got PN, I think I have something for you ;)

Wired I can only think that you didnt uninstall, thus it tried to recreate the postbits. Ive set the XML to ignore DB errors in the case of a force reinstall/overwrite

Is there any plan to port this to 3.7 ? In the interim I'm downloading the IPs and domains manually from StopForumSpam.com

v0.61 should work just fine in 3.7. I have access to someones 3.7 development board as it seems to be working great. Ive started on a specific 3.7 version that adds functionality to the user options as a tab - thats coming along nicely and I should have code out within a week, the 3.6 code isnt as easy to add.

It will have the ability to submit details to the remote site and test users details against the remote database if you think they managed to sneak past before the site was updated.

Ive got it going on 3.7.0, he hasnt pulled 3.7.1 yet as hes in the middle of fixing the templates

Just tested on 3.7.1 and it works great!

From an email I sent about recent site activity:

The number died down at 194,270 failed message delivery messages (someone sending with my domain name as the sender/reply to.

Sadly fake registrations started up again but still most are getting caught.

Question. Is it possible to auto ban users based on their email domain suffix (.cn)

I know I can prevent them from signing up with this using the out of box, but I prefer to let them continue to use a suffix I can recognize and am ok with bulk banning and then dump them in ban right away. The spammer (unless they read this post :-?) will not know why they are being banned and this will be quite a big net for me at present time.

Any suggestions?

Personally, I use the User Banning Options and block certain IP ranges / domains from there.

So, you're wanting to LET them join, and then BAN? Why?


Hey pedigree, the log only shows their username as a link if they've completed the registration process, correct?

Because right now they are using .cn domains 95% of the time so it is easy to take a swipe at good versus bad in the registrations that slip through.

If I ban .cn via vbulletin options they will not be able to register and will switch to alternate domains (this is what happened when I tried to use the Vbulletin banning) and the trend may not be as easy to spot

Today, even though the majority of the registrations are banned as soon as they sign up, they continue to use .cn domains.. my logic is that if I auto ban .cn I can make sure the large majority of attempts are caught without ever having to check an RBL or remote service.

This is all subject to the trend variation obviously.

IP addresses were much to hard of a moving target for me. I spent some time trying to amass large lists of proxies and such (thousands and thousands of addresses) and adding them every time one slipped through. A lot of effort for not much success.

I believe very much in the centralized model where a few take the pain for the many so we stop them in their tracks the first time someone reports an issue.. seems to be doing the trick so far for me!

Where are the signup logs stored and where can I view them please ?

AdminCP -> Statistics & Logs -> vbStopForumSpam Logs

Looking at the logs....

25 out of 36 signups have duplicate log entries.

Half of the entries that were successful do not have a link to their user entry in the admin cp

Duplicates in the logs is explained a couple of posts up.

Not being linked, if your configuration is anything like mine, is a result of multiple checks during registration (in my case StopForumSpam and RBL).. You will see a "Registration successful" if it made it past StopForumSpam, but if RBL caught it then there is no link.

So basically, if the user does not exit then there should not be a link to the user (easy concept I just made sound REALLY complicated I think.. heh.. )