Anti-Spam Options - Is Bot: Registration Time Check

This mod calculates the time it takes to go between these two pages:

• /forum/register.php?do=register
• /forum/register.php?do=addmember

The point is to try and prevent bots from registering at your forum when the time between the two pages is humanly impossible, assuming that humans actually take the time to complete the registration page.

Should a user be blocked from registering at your forum, an email will be sent to your vB webmasteremail address and the user will see the vB noregister phrase message, so no screenshot is necessary.

[kpmedia]

Quote:

Originally Posted by StephenKay

Hi,
I'm having problems with spambots submitting multiple requests to register.php?do=addmember; thousands per day.
Of course, since I use the human verification option with graphics etc., they are unsuccessful in completing any registrations. But the traffic is slowing down the server greatly and my ISP is pissed off.
Will this mod do anything to alleviate that issue? Once they are detected by this, does that in any way stop them from making more requests to register.php?do=addmember?

So few people seem to realize the resource hit spammers make. :erm:

The best way is to customize the register.php, and outright block IP ranges you don't need. For me, that's China, Russia, USA proxy/VPS servers, etc. I don't get any legit traffic from the places so it's blocked.

Use mods like this to get ones you miss or haven't added yet. Also use something like stopforumspam.com. The best anti-spam practices implore several concurrent methods to thwart junk.

[Max Taxable]

Quote:

Originally Posted by kpmedia

So few people seem to realize the resource hit spammers make. :erm:

The best way is to customize the register.php, and outright block IP ranges you don't need. For me, that's China, Russia, USA proxy/VPS servers, etc. I don't get any legit traffic from the places so it's blocked.

Use mods like this to get ones you miss or haven't added yet. Also use something like stopforumspam.com. The best anti-spam practices implore several concurrent methods to thwart junk.

It's all about layers, that's right. Tools in the toolbox.

[tsptom]

I really like this mod. Thanks!

[Sonic625]

Quote:

Originally Posted by sv1cec

OK folks, for those who want to automatically enter the spam bot IP address in their banned IPs list, here is a version of the plug-in that should do it for you. It's been tested on vBulletin 4.2, I am not sure if it will work on previous versions.

----- code section ------
$vbulletin->input->clean_array_gpc('p', array(
'isbot_time1' => TYPE_UINT
));

$ipaddress = IPADDRESS;

if ($vbulletin->GPC['username'] && $vbulletin->GPC['email'])
{
$isbot_time1 = $vbulletin->GPC['isbot_time1'];
$isbot_time2 = TIMENOW;
$isbot_timediff = intval($isbot_time2 - $isbot_time1);


if ($isbot_timediff <= 15) // difference in seconds
{
$isbot_username = htmlspecialchars_uni($vbulletin->GPC['username']);
$isbot_email = htmlspecialchars_uni($vbulletin->GPC['email']);

$isbot_subject = $vbphrase['isbot_user_blocked_from_registering'];
$isbot_message = $vbphrase['isbot_the_following_name_email_blocked']
. '
User Name : ' . $isbot_username . '
Email : ' . $isbot_email . '
Time to fill registration form : ' . $isbot_timediff . ' ' . $vbphrase['isbot_seconds_transpired'] . '
IP Address : ' . $ipaddress . ' ';

vbmail($vbulletin->options['webmasteremail'], $isbot_subject, $isbot_message, true);

if ($vbulletin->options['enablebanning'] == 1 AND $vbulletin->options['banip'] = trim($vbulletin->options['banip']))
{
$banned = $ipaddress . " " . $vbulletin->options['banip'];
$db->query_write("UPDATE " . TABLE_PREFIX . "setting SET value = '" . $banned . "' where varname='banip'");
require_once(DIR . '/includes/adminfunctions.php');
build_options();
}

eval(standard_error(fetch_error('noregister')));
}
}
-------------

Copy the above code and enter it in AdminCP/Plug-in Manager/Is Bot. Just click on Edit next to the "register_addmember_process", highlight the Plugin PHP code and paste the above code in there. Click on "Save and Reload" and you are done.

To verify it's working, next time you receive an email from this plugin, compare the IP shown in the email you got, with the IPs in your banned IPs list. The newly banned IP is entered in the beginning of the list, so it should be easy to spot.

My Christmas gift to you guys.

Confirmed working with 3.8.7

[vsd]

Any possibility someone can show me how to stop the emails that are being sent with this plug-in. I read in a reply, someone said they did it, but not how exactly.

[Lynne]

Quote:

Originally Posted by vsd

Any possibility someone can show me how to stop the emails that are being sent with this plug-in. I read in a reply, someone said they did it, but not how exactly.

A search in the thread finds this post - https://vborg.vbsupport.ru/showpost....3&postcount=50

[oldengine]

I'm observing that apparently GlowHost Spam-O-Matic takes precedence in processing over this mod. I'm getting tons of action on Spam-O-Matic, but I was thinking that "IS BOT" could skim off the first layer using less resources? No emails yet.

[TheLastSuperman]

Quote:

Originally Posted by oldengine

I'm observing that apparently GlowHost Spam-O-Matic takes precedence in processing over this mod. I'm getting tons of action on Spam-O-Matic, but I was thinking that "IS BOT" could skim off the first layer using less resources? No emails yet.

You should be able to bypass that by changing the execution order of the mod from 5 to a lower number i.e. 1-4 (since that means 1 is first to execute and so on), so long as it's number is lower than that of the execution order assigned to the glowhost plugins.

[oldengine]

Thanks for that info. I had noticed that Spam-O-Matic quit working when IS-BOT is active, so I have uninstalled for now. It's a mess out there!

I have identified two specific bots that do things in a unique way that I can delete them right off manually. I was hoping to get these hacks set up as a 1 - 2 punch!

Still have things to figure out.

[WOLF-G4MIN-X]

Does this Mod still work with 4.2.5, and is that Mod where one can rename the register.php to something else a possible problem ? Any help is appreciated.

Wolf