vb.org Archive
Page 39 of 123 « First 293738 39 40414989 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.6 Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=194)
-   -   Administrative and Maintenance Tools - vbStopForumSpam - known spammer lookup for new registrations (https://vborg.vbsupport.ru/showthread.php?t=176481)

mmurtha 01-14-2009 02:41 AM
Quote:
Originally Posted by pedigree (Post 1707147)
Im playing with the user information process again. So far, on the user info screen for each user, it lists

registrations from this users registeration / last activity subnet
posts from this users registeration / last activity subnet

etc etc - 9 cross references in total, with a list of the most recent 15 (but definable) for each, with a tick box beside each post / user account.

What I want from you is the actions that you would like to see available.

Im integrating the One touch Spam cleanup mod so one of the options will be that,

"Cleanup and ban"

With a radio box that will allow you to submit the data to our database.

So, what other options other than the "delete all pm, posts, threads and ban" would you like to see available?
Hey pedigree,

This sounds perfect for what I need.

Thanks for taking the time to upgrade the Mod. ;)

thbertram 01-14-2009 11:33 AM
There are a several batches of registration attempts in the vbStopForumLogs where maybe as many as 20 registrations by the same username/IP are listed, and the log Message shows "Allowed Registration," yet no user account was set up. When these occur, I add them to the SFS database.

What should I make of this, if anything? ...and why was no account created (though I'm not complaining!)?

pedigree 01-14-2009 12:44 PM
Quote:
Originally Posted by thbertram (Post 1711973)
What should I make of this, if anything? ...and why was no account created (though I'm not complaining!)?
As covered elsewhere in the thread, this happens when it passes sfs tests and then passes control back to vB for its tests. The registration has failed vB checks/validty and the text really should read "passed SFS testing, passing back to vB for further tests" but thats just way too long.

0.7, its been changed to "Passed"

mmurtha 01-14-2009 01:45 PM
Oh, I always thought these entries were from bots who couldn't finish the signing up process. Perhaps they still are.

Hey pedigree,

I have a quick question if you don't mind. I have a bunch of pages building up. Is it wise to keep them or should I prun them?

My main concern is if I prune them, the same people will try to register again. Or won't that matter?

Thanks ...

Barteh 01-14-2009 08:06 PM
Quote:
Originally Posted by pedigree (Post 1707147)
So, what other options other than the "delete all pm, posts, threads and ban" would you like to see available?
I'd add signatures to that list!

And possibly some way to add all the failed registrations (cfr "vbStopForumSpam Logs") to the SFS DB in a less repetitive strain injury inducing way than copy name -> ctrl-tab -> paste -> ctrl-shift-tab -> copy ip -> ctrl-tab -> paste -> ctrl-shift-tab -> copy email -> ctrl-tab -> paste -> submit -> backspace -> ctrl-shift-tab -> rinse -> repeat. Assuming the IP check is done first, about 10% of registrations seem to come from IPs unknown to the SFS DB, would be nice if we can preemptively exclude those from other board's registration queues :)

pedigree 01-15-2009 09:17 AM
@mmurtha - purging logs wont impact anything else. They use minimal database space

@bartech - Ill see how easily I can add failed registrations to the database but as theyre failed, theyve already been caught and are, mostly complete, in the database. It should be as easy (from your point of view) of a tick box that will post back to the code Im writing for the user functions.

thbertram 01-15-2009 10:38 AM
Quote:
Originally Posted by pedigree (Post 1712023)
As covered elsewhere in the thread, this happens when it passes sfs tests and then passes control back to vB for its tests. The registration has failed vB checks/validty and the text really should read "passed SFS testing, passing back to vB for further tests" but thats just way too long.

0.7, its been changed to "Passed"
Sorry...hadn't read but a couple hundred of the posts and must have missed the one you're referring to. I thought that was might the case, but the IPs and emails were not on my banned lists. One did get through this morning, however, after 11 attempts.

Wired1 01-15-2009 10:48 PM
Quote:
Originally Posted by Barteh (Post 1712510)
I'd add signatures to that list!
Ditto signatures, as well as homepages. Basically clean the profile. Don't forget profile fields. They LOVE to place URLs in custom ones.


Quote:
Originally Posted by Barteh (Post 1712510)
And possibly some way to add all the failed registrations (cfr "vbStopForumSpam Logs") to the SFS DB in a less repetitive strain injury inducing way than copy name -> ctrl-tab -> paste -> ctrl-shift-tab -> copy ip -> ctrl-tab -> paste -> ctrl-shift-tab -> copy email -> ctrl-tab -> paste -> submit -> backspace -> ctrl-shift-tab -> rinse -> repeat. Assuming the IP check is done first, about 10% of registrations seem to come from IPs unknown to the SFS DB, would be nice if we can preemptively exclude those from other board's registration queues :)
Quote:
Originally Posted by pedigree (Post 1713169)
Ill see how easily I can add failed registrations to the database but as theyre failed, theyve already been caught and are, mostly complete, in the database. It should be as easy (from your point of view) of a tick box that will post back to the code Im writing for the user functions.
I'd add a button to the end of the row of the log that submits the data. I know I've submitted a lot based on the fact that they're attempting every 3 seconds for 5 min straight. NOT HUMAN! Doesn't hurt that I have another mod that doesn't let you hit the register button for 15 seconds. This way you know if they're hitting it quicker, they're automatic spammers.

skippybosco 01-22-2009 06:45 AM
Pedigree, at one time you had talked about the possibility of allowing a custom name for the signup link to circumvent (speed bump) script kiddies.. is that still on a wish list somewhere?

I also recall talk of an option to disable registration when javascript is not active.

pedigree 01-23-2009 12:01 PM
skippy

Yes, its on my list and it will work like this.

- the register page will maintain a database table with the last time a certain IP address accessed this page. Its an IP address rather than a vB allocated session as the session can be changed very easily with any POST to the page.
- if the register page has already been accessed within a configurable period of time, the page returns an error and no further processing is done. If a time out window is allocated, then a countdown counter is added to the submit button
- the "submit registration" input button is removed from the template and replaced with a javascript implementation of the removed code, ie document.write("<input>...."). The javascript also writes an encoded javascript code block, linking in a AES decrypt function and an encoded key/challenge pair. The script will decode the AES encrypted javascript that will write a random form field. If that form doesnt exist on the post, its a spambot as a non-javascript browser wont see the submit button but rather a "javascript required" message. This differs from other field scripts in that it will have to AES decode javascript and execute (or give this script individual consideration) in order to get the correct field data, where others are easier to process as the spambot can read field text directly out of a HTML page.


All times are GMT. The time now is 02:14 PM.
Page 39 of 123 « First 293738 39 40414989 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03556 seconds
  • Memory Usage 1,757KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (3)pagenav_pagelinkrel
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete