Thread: Administrative and Maintenance Tools - vbStopForumSpam - known spammer lookup for new registrations
View Single Post
  #167  
Old 07-25-2008, 11:52 PM
StepOnFrog StepOnFrog is offline
 
Join Date: Apr 2006
Location: The Pub
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by BadgerDog View Post
Ok, I just had a legitimate new member try to register and he got the spammer rejection message (our very first)....

It didn't like his IP address, indicating it has been used by someone to spam forums in the past. Here?s the information from the log:



What's very odd is that the actual IP address he was using when he tried to log on our site was IP Address: 195.93.21.8, which differs from the one he was rejected for?

Is something broken here?

By the way, I changed the username and email address for pivacy purposes.

Regards,
Badger


This MOD *looks* good, but the *most* important thing that users should be aware of is the possibility that a spammer's IP Address on one day (say Sunday 20th July, 2008) may be completely different from the one presented the day after (Monday 21st July, 2008).

IP addresses are dynamic, especially nowadays that BroadBand has hit off in such a huge way; simple thoughts... how many IP addresses are there, and how many people are there usin the internet, not to mention legitimate businesses? Just check your IP somewhere, switch off you system for a few minutes and restart... then recheck you IP. I'll bet both my hairy ones on the liklihood that your IP will have changed... more so in busy periods.! :erm:

Ergo, don't bother blocking IP Addresses, becuase it's very likely that you'll be blocking legitimate customers.! Really, the way to prevent spamming, is at registration, as this MOD does, but perhaps this MOD should add usernames and email addresses to a list when the Image Verification is failed and session cookie is different on reregistration.... :up:
  • If IV is failed and session cookie/date & time the same as last registration - possibly a legitmate user has input image code wrong, so add user to spammer list, but moderate posts when actually registered.
  • if IV is failed and session cookie/date & time is different from last attempt - likely to be a spammer returning... spambot sends registration info, but fails, and human equivalent returns to register (complete the job), so the session cookie and date/time will have changed for the same username.

The reason for this style of prevention: I've had a few spammers (or possibly the same one) returning to register after the SpamBot had failed only days earlier. :erm:

These threads explain it all in a lot more detail....
https://vborg.vbsupport.ru/showthread.php?t=184030
https://vborg.vbsupport.ru/showthread.php?t=185707
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01622 seconds
  • Memory Usage 1,769KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete