Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Check Proxy RBL on New User Registration. Details »»
Check Proxy RBL on New User Registration.
Version: 4.1, by DaNIEL MeNTED DaNIEL MeNTED is offline
Developer Last Online: Jul 2014 Show Printable Version Email this Page

Category: Miscellaneous Hacks - Version: 3.6.2 Rating:
Released: 11-17-2006 Last Update: 12-21-2007 Installs: 282
Uses Plugins
 
No support by the author.

Check Proxy RBL on New User Registration Version 4.1

Version 4.1 includes remains unchanged from version 4.0 with the exception of a code fix to deal with an SQL injection security hole in the code.

What does this hack do?

Hooking in at register_addmember_process and register_addmember_complete this hack compares the IP address of the person registering with the Realtime Block List(s) of your choice. Based on your configuration the RBL Checker will then perform one of these actions:
  1. Nothing, the registration continues as normal.
  2. Registration continues as normal, but the user is automatically moved into the "Pending Moderation" group of your choice.
  3. Registration continues as normal, but the user is automatically permanently banned.
  4. Registration is blocked, an error message is displayed to the user.
Please Note: It is strongly recommended that you configure PM or Thread based notification so that you may monitor registrations that are from IPs that are a positive hit on the RBL. Especially if you configure the checker to allow registrations to complete normally.

These options are configurable in AdminCP > Options > DM-RBL Check on Registration.


Why Block Proxies?

Banned and Spammers users often get around IP bans by simply using an open proxy - of which there are thousands - to get around the IP ban. Very few legitimate users slow their surfing by using an anonymous proxy.


How do you Install?
  1. Create a user from which PMs, Posts, etc. will be generated.
  2. In your adminCP obtain values for the "banned" and "pending moderation" groupIDs (Defaults are 8 and 4).
  3. Install the attached product.
IMPORTANT NOTE:You must specify a username if you plan on configuring the AUTOBAN or NOTIFICATION options. Otherwise you WILL get errors.


What is the default config?
By default the RBLChecker will check the IP of a new registration, allow registration to complete, but add the new user to the "COPPA Members Awaiting Moderation" usergroup. You can then approve/reject those members depending on whether you think they are/aren't spammers/trolls.

You can modify the settings in the AdminCP to Ban or Block as you like.


Hack History:

Version 4.1
- Fixed SQL Injection security hole.
- Fixed some minor typos in automatically generated messages.

Version 4.0
- Added ability to specify error reported on blocks.
- Added ability to specify ban reason and custom title.
- Added ability to move users to "pending moderation" group if registration is allowed.
- Updated list of RBLs checked based on testing with lists of "anonymous" proxies.
- Fixed IP address of Notification Posts equalling IP of blocked user. (Now Notification IP = 1.2.3.4)

Version 3.2
- Fixed typo causing blocked registrations to be reported as allowed.

Version 3.1
- change in variable name in v3.0 broke RBL checking. Corrected error.
- match notification now includes the name of the RBL that matches the IP.

Version 3.0
- plugin now fires at "register_addmember_process" allowing the user to completely fill in the form.
- Added the ability to specify more than one RBL.
- Added option to specify whether registration is blocked or allowed to complete.
- Added option to automatically ban registrations that are allowed to complete but have a positive IP match.
- Added option to specify user who is "notifier".
- Added option to specify a forum where a notification thread will be created.
- Added option to supress notification PM / Thread when an IP matches blacklist or known proxy list.
- Added customized error codes for notifications - notification now indicates whether a registration IP has matched the RBL, blacklist, or predefined list of anonymizers.
- Reworded Phrases.
- Removed 10.x.x.x IP from known proxy/anonymizer list.

version 2.0
- Added configuration options under vboptions > DM-RBL Check on Registration.
- Added PM on Block.
- Added option to select RBL.
- Added Custom Whitelist.
- Added Custom Blacklist.
- Added list of free proxies.
- Changed default RBL to sbl-xbl.spamhaus.org
- Added option to enable/disable checking.

version 1.0
- added plugin to check against opm.tornevall.org
- added custom phrase to be reported as error on registration start.


Using this Hack?
If you install this hack please click "Installed" to receive updates.

If you find this hack useful you can always hit that paypal button too...

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #152  
Old 04-30-2007, 07:00 PM
teedizz teedizz is offline
 
Join Date: Jan 2004
Posts: 275
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hello, will this still work if I have installed:

Proxy to Real I.P. Detector located here

https://vborg.vbsupport.ru/showthread.php?t=120082

Thanks for any info.
Reply With Quote
  #153  
Old 05-08-2007, 02:18 PM
aycan555 aycan555 is offline
 
Join Date: Dec 2005
Location: www.ultrapaylasim.com
Posts: 142
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I am getting below database error to my email ???

Code:
Invalid SQL:
INSERT INTO userban (userid, usergroupid, displaygroupid, usertitle,
customtitle, adminid, bandate, liftdate, reason)
			       VALUES
			       (32322, 8, 8, 'Otomatik Ban', 1, ,1178614929, 0, 'Otomatikmen sitemiz
tarafindan banladiniz, uyeliginiz kontrolden gecirilip, yeniden acilacaktir!!!

Sebebi; proxy ip kullanmanizdan kaynaklaniyor, lutfen direk ip adresinizle
giriniz. Eger gereksiz yere banlandiginizi dusunuyorsaniz, lutfen
admin@dizitr.com email adresinden yardim isteyiniz..');

MySQL Error  : You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near
'1178614929, 0, 'Otomatikmen sitemiz tarafindan banladiniz, uyeliginiz
kontrolden' at line 3
Error Number : 1064
Date         : Tuesday, May 8th 2007 @ 04:02:10 AM
Script       : http://www.dizi-tr.com/forum/register.php?do=addmember
Referrer     : http://www.dizi-tr.com/forum/register.php?do=addmember
IP Address   : 85.104.94.112
Username     : starture
Classname    : vb_database
Reply With Quote
  #154  
Old 05-08-2007, 05:03 PM
DaNIEL MeNTED DaNIEL MeNTED is offline
 
Join Date: Sep 2006
Posts: 152
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Darat View Post
I've got this installed on a 3.6.4 board ( with the security patch) and it is generating 5 PM's and 5 threads every time it detects someone and although I've said allow registration to continue appears to banning them anyway.

Any ideas what could be causing this?
No idea, uninstall and reinstall with the latest version. Let me know if that fixes it...


Quote:
Originally Posted by Tom1234 View Post
Darat, I think this post explains your problem (and mine since I am seeing the same as you):
https://vborg.vbsupport.ru/showpost....&postcount=107
That post has nothing to do with multiple hits - the issue there is people getting blocked before the captcha fires, leading to extra hits from bots. There are now 2 plugins, one that fires on reg and one at reg_complete...
Reply With Quote
  #155  
Old 05-08-2007, 05:07 PM
DaNIEL MeNTED DaNIEL MeNTED is offline
 
Join Date: Sep 2006
Posts: 152
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by aycan555 View Post
I am getting below database error to my email ???

Code:
Invalid SQL:
INSERT INTO userban (userid, usergroupid, displaygroupid, usertitle,
customtitle, adminid, bandate, liftdate, reason)
			       VALUES
			       (32322, 8, 8, 'Otomatik Ban', 1, ,1178614929, 0, 'Otomatikmen sitemiz
tarafindan banladiniz, uyeliginiz kontrolden gecirilip, yeniden acilacaktir!!!

Sebebi; proxy ip kullanmanizdan kaynaklaniyor, lutfen direk ip adresinizle
giriniz. Eger gereksiz yere banlandiginizi dusunuyorsaniz, lutfen
admin@dizitr.com email adresinden yardim isteyiniz..');

MySQL Error  : You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near
'1178614929, 0, 'Otomatikmen sitemiz tarafindan banladiniz, uyeliginiz
kontrolden' at line 3
Error Number : 1064
Date         : Tuesday, May 8th 2007 @ 04:02:10 AM
Script       : http://www.dizi-tr.com/forum/register.php?do=addmember
Referrer     : http://www.dizi-tr.com/forum/register.php?do=addmember
IP Address   : 85.104.94.112
Username     : starture
Classname    : vb_database
There is no adminid in the mySQL query...

[high]* DaNIEL MeNTED points up at the install instructions...
[/high]

Quote:
IMPORTANT NOTE:You must specify a username if you plan on configuring the AUTOBAN or NOTIFICATION options. Otherwise you WILL get errors.
Reply With Quote
  #156  
Old 05-08-2007, 09:00 PM
aycan555 aycan555 is offline
 
Join Date: Dec 2005
Location: www.ultrapaylasim.com
Posts: 142
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How can i add the adminid?
Reply With Quote
  #157  
Old 05-09-2007, 12:09 PM
DaNIEL MeNTED DaNIEL MeNTED is offline
 
Join Date: Sep 2006
Posts: 152
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

In the adminCP go to the settings for the RBL checker - the third option (you can see it in the first screenshot above) is CONFIG - Username for Bans & Notifications ... put in a username of the admin user and then you can use notifications and bans...
Reply With Quote
  #158  
Old 05-24-2007, 12:20 AM
meissenation meissenation is offline
 
Join Date: Apr 2005
Posts: 476
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I was just able to register perfectly fine with xroxyx.com and youhide.com and it didn't block me at all?
Reply With Quote
  #159  
Old 05-24-2007, 03:41 AM
Mrdby Mrdby is offline
 
Join Date: Mar 2007
Location: Hades
Posts: 1,298
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

this is confusing
Reply With Quote
  #160  
Old 05-24-2007, 01:31 PM
DaNIEL MeNTED DaNIEL MeNTED is offline
 
Join Date: Sep 2006
Posts: 152
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by meissenation View Post
I was just able to register perfectly fine with xroxyx.com and youhide.com and it didn't block me at all?

You'll note earlier in the thread I mention the fact that specific proxy sites don't get added to RBLs. I'm working on getting access to a liveupdating blocklist than includes these sites for the next version.
Reply With Quote
  #161  
Old 05-24-2007, 01:47 PM
venomx's Avatar
venomx venomx is offline
 
Join Date: Apr 2002
Location: Pennsylvania USA
Posts: 441
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Not sure it has been meantioned but take a look at
http://oldwww.temp.ahbl.org/docs/ircbl.php

Quote:
IRCbl Lookup System For IRC Networks
We've put together a list for IRC admins who wish to take advantage of our list on their IRC networks to help prevent abuse and open proxies from connecting to their servers. This list contains only the proxy and DDoS drone data from our main list, without extras such as the Spam Sources list and Shoot On Sight.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:19 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09893 seconds
  • Memory Usage 2,325KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete