A trick to send spammers to hell (or anywhere you want!)

[edward hamilton]

I implemented this approach early this morning using the replacement variable manager. I also added a redirect for bots that automatically assume register.php.
I'd like to see this listed so it could be in the running for the Mod of the Month. After spending too many hours dealing with spam, I'd vote for it.

A redirect to Justice Department Cyber Crime looks like another place that might be effective to deter spammers.

[italcro]

Quote:

Originally Posted by barcena

Wow.. I feel for you.
I gave the Human Verification Manager a shot and is working really nice for me, I choose the Questions and Answer way and although simple questions I don't think no robot can answer them.... yet.
Good luck.

Hi Barcena
Sorry, what do you mean by Human Verification Manager?
Can you please elaborate?

Also, now I am starting to have a doubt.
it seems to me that spammers are those who "abuse electronic messaging systems to send unsolicited bulk messages indiscriminately".

Someone who registers with multiple identities to a forum with obscene or offensive
names, possibly with e-mail addresses coming from porn websites (such as, say, ivan@porn.ru) and just posts profanities, I am not sure if that can be defined as SPAM.

What does everyone thinks here?

Kind regards

Italcro

[thisgeek]

Here's something I'm trying - if you have access to your .htaccess, and mod_rewrite is enabled:

Completely forbid access to your /register.php unless the referrer is coming from your own site (that is, the user clicked the 'Register' link on your site). This prevents bots from directly accessing /register.php.

Just replace "domain\.tld" with your own domain.

EDIT: I've fixed the rewrite code so activations now work.

Code:

RewriteEngine On
RewriteCond %{QUERY_STRING} !^a=act&u=(.*) [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?domain\.tld/ [NC]
RewriteRule register.php$ - [F]

Or, if you're inclined, create a sticky locked thread where you rant on a bit at bots, and redirect them to that instead, or use the topic to explain to people that they need to use the register link on the main site instead of accessing /register.php directly.

Code:

RewriteEngine On
RewriteCond %{QUERY_STRING} !^a=act&u=(.*) [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?domain\.tld/ [NC]
RewriteRule register.php$ http://www.domain.tld/showthread.php?t=12345 [R,L]

I've only just done this on my site (using the latter option), so I'll see how the spambot registrations go from now on.

This method is probably less painful than renaming register.php. Not sure if it's as effective though.

[BSMedia]

Quote:

Originally Posted by thisgeek

Here's something I'm trying - if you have access to your .htaccess, and mod_rewrite is enabled:

Completely forbid access to your /register.php unless the referrer is coming from your own site (that is, the user clicked the 'Register' link on your site). This prevents bots from directly accessing /register.php.

Just replace "domain\.tld" with your own domain.

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?domain\.tld/ [NC]
RewriteRule register.php$ - [F]

Or, if you're inclined, create a sticky locked thread where you rant on a bit at bots, and redirect them to that instead, or use the topic to explain to people that they need to use the register link on the main site instead of accessing /register.php directly.

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?domain\.tld/ [NC]
RewriteRule register.php$ http://www.domain.tld/showthread.php?t=12345 [R,L]

I've only just done this on my site (using the latter option), so I'll see how the spambot registrations go from now on.

This method is probably less painful than renaming register.php. Not sure if it's as effective though.

Couldn't this also stifle legitmate registrations. Say if a forum member links directly to the register page, or if you run a promotion with a "Register here" link in them?

[GreigM]

Quote:

Originally Posted by edward hamilton

I implemented this approach early this morning using the replacement variable manager. I also added a redirect for bots that automatically assume register.php.
I'd like to see this listed so it could be in the running for the Mod of the Month. After spending too many hours dealing with spam, I'd vote for it.

A redirect to Justice Department Cyber Crime looks like another place that might be effective to deter spammers.

could you do a guide how to do it via the replacement variable manager? sounds like a great little mod, as we are also sick of these robots.

[thisgeek]

Quote:

Originally Posted by BSMedia

Couldn't this also stifle legitmate registrations. Say if a forum member links directly to the register page, or if you run a promotion with a "Register here" link in them?

Potentially. That's why the second method is probably better because you get a chance to explain what is going on.

[edward hamilton]

While I don't put myself out to be an expert with vBulletin using the Replacement Variable isn't hard. And there is a delete option once you do it so it is reversible.
AdminCP => Styles and Templates => Replacement Variable Manager
then you should see Default Style [Add New Replacement Variable] in the right side of the page.
I replaced register.php with registerXXXXX.php and it changed register.php for all of the templates, so no matter which template a bot accesses a bogus register.php would be accessed, more on that later.

