|
Quote:
|
Awesome! Also, thanks for your quick reply :).
|
Lately I've been getting a ton of registration attempts lately, all with either iPod or iPhone user agents and the majority of them coming from the same host - vpn999. I have a couple of mods installed, Spam Hammer and Proxy Alert, which seemed to be blocking most of them - neither program sends me an alert email or PM when blocking a registration, sot their effectiveness was not really known - but a few were still getting through. This really wasn't much of a problem because they never confirmed the verification email and as a result had no access to my board. But it was still a pain.
So I was over on Ozzy's site and came across a thread about stopping spammers and decided to give this mod a shot. Wow!! In the little over a day since it's been installed, It's stopped 15 bots from registering and notified me of each one with a nice, clear PM. So now while they're still lurking around, trying to modify their user profile that was never created, I sit back and laugh at them. :D I noticed that no one has posted in this thread for over a year and a half so I figured I'd give it a bump. It's a great mod and really helpful to stop spammers. If you decide to install it, visit Ozzy's site to download the list of hostnames and user agents which is what really makes this mod work so effectively. Here's the original link that led me here. There are a few other very useful mods listed there also! http://ozzmodz.com/showthread.php/50...g-Spam-Is-Over Huge thanks again to Ozzy47 and Max Taxable for their work to keep spammers at bay!!! |
Quote:
|
Yeah this mod,I am surprised it has not drawn more attention, I use it, and recommend it. :)
|
It works great. Blocked 25 so far and just keeps on going. Sure, some if not all of those may have been blocked by Spam Hammer or Proxy alert but I had at least 2 per day getting through and being able to register. Since I installed this mod, not one bot has made it in.
I did find it surprising, however, that every user agent blocked so far has been either an iPhone or iPod. |
Yeah that is a new thing they try to do in order to get through. With this mod, and the rest from the post on my site, using the lists I included, you should be good to go. :)
|
Quote:
That's why this is a excellent bullet to have in the anti-spam gun. Still another layer. |
Quote:
Is it wrong of me to get some perverse pleasure seeing these bots spin around in circles? I wonder if they will ever just give up? LOL :D |
This prevent TOR users?
|
I use Proxy Alert to block TOR users. It works fine in conjunction with this and other mods I have installed to block spammers.
https://vborg.vbsupport.ru/showthrea...ht=proxy+alert |
Quote:
|
Quote:
|
Would be great if this would post in a thread instead of PMing admin for the blocks.
|
Quote:
|
Installed with thanks on 4.1.3pl5 for testing, using ossmodz's list of hostnames... :)
Is it better to have Do Whois option ON or OFF? Regards, Doug |
Quote:
|
Quote:
I've also been trying to locate in "phrases", the text that gets shown... Can't seem to find it. Is there a phrase I can enter to help locate it? Regards, Doug Edit: also, is their a list of useragents, as in Ozz's hostnames that I could start with? |
Quote:
|
Quote:
I was referencing this post ... https://vborg.vbsupport.ru/showpost....1&postcount=41 Is there a phrase that the user who's blocked sees? Regards, Doug |
That would be the phrase, hostusercheck_error
|
Quote:
Thanks again ... Got this running with your list, so will observe and see what happens ... :) Regards, Doug |
Ok... had to turn it OFF quickly... :D
It's blocking our Sucuri Verified Site monitor access ... :eek: I checked the hostname in the PM it sent and it's monitor5.sucuri.net which is not in the list .. :confused: How do I tell this mod that this is ok? What I don't understand, is why it's blocking a registration when there's no registration needed for this access? Thanks... Regards, Doug |
I can check it out when I get home, not sure why, as I use sucuri also, and have no issues.
|
Quote:
I have left the mod OFF for now... I have also sent you a PM with the message I received from mod... ;) Regards, Doug |
Quote:
|
'monitor' could also be in the list.
Also without the exact IP address in question, it could be other things. Such as securi.net is a proxy system. So, if it returned the word 'proxy' and that word is in the list it would be banned. |
Neither sucuri nor monitor are in the list ...
I have the exact IP... Quote:
Doug |
Without seeing your list (please DON'T post that in public), I don't know why it would have banned them. If you want, send me your list via PM and I'll have a look.
The other thing that could be in your list that is associated with that IP is 'LINODE'. And check your hostname list too. Something might be in there. |
If you have it set to do the WHOIS check it might be returning the word "proxy."
|
Quote:
Hostname: monitor5.sucuri.net NetName: LINODE-US <------- This is the important one |
Quote:
But, not finding that either when I search the list he said he is using. |
Quote:
That it's using a i-phone as a UA seems strange to me. Using a spoof UA and trying to register aren't the behavior you would expect of a site monitor. Again, the only way this mod fires is if a register attempt is made. It doesn't block anything else. It does not block access. The key is, "Tried to register." Sucuri Verified Site Monitor is not blocked from access and it has no legitimate business loading the register page.. |
Spammer botnets often infect systems such as these site monitors and verifiers. I believe this mod stopped a attempted bot registration. It did its job.
It did not restrict any other access by your site monitoring service. At all. I recommend you turn it back on. You might ask Sucuri why their bot product is trying to register. |
That is a legit sucuri IP address.
Doug, what do you have in your robots.txt file? |
As Max said, this add-on only triggers when someone tries to register. It doesn't prevent access to the site. It prevents registration.
So if securi attempted to register and either the hostname or useragent for the securi bot contained blocked information then the add-on did it's job. It blocked a registration, that's all. It didn't prevent access to the site. |
Quote:
Point is, it has no business at all loading the register page or trying to register. This mod did its job. And his site monitoring service is not blocked from the site. Just the register page, where it doesn't need to be. I'd leave it. |
Max I wish I could like your posts multiple times, but C'est la vie :D
|
Quote:
|
Quote:
Regards, Doug |
| All times are GMT. The time now is 01:01 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|