Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Check Proxy RBL on New User Registration. Details »»
Check Proxy RBL on New User Registration.
Version: 4.1, by DaNIEL MeNTED DaNIEL MeNTED is offline
Developer Last Online: Jul 2014 Show Printable Version Email this Page

Category: Miscellaneous Hacks - Version: 3.6.2 Rating:
Released: 11-17-2006 Last Update: 12-21-2007 Installs: 282
Uses Plugins
 
No support by the author.

Check Proxy RBL on New User Registration Version 4.1

Version 4.1 includes remains unchanged from version 4.0 with the exception of a code fix to deal with an SQL injection security hole in the code.

What does this hack do?

Hooking in at register_addmember_process and register_addmember_complete this hack compares the IP address of the person registering with the Realtime Block List(s) of your choice. Based on your configuration the RBL Checker will then perform one of these actions:
  1. Nothing, the registration continues as normal.
  2. Registration continues as normal, but the user is automatically moved into the "Pending Moderation" group of your choice.
  3. Registration continues as normal, but the user is automatically permanently banned.
  4. Registration is blocked, an error message is displayed to the user.
Please Note: It is strongly recommended that you configure PM or Thread based notification so that you may monitor registrations that are from IPs that are a positive hit on the RBL. Especially if you configure the checker to allow registrations to complete normally.

These options are configurable in AdminCP > Options > DM-RBL Check on Registration.


Why Block Proxies?

Banned and Spammers users often get around IP bans by simply using an open proxy - of which there are thousands - to get around the IP ban. Very few legitimate users slow their surfing by using an anonymous proxy.


How do you Install?
  1. Create a user from which PMs, Posts, etc. will be generated.
  2. In your adminCP obtain values for the "banned" and "pending moderation" groupIDs (Defaults are 8 and 4).
  3. Install the attached product.
IMPORTANT NOTE:You must specify a username if you plan on configuring the AUTOBAN or NOTIFICATION options. Otherwise you WILL get errors.


What is the default config?
By default the RBLChecker will check the IP of a new registration, allow registration to complete, but add the new user to the "COPPA Members Awaiting Moderation" usergroup. You can then approve/reject those members depending on whether you think they are/aren't spammers/trolls.

You can modify the settings in the AdminCP to Ban or Block as you like.


Hack History:

Version 4.1
- Fixed SQL Injection security hole.
- Fixed some minor typos in automatically generated messages.

Version 4.0
- Added ability to specify error reported on blocks.
- Added ability to specify ban reason and custom title.
- Added ability to move users to "pending moderation" group if registration is allowed.
- Updated list of RBLs checked based on testing with lists of "anonymous" proxies.
- Fixed IP address of Notification Posts equalling IP of blocked user. (Now Notification IP = 1.2.3.4)

Version 3.2
- Fixed typo causing blocked registrations to be reported as allowed.

Version 3.1
- change in variable name in v3.0 broke RBL checking. Corrected error.
- match notification now includes the name of the RBL that matches the IP.

Version 3.0
- plugin now fires at "register_addmember_process" allowing the user to completely fill in the form.
- Added the ability to specify more than one RBL.
- Added option to specify whether registration is blocked or allowed to complete.
- Added option to automatically ban registrations that are allowed to complete but have a positive IP match.
- Added option to specify user who is "notifier".
- Added option to specify a forum where a notification thread will be created.
- Added option to supress notification PM / Thread when an IP matches blacklist or known proxy list.
- Added customized error codes for notifications - notification now indicates whether a registration IP has matched the RBL, blacklist, or predefined list of anonymizers.
- Reworded Phrases.
- Removed 10.x.x.x IP from known proxy/anonymizer list.

version 2.0
- Added configuration options under vboptions > DM-RBL Check on Registration.
- Added PM on Block.
- Added option to select RBL.
- Added Custom Whitelist.
- Added Custom Blacklist.
- Added list of free proxies.
- Changed default RBL to sbl-xbl.spamhaus.org
- Added option to enable/disable checking.

version 1.0
- added plugin to check against opm.tornevall.org
- added custom phrase to be reported as error on registration start.


Using this Hack?
If you install this hack please click "Installed" to receive updates.

If you find this hack useful you can always hit that paypal button too...