This worked fine for me. But, there's always a but in the room, that only took care of the templates where register.php was a variable. Then I had to search the templates for register.php and replace them with my new file name. Not all instances of register.php are variables.

The only problem I've found so far is that when I tried to send an activation code through the AdminCP, I got redirected to my new register.php page by the script. I searched the forum admin files for register.php and found the culprit in the user.php file in the admin folder.

I'm sure there is going to be at one more problem but I'll fix it when I find it. By the way I found a ../register reference in that same user.php file and guessed, without looking at it, that it should be changed as well, but since it's in the admin side of things it's probably only going to affect the admin, me.

user.php line 334

PHP Code:

            print_form_header('../register', 'emailcode', 0, 0);
            construct_hidden_code('email', $user['email']);
            print_submit_row($vbphrase['email_activation_codes'], 0); 


Here are other occurences of register.php that I changed

In the new registerXXXX.php file

line 543

PHP Code:

$vbulletin->url = iif(strpos($vbulletin->url, 'registerXXXX.php') !== false, $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'], $vbulletin->url); 


and line 1136

PHP Code:

'registerXXXX.php?' . $vbulletin->session->vars['sessionurl'] . 'a=ver' => $vbphrase['activate_your_account'], 


admincp/email.php line 202

PHP Code:

$activate['link'] = $vbulletin->options['bburl'] . "/registerXXXX.php?a=act&u=$userid&i=$activate[activationid]"; 


includes/functions_online.php line 1732

PHP Code:

case 'registerXXXX.php': 


includes/md5_sums_vbulletin.php line 47

PHP Code:

case 'registerXXXX.php': 


I also edited my robots.txt file but that wasn't doing any good anyway because these bots don't read that file anyway

I copied my old register.php file and made a register.php_bu for the archives and made a new register.php file

PHP Code:

<?php
   header("location:http://www.justice.gov/criminal/cybercrime/");
?>

I'm only on my second day and so far haven't seen ANY spam registrations. This is a lot easier, for me, than the other spam stoppers I've seen and I'm going to go with it. Even with only doing the replacement variable and renaming the file I continued to get registrations so it didn't shut down my site. I made the rest of the edits tonight.

The good news is that I haven't seen legit registrations drop off and there is no way for a legit user to accidentally be blocked by an ip block which has happened to me in the past from parts of the world that have spammers and legit registrations.

Disclaimer- I fully expect someone with more knowledge than me to tell me I'm full of crap and I will salute you for showing us something I overlooked. If you accept that the register.php file name is the weak link in the battle against spammers, this tightens things up without loosing functionality and makes a forum harder to spam than the next one which is about all we can hope for.

[barcena]

Quote:

Originally Posted by italcro

Hi Barcena
Sorry, what do you mean by Human Verification Manager?
Can you please elaborate?

Also, now I am starting to have a doubt.
it seems to me that spammers are those who "abuse electronic messaging systems to send unsolicited bulk messages indiscriminately".

Someone who registers with multiple identities to a forum with obscene or offensive
names, possibly with e-mail addresses coming from porn websites (such as, say, ivan@porn.ru) and just posts profanities, I am not sure if that can be defined as SPAM.

What does everyone thinks here?

Kind regards

Italcro

I consider spam anyone who register on my site with other intention than to legitimate participate of the site, I have no mercy with those.

You will find the Human Verification Manager at your left, on the Admin CP. Settings==>Human Verification Manager=>Question and Answer verification. You should write your own answers and questions. The ReCaptcha is really good also, keeps spammers out at least on my site while you help to write a digital book.

Cheers.

[edward hamilton]

Quote:

Originally Posted by barcena

You will find the Human Verification Manager at your left, on the Admin CP. Settings==>Human Verification Manager=>Question and Answer verification.

Cheers.

Human Verification can be found at
Admin CP => vBulletin Options => Human Verification Manager

[MaryTheG(r)eek]

Quote:

Originally Posted by edward hamilton

Human Verification can be found at
Admin CP => vBulletin Options => Human Verification Manager

--------------- Added 15 Jan 2010 at 20:54 ---------------

I just identified a problem with the new registration activations. The email that is sent doesn't show the link as registerXXXX.php as desired if you follow the instructions above.

If you follown my steps, everything works fine. There are some email templates which need modification, and as I remember all of them have 4 instances to replace.

In my opinion don't trust so much the variable replacement, as still exist so many bugs in vb4.

Maria