Anti-Spam Options - Rename register.php by BOP5

Brought to you by BirdOPrey5 / Qapla.com

It's great when you stop spam bots during registration but this mod gives you a chance to stop them BEFORE they even attempt to register.

I have received multiple reports from people who say their "register.php" was getting hammered with spam requests- so much so it was like a denial of service attack. Even if they disabled registration they would waste so much resources their site was slow or worse- had to be taken offline.

What this mod does is allow you to rename the register.php file- my theory is many of the vBulletin spamming bots are hard coded to look for register.php. Using a unique name will throw them off, at least for a while.

To manually change the name of register.php would have meant dozens, maybe hundreds of manual edits to files and templates previously.

This mod makes it as simple as possible. At worst you will need to edit 2 phrases and 1 file, and some people don't need to edit anything at all.

Compatible with VB 3.8.x (and 3.7, and 3.6 probably too) and all VB 4.x.x versions.

Basic Instructions
1) Import XML File
2) Go to mod settings in Admin CP
3) Rename your register.php file via FTP or some other means- make it a unique value but only use basic letters, numbers, underscores, or hyphens. Something like "joeregister999.php"
4) In the mod settings, set the value of register.php to the new file name you chose.
5) If you require email verification during registration follow the next setting in the Admin CP and edit the phrases listed (activateaccount and activateaccount_chnage phrases in Email Body)
6) Finally, if you use Facebook Connect on your forum make the manual file edit of class_bootstrap.php as instructed.

Now enjoy your new filename for register.php, I hope it reduces server load and spam in general.

------------------------------------------------------

Please "Mark as Installed" if you use this.
Donations always appreciated. :up:
Nominate MOTM if you LOVE it!

----

Note- if having problems sending activation codes or other Admin CP related activities use the solution in post #197.

[CAG CheechDogg]

I have not had any problems with spam at all since I installed this ... actually not one single spam account at all! And it has been since the day he released this mod that I have not had any spam or bots hitting my new register.php file ...

[BirdOPrey5]

There is no one perfect anti-spam mod... The main purpose of this mod was to help people who were having bots specifically target register.php.

Some people have found it effective in general spam prevention, some have not- it is up to you if the few minutes of installing and setting it up is worth it to you. Maybe it's only stopping 5% or 10% of spammers- what I do know is that there are at least *some* spam bots out there that are hard coded to look for register.php can can't continue if it doesn't find one.

Others may have always simply looked for a "register" link on the forum and in that case this does not help.

Tip:- For those claiming total ineffectiveness make sure you don't have a register.php file in your forum directory. Some people have upgraded their VB versions or re-uploaded a fresh copy of the VB files and of course if you do that register.php will come back if you don't rename it again. You'll have both the custom name and the original name on the server and the bots will find the original name and be able to use it. The original register.php must not exist after you rename it.

[Max Taxable]

Quote:

Originally Posted by CAG CheechDogg

I have not had any problems with spam at all since I installed this ... actually not one single spam account at all! And it has been since the day he released this mod that I have not had any spam or bots hitting my new register.php file ...

Alot of the problem with it, from people I have actually helped with it, is related to their own attention to detail (lack of) in installing this.

However even in the perfectly done install world, like at OzzModz, we still get the spam attempts. Which are stopped by, other Mods.

There's no silver bullet, it takes several bullets to inhibit spam.

[U-Fig]

Hello,
this is a great product andf i have had it installed for a while now, however, I found a teensy issue with it in regards to manually sending activation codes from the users profile page in the adminpanel, the button saying 'Email Activation Codes' that is on top of the profile page for a user awaiting email conformation still leads to register.php instead of the new value.
sorry if this was already answered and i missed that, thanks. otherwise a great mod.

[BigAl205]

This mod works great, but it's best if you come up with a name that doesn't have the word "register" or "join" in it because bots are searching your site for those keywords, and "register123" would still be found. It would be best to name it something that isn't even a real word, such as "reboster" or the like. The end user might see it in the URL during the registration process, but it will still function the same.

I also recently created an IP logger and named it "register.php", that way if any bot tries to visit the standard registration page, its IP gets logged into a text file so I can block them later. Just over a matter of 2 days I've already caught some China-bot IPs in my little web trying to register.

[addamroy]

The "email activation codes" option does not work with this mod enabled.

Specifically, if you try to 'email activation codes' via a user's profile, it redirects to the standard register.php page which becomes a 404.

Can you fix this please?

[BirdOPrey5]

Hello,

It should work, if not something else is interfering. I'm afraid it can't be fixed- I had to use a lot of tricks to get that to work at all.

What you could do as a work around is make a copy of register.php, put it where it is supposed to be, but in your .htaccess file deny anyone from loading the page except for your ip address.

Create (or add to) an .htaccess file:

Code:

    <Files register.php>
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
    </Files>

Replace the red IP address with your own IP address.

Obviously the above is for Apache servers only. If on IIS or something else you'll need to figure out how to translate that to your own server, I'm sorry I have no idea how.

[too_cool_3]

Quote:

Originally Posted by heyzeus909

Sorry if this is a repeat, but the Tapatalk stuff earlier in the thread confused me - which is easy to do. I just wanted to confirm that it's probably a good idea for owners of Tapatalk enabled forums to take go to AdminCP > Settings > Options > Tapatalk Options > Register page url: *change_to_renamed*.php

Thank you for your work.

This might be good info to include in the first post =)

I just installed this mod (thanks BoP5!) and renamed my register.php to something without the word register in it and within a couple minutes bots are still hammering my register.php, I have about 3-5 on that page at all times. Is there anything else I can do to stop them from getting through?

[CAG CheechDogg]

Block those IPs using htaccess ...

[ozzy47]

Did you follow all the instructions and change everything?