vb.org Archive
Page 6 of 6 « First 45 6
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)
-   -   Anti-Spam Options - Rename register.php by BOP5 (https://vborg.vbsupport.ru/showthread.php?t=297834)

too_cool_3 12-17-2014 04:40 AM
Quote:
Originally Posted by CAG CheechDogg (Post 2527564)
Block those IPs using htaccess ...
The IPs are always changing so it would be a lot of work to keep adding them. Usually always from .eu or .ru IPs. I could block all IPs coming from there but that would not be ideal.

Quote:
Originally Posted by ozzy47 (Post 2527571)
Did you follow all the instructions and change everything?
I followed them to a T.

- Renamed register.php to something unique and not with register in the name.
- Changed the two phrases as instructed.
- Edited my Tapatalk setting to reflect the new name.
- Even changed up my notification encouraging registration that displays for guests to reflect the new unique register.php name and removed the reference to register opting to hyperlink a different word.

--------------------------

There are still bots always on my new register.php, unfortunately. I have new registrations temporarily closed until I can get this resolved as they were getting through my Human Verification questions (which are pretty hard/unique and don't contain the answer in the question).

I'm thinking next step would be to re-open registrations but try the New reCAPTCHA if it's a better deterrent then Questions? Or try GlowHost Spam-O-Matic.

ozzy47 12-17-2014 09:26 AM
Nope, read this thread, and do as I suggest there, The era of Big Spam is over.

There is a couple of bot/spiders lists in that thread, make sure to use them in the respective mods. :)

EasyEazy 12-20-2014 08:39 PM
Installed and working fine

Thanks

ozzy47 12-20-2014 08:52 PM
Yeah this mod will work pretty good. In about 8 months, I have blocked 12,911 attempts with this mod.

CAG CheechDogg 12-21-2014 12:54 AM
I love this Mod myself ...I was getting hit "HARD" before I installed this, now I honestly don't get hit at all ...maybe 3 times in the last year lol ...no lie!!!

ozzy47 12-21-2014 01:11 AM
Yeah the mod is awesome, the count I posted earlier is just auto boys that are coded to go to a site and try and access register.php

I just have that file with some code in it to update the db when someone tries to access the original file. :)

CAG CheechDogg 12-21-2014 01:14 AM
Nice Ozzy..and just a tip for you guys who are planning on using this mod....DO NOT use the words register, sign up, new account, account to rename your new register.php...use something that is almost like a password .... the words register, signup, newaccount or anything similar will attract the spammers and bots ...

ozzy47 12-21-2014 01:21 AM
Yeah it can not contain any deretive of the word register, as well as the phrases can not contain the same. :)

CAG CheechDogg 12-21-2014 02:05 AM
You saw what I named my new register.php lol ..no one would ever think of that right? lol ... I got a "WIENER" !!!! LOL :)

ozzy47 12-21-2014 08:14 AM
I don't think anyone will guess it. :)

ozzy47 01-11-2015 09:51 PM
Noticed a error within the mod. If you leave the New File Name For register.php setting blank, to disable the mod, you get a bunch of these errors on the online.php page.

Code:
Warning: strpos(): Empty needle in /home/ozzmodz/public_html/includes/functions_online.php(1245) : eval()'d code on line 35

BirdOPrey5 01-11-2015 10:13 PM
Quote:
Originally Posted by ozzy47 (Post 2531973)
Noticed a error within the mod. If you leave the New File Name For register.php setting blank, to disable the mod, you get a bunch of these errors on the online.php page.

Code:
Warning: strpos(): Empty needle in /home/ozzmodz/public_html/includes/functions_online.php(1245) : eval()'d code on line 35
Thanks.

In the mean time users should either disable the mod via the Product Manager or if you want go to Plugin Manager, edit the Location Fix plugin.

Erase everything that is there and paste this in its place:

Code:
global $vbulletin;
if ($vbulletin->options['bop5rr_register'] AND $vbulletin->options['bop5rr_register'] != 'register.php')
{
  $regpage = $vbulletin->options['bop5rr_register'];

  if (strpos($userinfo['location'], $regpage) !== false)
  {
    $userinfo['action'] = $vbphrase['registering'];
    $handled = true;
  }
}
Will make the change in the next update.

ozzy47 01-11-2015 10:16 PM
Good stuff Joe, works just fine now. :) Thanks for the quick update. :)

CAG CheechDogg 01-12-2015 05:44 AM
So is that the (patched) code or just a (for now) fix? ...

ozzy47 01-12-2015 09:23 AM
You need to manually make the changes for now, the product is not updated.

CAG CheechDogg 01-12-2015 12:53 PM
Ok good stuff ... thanks ozzy ...

ozzy47 01-12-2015 10:29 PM
Not a problem. :)

Cla75 05-02-2015 12:24 PM
Ciao BirdOPrey5

When I change the two instances in class_bootstrap.php the forum does not charge the index.
Returning to the original class_bootstrap.php everything works with vb 4.2.1
Obviously I also renamed the file register.php.

