Yeah, on our site (not vbulletin.org) we get 2 or 3 a day and I'm pretty sure they're human. Edit: ...and spam-o-matic doesn't stop them either.

Can never be too many arrows in the quiver.

Since Sept 18th of 2013 up until January 2nd of 2014 on one forum alone I installed this on, it has prevented over 64,375 spam registrations! Thanks for the mod kh99 nothing but "a job well done" or "bravo" from me to you after seeing those statistics ;).

Thanks, but I think I should give credit where it's due. Max Taxable was telling people to use calorie's Is Bot mod for a long time, and to be honest I was skeptical. But Max paid someone to make a vb4 version with some options, which became very popular, and when that one was deleted by the author I coded this one so that it would still be available. There was also another previous mod by user noppid that works on the same principle.

Let's not forget I tried to pay YOU first, to code the new version.... But you told me you weren't doing any more Mods. Glad you changed your mind on that you're a good egg in my book.

lol, yeah, that was probably one of the many times that I was going to stop working on vbulletin.

Can thank you enough for this.

I was using the old bot_blocker which worked wonders but I needed to re-install it and couldn't find it anymore (the replacement by the same author is just not the same thing).

Your mod is the new bot_blocker :)

If you disable the button does it make it so the mod won't work? How can it catch a spammer if the button won't even work until after your limit has passed?

Bots can't read, they will click the button regardless of what we humans see.

I thought it disabled the button so that it couldn't be clicked. Installed, tested. Working.

How do I get it to move IP addresses to the Miserable users?

Sort of like max said, bots don't use the button at all. The button and the enabling/disabling only apply to a user using a browser. If you were to write a program to connect to a vbulletin site and submit a registration, you could simply ignore those things.

I would have to look at the code to figure out where you could add code to do something with the ip addresses. I'll look when I get a chance.

Right. This is to prevent accidentally trapping a legitimate human. Therefore this Mod does nothing at all against human spammers. It's not designed to address those and doesn't claim to.I strongly advise against doing this. Today's spammer IP might be tomorrow's legitimate user, the way the spammers are now able to spoof legitimate ISPs.

This mod rocks, it's blocked a ton of them. I'll have to do much less pruning in the future.

You could add a little piece of code, to add the bot's IP address to your banned IP addresses list, but the question is why?

The bots will not come back as humans, to register in your site. Their ... business plan is to attack as many sites as possible in the shortest possible time. That's the same reason, why they do not make their programs wait for 60 seconds, before hitting the "register" key.

I had such a routine in my antispam filter, in vB 3.0.xx. More than 60,000 IP addresses attempted to register (yeah, I was saving them in a table), in two and a half years (March 2nd, 2011 to November 23, 2013). Several of them came back more than one times. Always they were stopped by the "too quick registration" filter.

Unless you are prepared to run a special consolidation program, to identify similar IPs, it's not worth it entering the bots IPs in the banned IP addresses list.

What I would suggest, is that you use more than one traps for the bots. For example, this one, the one that checks the IP/email of the registering person against known spammers databases, as well as other traps. For example, use a special field in the registration form (for example, the registering person's country). Most bots do not bother entering that correctly. If you compare that field, with the location of the IP address, you can trap these bots.

So far, in my updated (vBulletin 4.2.2) site, about 98% of stopped bots are trapped by this mod, another 1.8% is stopped by comparing their IP/email to StopForumSpam database (there is a hack for that) and the rest .2% is trapped by my other filters.

Yep always have more than one arrow in the quiver, so to speak.

Banning IPs is so 20th Century - today the botnet admins have the software set to spoof legitimate providers IPs anyway. Banning a spammer IP today means a legitimate user can't register tomorrow.

Still, maybe I had 10 complaints from people whose IP was banned and they were innocent. But those were dynamic IPs, so it doesn't mean they were banned in error.

A never ending war, that's what we are involved in, folks!

One is one too many. Today there's nothing gained by banning IPs, it's ineffective and it's only going to block legitimate people.Yup.

Our challenge and meter is much more difficult than the spammers. Ours is, stopping the spammers without blocking or annoying legitimate people.

But... We are smarter and also better looking then the spammers, this is why they are bottom feeders to start with.:D

Can I show that to my wife? :) :p

Installed this last night. works great on both my forums. using 4.2.0 PL3 and 4.2.2. Think they are great. Been looking for this a long time. Took me a while to find it. Glad I did.
You guys have a lot great ideas for combining to stop the spammers,thanks for sharing that.
I do however, have a question. I can't seem to get the registering member out of the moderation when registering. How do you guys do that. I want my members to be able to go right on in and start being active, not wait on me to accept them.
I have the random question, the email verification to activate, then it puts them into moderation to be accepted. How the heck do I get around that last part. What setting am I missing. I figure it is something simple I just havent seen. Please any insight would be grateful, I am going nuts trying to figure it out.

It sounds to me like you have Moderate New Members set to 'YES' in your User Registration Options.

Great mod , another mod / feature that should come as standard for vbulletin.

I was using Spam Hammer but have just replaced it with this mod due to the fact that it has more options that the SH free version. I like being able to post the blocked attempts in a thread in my Admin section to show the moderators that we are being successful in blocking spammers.

But I doubt that this will be getting much work as Spam Hammer has not been needed to block any bots since I installed the hack to block spam bots by hostname or user agent from registering. But the way I look at things is better safe than sorry! :D

Believe it or not, this will still catch some, it does for me on my site. :)

You're still going to stop alot of auto-registrations with this. The lists for the UA and hostname blocking mods represent only a tiny fraction of what's out there.

Since I installed the UA/hostname blocker, I have only had one registration that was blocked by Spam Hammer and I have had zero false registrations get through both. I'm also running Proxy Alert which may be helping out but I have no real way of knowing how efficient it is because it does not generate any reports or email in the free version.

All I know is that my board is a lot cleaner with these running and that makes me happy!

You're always happier when you know that you are smarter, more creative, better looking, and just overall superior to any botnet admin, spammer supervisor, or spammer alive.

By the way I particularly like the option on this one to give no error message - no "gotcha" message - instead it can be set to give the impression the account was successfully created but it never was. Love that. I hate "gotcha" messages in anti spam Mods. What's the point of them?

Plus it's just clean and simple without any BS and paid bumping of the thread, and endless "updates" that aren't really updates.

It has exactly the options that are needed and no unnecessary padding that does nothing but make it more complex to set up and have more things to go wrong or conflict with other mods. I have no need of a bunch of reports as long as I can get an email or PM or forum post to show me that it is working as it should.

Right now I am using the following: Duplicate IP Report by BOP5; Hostname or Useragent Registration Ban; Multiple Login Detector; Proxy Alert; and finally - Spambot Stopper.
They are all quite simple to install and configure and all work perfectly fine together with no conflicts or other problems.

I previously tried Spam Hammer 1 Series which did a fine job but lacked the options of Stopper, and GlowHost Spamomatic which caused me a few problems right off the bat so I removed it.

I have yet to have so much as one spammer get through to register since setting up this final comprehensive group of blockers. And I have tested the mods I was able to test along with the help of my co-admin on the board and they all work as they should.

And I owe all of this to the link in your signature, Max! :up:

You missed two of the best mods on the list at Ozzy's site, "Ban Spiders by User Agent" and "Rename register.php?"

Is there any real reason to ban spiders? I always thought having them index a site for search engines was beneficial. It's rare that there are more than a couple on my board and they are generally the usual Goolebots. Or are some of these spiders sent out by spammers to find sites to post their spam on?

I keep forgetting the Rename register.php hack. I'll have to grab that and install it. :up:

Just the ones on the list. The good spiders aren't on the list.

Yes banning the bad spiders is a good idea, they just steal bandwidth, and slow the site down.

And yes, many of them appear in the UA string of autospammers and even human spammers.

Because the list consists of known bad agents, not just known bad spiders. This makes it incredibly flexible as a ongoing tool for strengthening your defenses - since you can always add to the list.

OK, sounds good. I've just installed Ban Spiders and I'll see how it goes! Thanks again you guys! If you ever make it up to Montreal, the beer is on me! :up:

I do assume you added the spiders that are in the list? Also, are you using my spiders.xml from my site?

I added the spiders from the list but the xml I used is the one from this post, which is the one linked to on your site from The Era Of Big Spam Is Over thread...

https://vborg.vbsupport.ru/showthread.php?t=268208

It can not be nominated, it has already won MOTM in March 2013. :)

Is this working on 4.2.2 PL1

It was working on 4.2.2 for me until I installed the PL1 patch.

Anyone else having this problem?

Working fine for me on the patch.