The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
Check Proxy RBL on New User Registration. Details »» | |||||||||||||||||||||||||||
Check Proxy RBL on New User Registration.
Developer Last Online: Jul 2014
Check Proxy RBL on New User Registration Version 4.1
Version 4.1 includes remains unchanged from version 4.0 with the exception of a code fix to deal with an SQL injection security hole in the code. What does this hack do? Hooking in at register_addmember_process and register_addmember_complete this hack compares the IP address of the person registering with the Realtime Block List(s) of your choice. Based on your configuration the RBL Checker will then perform one of these actions:
These options are configurable in AdminCP > Options > DM-RBL Check on Registration. Why Block Proxies? Banned and Spammers users often get around IP bans by simply using an open proxy - of which there are thousands - to get around the IP ban. Very few legitimate users slow their surfing by using an anonymous proxy. How do you Install?
What is the default config? By default the RBLChecker will check the IP of a new registration, allow registration to complete, but add the new user to the "COPPA Members Awaiting Moderation" usergroup. You can then approve/reject those members depending on whether you think they are/aren't spammers/trolls. You can modify the settings in the AdminCP to Ban or Block as you like. Hack History: Version 4.1 - Fixed SQL Injection security hole. - Fixed some minor typos in automatically generated messages. Version 4.0 - Added ability to specify error reported on blocks. - Added ability to specify ban reason and custom title. - Added ability to move users to "pending moderation" group if registration is allowed. - Updated list of RBLs checked based on testing with lists of "anonymous" proxies. - Fixed IP address of Notification Posts equalling IP of blocked user. (Now Notification IP = 1.2.3.4) Version 3.2 - Fixed typo causing blocked registrations to be reported as allowed. Version 3.1 - change in variable name in v3.0 broke RBL checking. Corrected error. - match notification now includes the name of the RBL that matches the IP. Version 3.0 - plugin now fires at "register_addmember_process" allowing the user to completely fill in the form. - Added the ability to specify more than one RBL. - Added option to specify whether registration is blocked or allowed to complete. - Added option to automatically ban registrations that are allowed to complete but have a positive IP match. - Added option to specify user who is "notifier". - Added option to specify a forum where a notification thread will be created. - Added option to supress notification PM / Thread when an IP matches blacklist or known proxy list. - Added customized error codes for notifications - notification now indicates whether a registration IP has matched the RBL, blacklist, or predefined list of anonymizers. - Reworded Phrases. - Removed 10.x.x.x IP from known proxy/anonymizer list. version 2.0 - Added configuration options under vboptions > DM-RBL Check on Registration. - Added PM on Block. - Added option to select RBL. - Added Custom Whitelist. - Added Custom Blacklist. - Added list of free proxies. - Changed default RBL to sbl-xbl.spamhaus.org - Added option to enable/disable checking. version 1.0 - added plugin to check against opm.tornevall.org - added custom phrase to be reported as error on registration start. Using this Hack? If you install this hack please click "Installed" to receive updates. If you find this hack useful you can always hit that paypal button too... Supporters / CoAuthors Show Your Support
|
Comments |
#52
|
|||
|
|||
Operationally, there is no difference between any proxy and one that puports to be an anonymous proxy. All that an anonymous proxy is is one that strips out any data that might be used to track back to the proxy user (often cookies, common server headers, etc).
To answer your question, proxies.dnsbl.sorbs.net will block all proxies registered with it, anonymous or not. Now, it's possible that your understanding of what an anonymous proxy is might be different than that of mine, but I can assure you that they aren't any sort of special beast that is hard to slay. They're just proxy servers. |
#53
|
|||
|
|||
ok well for example i have that in there but say you go to this site. http://anonymouse.org/anonwww.html try to register on your site with a new name i bet it works. I havent found a way to block these sort of sites yet cause they dont seem to pass the http variables.
|
#54
|
|||
|
|||
Quote:
I may look at building a "report an IP" function into my next release so I can build on the list of proxies that get past the RBL. |
#55
|
|||
|
|||
Another method of configuring the RBL checker would be to do the following -
1) Create a new user group based on whatever group your "registered users" end up in and call it "Possible Trolls". 2) Set RBL Checker to allow registration but "autoban" user into the "possible troll" group. You can now watch these users a little more closely - and if satisfied they're not trolls you can move them to your registered users group. |
#56
|
||||
|
||||
I have added this to my board but It doesnt appear to work I had a user who is on the sbl-xbl.spamhaus.org list but he was not blocked. I check the that the plugin was active, settings were good. Any ideas why this would occur.
|
#57
|
|||
|
|||
You are correct ... I had tested everything was working but then cleaned up some variable names to standardize all the variables I use in the product and managed to misname one of the variables used in the RBL checking part of the code. Please download and install 3.1 - tha pronblem is fixed and I've also changed the error message for RBL blocked users to include the name of the RBL doing the check (over time this should let people prune the list of RBLs they use down to the most effective one.)
Also - doing some tests with lists of free anonymous proxies and it looks like dnsbl.ahbl.org blocks the most IPs (checking on dnsstuff.com) the only problem is that www.ahbl.org has NO information so I'm not willing to make it the default or use it on my production forum. Once I can get some information on it I may make it the default - certainly it reports all the open proxies as being such using DNS stuff. Thanks for pointing out the RBL check wasn't working SinisterPain... |
#58
|
||||
|
||||
Thanks for the update, as I have been overwhelmed recently with spammers.
|
#59
|
||||
|
||||
might wanna check it again cause its not working still atleast for me
It seemed to work fine now just got my first bust |
#60
|
|||
|
|||
Which proxy are you using for testing? Works for me with any anonymous proxy I found using a combination of spamhaus.org and ahbl.org I blocked all attempts from anonymous proxies.
|
#61
|
||||
|
||||
Sorry I edited my post above, to say it did work any thank you for this great mod.
|
Thread Tools | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|