What am I doing wrong?
I followed your guide "Rename register.php by BOP5 Readme.txt" three times, but the same problem

Thanks

BirdOPrey5 05-02-2015 01:54 PM
The file changes are only required for Facebook Connect to work correctly- it doesn't change any index- can you explain what you mean by changing an index?

Installing the mod and enabling it is what changes the register.php link in the forum code, and a few phrase edits to change the URL in emails.

Scalemotorcars 02-12-2019 01:15 PM
Well, nuts I thought this would get the Spam bots off my server for at least a little while. They found the new registration page in a matter of hours.

I used a very random URL and they still found it. Someone must have gotten it manually.

So Im using Spam-O-Matic and that catches nearly all these ******. I rarely get a spam post so that's good. I'm just trying to get the bots off my server.

Any ideas? They hit the registration page every few seconds.

BirdOPrey5 02-12-2019 01:26 PM
Are you certain you deleted (or renamed) register.php and didn't make a copy of it under a new name? If register.php still exists it will work even if you aslo have a page like dshsah23h2.php to register on.

BirdOPrey5 02-12-2019 01:28 PM
You may want to disable registration completely and use my "Really Fast Registration" mod in its place, that will be a significant change for the spam bots to overcome. Only downside is registration needs to be very basic, no custom questions.

https://vborg.vbsupport.ru/showthread.php?t=301283

Scalemotorcars 02-12-2019 01:42 PM
Wow, thanks for the fast response.

Im sure its changed. I used a password generator with numbers, letters, uppercase, and lowercase to get about a 14 character random URL then renamed the old one via FTP. Register.php just 404's now.

Do you think there is any chance the cache in the spambot is till allowing it access? Long shot but maybe.

As for the quick registration, I'm concerned it will not work with my spam plugin. Like I said it catches 99.9 of the bots. All I'm trying to accomplish now is to get the bots off the server. Hitting it every few seconds is really adding to my load.

BirdOPrey5 02-12-2019 04:51 PM
I don't know... Is there at least a temporary delay when you rename the registration page before the spam registrations start again? If not I wonder if it is possible there is a backdoor on your forum being exploited for registrations. One way to check would be to turn off registrations for a bit and confirm no new people register.

Scalemotorcars 02-12-2019 06:13 PM
Quote:
Originally Posted by BirdOPrey5 (Post 2598458)
I don't know... Is there at least a temporary delay when you rename the registration page before the spam registrations start again? If not I wonder if it is possible there is a backdoor on your forum being exploited for registrations. One way to check would be to turn off registrations for a bit and confirm no new people register.

It was about a 4 hour delay but that's a good ideal I'm going to try turning it off the rest of today and see what happens.

I'll post back.

Scalemotorcars 02-12-2019 09:01 PM
So far no new attempts to register when New Registration is turned off so I guess that's good news.

Is there a way to hide/spoof the url that's displayed for this? A URL rewrite so they can't just copy what's displayed in the browser and plug in the new URL into the bot.

Scalemotorcars 02-13-2019 03:24 PM
I just wanted to add that this mod is helping allot actually. I was being hit with spambots every few seconds all day every day trying to register. So far after a few days Im down to about 100 a day. That's a big change, thanks.

Still, it would be nice to be able to hide the URL somehow. I'm sure it can be done but I'm no wiz with htaccess so maybe someone would be willing to take up the challenge.

BirdOPrey5 02-14-2019 11:15 AM
I can't think of anyway to hide a URL that it would still work.

In Omnibus 02-14-2019 12:35 PM
You might want to try blocking bots by user agent at the server level.

Hostboard 03-30-2020 01:43 PM
Quote:
Originally Posted by Scalemotorcars (Post 2598466)
I just wanted to add that this mod is helping allot actually. I was being hit with spambots every few seconds all day every day trying to register. So far after a few days Im down to about 100 a day. That's a big change, thanks.

Still, it would be nice to be able to hide the URL somehow. I'm sure it can be done but I'm no wiz with htaccess so maybe someone would be willing to take up the challenge.
Here is an example on how you can achieve this:

Code:
<html>
<head>
 <Title>Hide the URL from Address bar</title>
</head>
<body>
 <a href="http://www.google.com">Normal Link</a>
 <a href="javascript:void(0)" onclick="location.href='http://www.google.com'">Hide Link</a>
</body>
</html>

chudvs 04-06-2020 01:33 AM
if its chinese spam bots stick this in your .htaccess file...

Chinese Spammers
RewriteCond %{HTTP_USER_AGENT} ^.*(Mb2345Browser|LieBaoFast|zh-CN|MicroMessenger|zh_CN|Kinza|Bytespider|Baiduspid er|Sogou).*$ [NC]
RewriteRule .* – [F,L]

wolfe 10-22-2023 01:13 PM
Seems to clash with this https://vborg.vbsupport.ru/showthread.php?t=315960


getting this reCAPTCHA could not be verified due to server issues. Please try again later. on people requesting new passwords.


All times are GMT. The time now is 03:04 AM.
Page 6 of 6 « First 45 6
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01379 seconds
  • Memory Usage 1,809KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_code_printable
  • (5)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (32)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete