The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
vbStopForumSpam Details »» | |||||||||||||||||||||||||||
vbStopForumSpam Mod of the month winner October 2009.... That cant be bad :up: Apologies in advance, this is a copy of the 3.6/3.7/3.8 mod that has been verified to work in 4.0 (its so that I dont get a billion PMs asking if it works in 4.0) This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so. At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration. Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome. What it does It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back. This version doesnt have - whitelisting or the ability to submit users to the database but it will within the next week. - automatic user deletion / post / PM purging. There are good tools out there already, this does something else. Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp. Changes to vB - 3 new database tables - 2 database table alternations - No new templates. - 2 Hook (register_addmember_process & register_addmember_complete) Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete For code to submit spammers to the database, check this post for code changes https://vborg.vbsupport.ru/showpost....&postcount=288 Reported to work - 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3, 4.0 Gold, 4.2pl1,2 Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item. REQUIRES MySQL 4.1.1+ There is a small mod, coded by Wired1 that will allow you to submit spammer details to the database from the admin control panel, here https://vborg.vbsupport.ru/showpost....&postcount=289 This relies 100% on javascript being enabled and makes no tests that it is enabled. You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data. Issues are - The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit Installation - Follow the instructions in the zip file, that includes the file upload the correct folders. Please click Installed The original thread is at https://vborg.vbsupport.ru/showthread.php?t=176481 where there is a wealth of knowledge about the mod, please ask questions in there. Download Now
Show Your Support
|
10 благодарности(ей) от: | ||
alhidaya, bayoujeeper, businessmeet, GlowHost.com, misericorde, mykkal, owning_y0u, RichieBoy67, Sascha Henken, TheLastSuperman |
Comments |
#482
|
|||
|
|||
thx i :up::up:was able to import
|
#483
|
|||
|
|||
Is anyone using this successfully with 4.2.2 PL1?
|
#484
|
|||
|
|||
Yes, works fine for us.
|
#485
|
|||
|
|||
Same here. Using it on 4 vb4.22pl1 forums.
|
#486
|
||||
|
||||
Quote:
Upload this via Admin CP - Plugins & Products - Download / Upload Plugins |
Благодарность от: | ||
djbaxter |
#487
|
|||
|
|||
I'm getting tons of emails a day on this addon and some legit users are not able to register:
Code:
Database error in vBulletin 4.2.2: Invalid SQL: INSERT INTO vbstopforumspam_log (date, ipaddress, email, username, message, blocked, userhash) VALUES (now(), '176.31.149.241' , 'kyqufijuwu72@list.ru', 'CXmu', 'Result on field username - CXmu [REMOTEERR] Unverfied and rejected by policy ', 1, '74207e52630b343fb9ff43f7cdbbfece');; MySQL Error : MySQL server has gone away Error Number : 2006 Request Date : Tuesday, June 17th 2014 @ 06:05:12 PM Error Date : Tuesday, June 17th 2014 @ 06:07:28 PM Script : http://www.hyperlaunch.net/forum/regist.php?do=addmember Referrer : http://www.hyperlaunch.net/forum/regist.php? IP Address : 176.31.149.241 Username : CXmu Classname : vB_Database_MySQLi MySQL Version : Code:
vbStopForumSpam Log Viewer (page 1/73) | There are 1,092 total log entries. |
#488
|
||||
|
||||
Quote:
We reduced the CURL timeout (8 seconds I think) in the SFS plugin code to get around it. I assume your MySQL timeout is 30 seconds which most shared hosts setup. |
Благодарность от: | ||
djvj |
#489
|
|||
|
|||
Thanks for your response AusPhotography.
So I have since uninstalled this mod for the GlowHost version and all my db/sql errors have gone away. I still get the SBS support, so I will be sticking with that plugin. Just for reference, I did contact GoDaddy, but they would not provide details on the server's settings and said I would need to buy a VPS service at least to get access. Obviously that's not an option as the cost is far more for that vs shared hosting. |
#490
|
|||
|
|||
Quote:
Quote:
AusPhotography, is that a solution to the error shown? I have emailed to get the details checked so I can use StopForumSpam. It's working perfectly on another forum we have. This forum is new as the previous was messed up and got deleted. It worked there, too. |
#491
|
|||
|
|||
Regarding the "MySQL has gone away" errors and register.php requests being tied up for 2 minutes or more...
The CURL timeout in the plugin code is 5 seconds as far as I can tell. I think the problem is that CURL has a connection error during that 5 seconds where it can't connect to stopforumspam.com When this happens, it is treated as a normal CURL error and falls back to file_get_contents(url), which I don't think has a timeout. file_get_contents also has trouble connecting and waits a very long time to give up (until after the MySQL link is auto-closed). If an attacker can detect this situation on your site, they would be able to perform an attack like Slow Loris against a vBulletin forum that uses this mod. It's actually easy to "detect" this situation. SFS limits you to 20,000 API lookups per 24 hours, then blocks your IP which will also cause a CURL connection error. Using only 14 requests per minute (so not really detectable by DOS prevention), an attacker can leverage this limit and trigger file_get_contents for every registration attempt after 20,000. Since your IP is blocked, every request will wait until PHP times out. You will run out of PHP child processes, and your forum will be inaccessible. To protect yourself, you should make the following change. In includes/functions_vbsfs.php, find and remove all of these: Code:
if (!($pageContent = @file_get_contents($url))) |
Thread Tools | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|