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #112  
Old 03-23-2007, 11:25 AM
Freezerator Freezerator is offline
 
Join Date: Nov 2001
Location: Den Haag
Posts: 197
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

YOu mean to option to move the user into a moderation que?
Reply With Quote
  #113  
Old 03-23-2007, 11:36 PM
Damien001 Damien001 is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

or two a group when an admin would have to aprove thier account before it could become active
Reply With Quote
  #114  
Old 03-28-2007, 08:37 AM
Damien001 Damien001 is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

yes, also i noticed this overrides the VB registration defaults with regards to banend email addies

I have banned all email addresses ending in @mail.ru but if they using a proxy they get passed that ban for some reason the proxy checker then bans their account.

i would not minde this but we get between 5 to 20 bots registering a day with the @mail.ru and we feel it would be better if mail.ru would not work hence forcing them to use anotehr email which they most liekly would not and there fore go else where
Reply With Quote
  #115  
Old 03-28-2007, 08:51 AM
Damien001 Damien001 is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

also what would be suefull is when it banned that user9if u selected that option) it then said banend due to proxy use or something, as wehave qutie a big list and it usefull tos ee the reasons
Reply With Quote
  #116  
Old 03-29-2007, 08:58 PM
Spinball's Avatar
Spinball Spinball is offline
 
Join Date: Feb 2002
Location: Telford, England
Posts: 705
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hello, nice hack.
First I am not allowing registrations to complete so am not banning anyone, but get the following message posted in the designated forum:
Quote:
ALERT!

Someone has tried to register using the IP Address 219.71.194.233 which is MATCHED IN THE RBL DATABASE of the sbl-xbl.spamhaus.org RBL.

This registration attempt has been denied.

Please be aware that the user may try using other methods in an attempt to register.

Please monitor any new registrations carefully for the next few hours. and the account has been permanently banned.

Registration Details: rotanga ( rotanga43@mail.ru )
And may I suggest that as an option, we specify a thread number and instead of new threads being created in a nominated forum, replies are posted to a nominated thread? This would keep things nice and tidy.
Thanks
Reply With Quote
  #117  
Old 04-01-2007, 04:17 AM
steve71 steve71 is offline
 
Join Date: Dec 2006
Posts: 117
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by DaNIEL MeNTED View Post
I have been doing some testing with different RBL's and google'd lists of open proxy servers... so far list.dsbl.org seems to return the most "hits" for known proxy IPs.

I will be testing it out to see if I get any false positives and may update the product to use it as a default... more info: http://dsbl.org/main
sbl-xbl.spamhaus.org is the current RBL.
list.dsbl.org (can I add this in below sbl-xbl.spamhaus.org in the check proxy admin area?)

Does this mod prevent members from going to tools/internet options/connections/lan settings etc and using a proxy server to register? How about these anonomous proxy lists that can be found on tonnes of websites..how does this mod prevent them from being used to register?
Reply With Quote
  #118  
Old 04-02-2007, 10:22 AM
Damien001 Damien001 is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by DaJoker View Post
Need to change the hook the plugin is using. It is currently using register_addmember_process, but should be using register_addmember_complete. What is happening is when it hits process, and say the user puts in the wrong captcha, doesn't match their passwords, doesn't put in a required field, etc. When you use the _complete hook it fires once the user has properly filled out the registration form. Only use this hook however if you want the registration to complete, but not get multiple notifications. If you are blocking registrations, then leave it using the process hook.

hi, i want to still add members to a certain suer group, but i want it to run through the process that try and stop bots does your method allow for that
Reply With Quote
  #119  
Old 04-03-2007, 06:15 PM
bitdefuser bitdefuser is offline
 
Join Date: Mar 2007
Location: C:\WINDOWS
Posts: 149
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It works!

Suggestions:
Allowing us to enter a ban reason in the settings of the AdminCP.
Option to disable site viewing. (Simply blocks the user from the site.)
Reply With Quote
  #120  
Old 04-05-2007, 07:12 AM
Damien001 Damien001 is offline
 
Join Date: Mar 2007
Posts: 26
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

this mod would be 100 times more effective if it ran the proxy check after confirming that the person details are correct.

i.e. that the image verification word is valid, that if the person using NoSpam that the anwser is valid and that the email address has not been banned

damien
Reply With Quote
  #121  
Old 04-07-2007, 10:12 PM
Muellmann's Avatar
Muellmann Muellmann is offline
 
Join Date: Jun 2006
Location: near keyboard
Posts: 109
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is very useful, my friends forum always was flooded by German trolls. They came five at once and registered with different proxies and filled up all forums with spam and trojan links and with foul language and rampage posting.
God bless you for this wonderful hack! :up:
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:57 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06577 seconds
  • Memory Usage 2,317KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete