vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Please help with spam accounts (https://vborg.vbsupport.ru/showthread.php?t=293885)

leannet 01-13-2013 09:03 AM
Please help with spam accounts
 
I'm getting a lot of spam accounts up to 30 a day. I have been deleting these and I recently turned off new members so no one could join. I left it for over 2 weeks and I just turned it back on and had 11 new members within 15 minutes all fake, spam accounts.
Is there any way to help control or stop these ?

Mko 01-13-2013 01:11 PM
I normally have two pretty effective methods to stop spammers.
#1. reCAPTCHA. Go to http://www.google.com/recaptcha and register to get a Public and Private key. Then, in a new tab/window, open up your Forum's Admin Control Panel and go to vBulletin Options -> Human Verification Manager.
Select the 'reCAPTCHA' button and hit save. After doing so, the page will refresh, and you'll see the reCAPTCHA options. Paste the corresponding public/private keys into the fields then select the color of the reCAPTCHA. Then, you're all done.

ONLY DO THIS STEP IF YOUR FORUM USES HTTPS:
However, if you use https:// for your Forums, you'll need to do some template editing. Under the Human Verification Template group, you'll see the template called 'humanverify_recaptcha'.
Replace the contents of it (shown below):
HTML Code:
<fieldset class="fieldset">
    <legend>$vbphrase[image_verification]</legend>
    <input id="hash" type="hidden" name="${var_prefix}[hash]" value="$humanverify[hash]" />
    <script type="text/javascript">
        var RecaptchaOptions = {
            theme : '$humanverify[theme]'
            <if condition="$humanverify['langcode']">,lang : '$humanverify[langcode]'</if>
        };
    </script>
    <div dir="ltr">
    <if condition="$show['recaptcha_ssl']">
        <script type="text/javascript" src="https://api-secure.recaptcha.net/challenge?k=$humanverify[publickey]">
    <else />
        <script type="text/javascript" src="http://api.recaptcha.net/challenge?k=$humanverify[publickey]">
    </if>
    </script>
    </div>

    <noscript>
        <if condition="$show['recaptcha_ssl']">
            <iframe src="https://api-secure.recaptcha.net/noscript?k=$humanverify[publickey]" height="300" width="400" frameborder="0"></iframe>
        <else />
            <iframe src="http://api.recaptcha.net/noscript?k=$humanverify[publickey]" height="300" width="400" frameborder="0"></iframe>
      </if>
      <br />
      <textarea name="recaptcha_challenge_field" rows="3" cols="40">
      </textarea>
      <input type="hidden" name="recaptcha_response_field" value="manual_challenge" />
    </noscript>
</fieldset>
with:
HTML Code:
<fieldset class="fieldset">
    <legend>$vbphrase[image_verification]</legend>
    <input id="hash" type="hidden" name="${var_prefix}[hash]" value="$humanverify[hash]" />
    <script type="text/javascript">
        var RecaptchaOptions = {
            theme : '$humanverify[theme]'
            <if condition="$humanverify['langcode']">,lang : '$humanverify[langcode]'</if>
        };
    </script>
    <div dir="ltr">
    <if condition="$show['recaptcha_ssl']">
        <script type="text/javascript" src="https://www.google.com/recaptcha/api/challenge?k=$humanverify[publickey]">
    <else />
        <script type="text/javascript" src="http://api.recaptcha.net/challenge?k=$humanverify[publickey]">
    </if>
    </script>
    </div>

    <noscript>
        <if condition="$show['recaptcha_ssl']">
            <iframe src="https://www.google.com/recaptcha/api/noscript?k=$humanverify[publickey]" height="300" width="400" frameborder="0"></iframe>
        <else />
            <iframe src="http://api.recaptcha.net/noscript?k=$humanverify[publickey]" height="300" width="400" frameborder="0"></iframe>
      </if>
      <br />
      <textarea name="recaptcha_challenge_field" rows="3" cols="40">
      </textarea>
      <input type="hidden" name="recaptcha_response_field" value="manual_challenge" />
    </noscript>
</fieldset>

#2. An extra registration question effectively stops most bots.
I followed THIS GUIDE (which is very clear and useful) on how to implement an extra registration question.


Regards,
Mark

ForceHSS 01-13-2013 01:42 PM
<a href="https://vborg.vbsupport.ru/showthread.php?t=289463" target="_blank">https://vborg.vbsupport.ru/showthread.php?t=289463</a>

leannet 01-14-2013 12:54 AM
Thank you

dizzynation 01-14-2013 04:28 AM
i found Question/Answer to be more efficient then cCaptcha

leannet 01-15-2013 11:34 AM
I added the question/answer and it stopped for about 4 hours but they are back again, might have to try the cCaptcha

--------------- Added [DATE]1358294687[/DATE] at [TIME]1358294687[/TIME] ---------------

People are getting the question wrong and still getting through.

jpsandiego 02-07-2014 06:35 PM
How do you actually get vBulletin to use reCaptcha over SSL?

I found in the styles how it's checking for "recaptcha_ssl", but that doesn't appear to be a configuration parameter... Do I have to set a custom variable in each style to enable that?

Max Taxable 02-07-2014 08:14 PM
Just end it all without the obsolete gimmicks.

The Era of Big Spam is Over

TheLastSuperman 02-07-2014 10:32 PM
Erm SSL is not obsolete... however I know how you meant that so just a :p for you lol.

Try this: https://vborg.vbsupport.ru/showthread.php?t=276547

As for SSL in vbulletin it should be a simple matter of setting the BBURL to https://yoursiteurl.com/forum etc and that's it, re-captcha should work fine I was just on a https vbulletin 4 forum and no changes were required so not sure why you're having troubles.

Edit: Although to be fair on that forum I do not believe they use re-captcha so editing may or may not be required, if someone has more insight on this please share as I have not looked into it in-depth at all.

jpsandiego 02-07-2014 11:00 PM
The trouble looks to be that since we have offloaded SSL to a load-balancer vBulletin does not identify that it's running under SSL - even with bburl set with HTTPS.

I ended up updated the recaptch plugin to always set true for 'recaptcha_ssl' and things are working now.


All times are GMT. The time now is 11:43 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01119 seconds
  • Memory Usage 1,750KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_html_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete