Anti-Spam Options - Rename register.php by BOP5

Brought to you by BirdOPrey5 / Qapla.com

It's great when you stop spam bots during registration but this mod gives you a chance to stop them BEFORE they even attempt to register.

I have received multiple reports from people who say their "register.php" was getting hammered with spam requests- so much so it was like a denial of service attack. Even if they disabled registration they would waste so much resources their site was slow or worse- had to be taken offline.

What this mod does is allow you to rename the register.php file- my theory is many of the vBulletin spamming bots are hard coded to look for register.php. Using a unique name will throw them off, at least for a while.

To manually change the name of register.php would have meant dozens, maybe hundreds of manual edits to files and templates previously.

This mod makes it as simple as possible. At worst you will need to edit 2 phrases and 1 file, and some people don't need to edit anything at all.

Compatible with VB 3.8.x (and 3.7, and 3.6 probably too) and all VB 4.x.x versions.

Basic Instructions
1) Import XML File
2) Go to mod settings in Admin CP
3) Rename your register.php file via FTP or some other means- make it a unique value but only use basic letters, numbers, underscores, or hyphens. Something like "joeregister999.php"
4) In the mod settings, set the value of register.php to the new file name you chose.
5) If you require email verification during registration follow the next setting in the Admin CP and edit the phrases listed (activateaccount and activateaccount_chnage phrases in Email Body)
6) Finally, if you use Facebook Connect on your forum make the manual file edit of class_bootstrap.php as instructed.

Now enjoy your new filename for register.php, I hope it reduces server load and spam in general.

------------------------------------------------------

Please "Mark as Installed" if you use this.
Donations always appreciated. :up:
Nominate MOTM if you LOVE it!

----

Note- if having problems sending activation codes or other Admin CP related activities use the solution in post #197.

[djbaxter]

There are other phrases, for example in the Registration FAQ entry, that contain links to register.php that will need to have the anchor text changed. They also link to the newly named register.php after installing this mod.

Do a search for phrases containing the word "Register".

[Speedy131]

I first renamed it to registerforfree.php ... saw no decrease in "fake" registration attempts (about 200 a day)
Then indeed figured still having "register" in the filename may no be the smartest thing to do so I changed it to something else, but still no sign of a decrease in registration attempts.

Perhaps leaving a fake register.php on the server may also help ... those bots might be set up to only look for a registration url if what it considers default returns a 404

Gonna try that first, and if that fails I'll be editing the phrases as suggested.

[David Copeland]

We were getting hammered by China recently, eating up our server resources - even though we have all new registrations go into Moderation. The bots figured out what the answer was to our verification question. Once we changed the question and answer, all the bots stopped. We will continue to monitor the server for a while to see if they return - and if so, we will look at using this mod.

Thanks,

David

[SaN-DeeP]

One of the best modifications, we required to stop SPAMMERS who are hammering register.php page.
Thanks BirdOPrey5

FYI - I had to manually change 5 more language phrases and 5 more places in my style to make this work on 3.x

[BirdOPrey5]

Quote:

Originally Posted by SaN-DeeP

FYI - I had to manually change 5 more language phrases and 5 more places in my style to make this work on 3.x

If the phrases weren't email phrases the mod itself would normally take care of those changes without needing to manually edit the phrases. That is to say- I know register.php appears in a number of phrases/templates but they don't need to be changed.

Do you remember any of the 5 other places?

[SaN-DeeP]

We installed this modification properly, but within few minutes those spammers have started hammering the new renamed register.php
Makes no difference..

Am i missing something ?

[BirdOPrey5]

Then your spammers are either human or following links.

A couple of things-
1) Make sure register isn't in the new file name. make it just some random letters.

2) It has been suggested editing phrases with the word "Register" in it and change it to something else, perhaps an image of the word register instead- but again don't use the word in the file name.

[Christos Teriakis]

Gland to know that my idea to rename register.php as anti-spam protection, became a mod after 3 1/2 years of my post (Jan 9th, 2010):
https://vborg.vbsupport.ru/showthread.php?t=232624

Edited: If you want to extend it a bit to become 100% anti-robot safe, add the following code in the registration form:

Code:

<input type="checkbox" id="malakas" name="malakas" value="1" style="display:none;">

and this code to php file (after form submission):

Code:

if ($vbulletin->input->clean_gpc('r', 'malakas', TYPE_UINT) == 1)
{
   header('location:http://www.disney.com');
}

Bots used to read the page code and fill all fields. Non human can use this as it's hidden. So if this field gets value, means that it's a bot and he will be redirect to ...Disney.com

I'm using it for years and works 100% (always talking for bots).

[BirdOPrey5]

Interesting stuff- never saw that thread before- or didn't recall it if I did. This came about I was talking with other vb support personnel and we had a ticket of someone complaining of having to delete register.php to stop some sort of "bot attack."

I know I had looked into renaming register.php several times over the years but the sheer number of replacements needed always put me off. Finally it clicked to basically use a replacement variable- and more or less that is what the mod does. But it does do a few more complex matches so that if someone links to some other site's register.php page or just types register.php in a post it does not get changed- which it would in a pure replacement variable scenario.

Finally I had to add some magic for links to work in the admincp as replacement vars don't work in the admin cp.

[djbaxter]

Bug in this add-on:

Clicking "Email Activation Codes" from the user panel in the AdminCP does not send the codes and does not give an error message. It just loads the smilies page.