And of course, the email reports your mod generates do tell us the times used by the bots, and why they failed register. And I spent a whole year charting them. Speed is their whole business.

I never used the "wait for time to expire" feature though. It tips off the minimum time setting.:D

I have added a little bit of functionality to spambot blocker. Mainly it is to write all the attempts of spambots trying to register into a log, well, actually a DB table, so that those attempts can be data-mined afterwards. E.g. that way I can see with certainty, what I already suspected: more than 80% of all spammers are using @yahoo.com email addresses.

I am attaching a few screenshots of the results of the data captured for two weeks now. If anybody is interested in the changes, post here and I will create a list of changes.

A live version of those pages can be found at: http://www.rx3forums.com/forums/pages.php?pageid=4

Added another feature to this mod: Now it does add the spammers IP address to the list of banned IPs. That way the first time they try to register is also their last time. Since that list could potentially get rather long I am currently discussing to change this and put the list of blocked IPs into the DB into its own table. That way access would not slow down dramatically over time but stay rather rather constant and would only be one (rather simple) SQL statement.

Thoughts?

This is a brilliant idea IMO. Would there be a way to choose in the admin panel if you wanted to have the IP's added to the banned IP list in Settings > Options > User Banning Options or via a separate DB table?

apleschu has been kind enough to share his additions, but I haven't had a chance to release them yet. But I will.

Regarding the banned ip lookup, I don't really know what to recommend when it comes to that kind of thing. But I remember a few years ago we tried this thing called zbblock which automatically blocked IPs, and the way it works is to ban one it appends it to a file (separated from the preceding one by a comma). Then to check an ip it does file_get_contents, then uses the php function substr_count. Anyway, just another idea. Edit: ...but now that I think about it, that was probably done because zbblock doesn't use a database at all. Although it does have the advantage of being able to do it's work before vbulletin does it's initialization.

Right now I have the blocked IPs in the default blocked IP list. *I* am a fan of using standard facilities unless there is a need not to, so for now I see no reason not to keep the list of IPs in the default spot.

In addition I have set it up in a way so that the list is also sorted, so that it can be searched faster by a binary search rather than the linear search that is currently implemented. Either someone else is going to implement the binary of at some point in the future when I get to have too much time on my hands again I will change/add that

kh99: I am going to IM you what you need. Specifically because I made this already IPv6 safe ;) So there are a few changes to the package I sent you, that was only IPv4

OK, sounds good. I guess I thought you wanted to change it because you thought keeping it in the setting might end up causing problems when it gets big, but I don't have any specific reason to think that myself.

honestly, I don't know yet. for now I let it coast and see where that goes. if I find the energy and time to implement a binary search then that would still be LOTS faster than any DB search. Although the memory use would be unpredictable, especially if that would be used by forums that have 10's of thousands of banned IP addresses. And with the voracity the spammers are trying to register at my tiny forum it can't take too long before I have that.

I guess I will cross that bridge when I get to it. Right now this works and it works nicely. Once a spammer is identified their IP is blocked for good and they will never again use processor cycles or even given a second chance to see if they got smarter.

You guys are the pros when it comes to figuring out which methods work best with the least overhead. If using the vBulletin "built-in" blocked IP section works good enough, then it should be just fine for my small forum as well. I generally like mods / plugins that don't make changes to databases anyway.

Just watching the SpamBot Stopper log the IP's of every attempt, i'm sure the IP lists will be in the thousands in no time. They're almost always IP's from China anyway.

EDIT:
I forgot to ask. Does the latest version here in this thread need to be downloaded and installed to get gain this functionality?

hmmmm.... this Missing or invalid check value was mention but never answered.

I still get it ever so often...