The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
|||
|
|||
I'm not convinced, I reckon they must have added some functionality because our HV questions are quite obscure things like:
what number is green on a roulette wheel? Which I can't believe a bot would be able to answer without being programmed... there are other questions as well that are equally as 'confusing' for a bot (how many legs does a cow have with one leg short comes to mind hehe ). |
#12
|
||||
|
||||
Quote:
That's all over now, however. |
#13
|
|||
|
|||
Quote:
I enabled the email function so I can get a feeling of how it is working, and it has denied access to 42 attempts in 5 hours. I might turn off new member moderation. |
#14
|
|||
|
|||
I'm glad you got it worked out, but I have a question for you: when you go to the admicp options, under Human Verification Options, did you have the "Register" box checked?
|
#15
|
||||
|
||||
Quote:
Avoid answers that are: Any number under 20 Any basic color etc... |
#16
|
|||
|
|||
Quote:
In the past 20 hours, there have been 135 blocked attempts. The majority of the times are still below 2 seconds, but a couple were edging up towards the 15-second mark. This morning, I increased the time difference to 30 seconds. A few minutes ago, one blocked attempt had a time difference of 16 seconds: Quote:
As much as I like the email notices, I am going to see if I can modify the code to add a PHP function that writes the information to a log file. I have never programmed in PHP, but I used to be good at C several decades ago. |
Благодарность от: | ||
Max Taxable |
#17
|
||||
|
||||
Quote:
It would have to be a pretty long delay - page load times are a factor in this, and sometimes with some of the really bad proxies these bots are on, page load time can be really slow. Add to that, there is no way for the botnet admin to determine what your time differential setting is. I'll be curious to see if your 30 second setting catches any humans, I fear it might. Please update us with that. Increasing the time is far preferable to reducing it - reducing it only helps the bots. |
#18
|
|||
|
|||
Quote:
Quote:
I'll likely adjust the time downward when I see more reporting times. As with any countermeasure, there must be a balance between preventing an unwanted event and not allowing a wanted event. Unfortunately, it is unlikely that I will know if a human was denied registration (unless they use the "Contact Us" process to complain), but I will certainly know if the bots breach the walls. |
#19
|
||||
|
||||
Quote:
I have no doubt that as the time based test becomes more popular, botnet admins and botnet software designers will try to do a workaround. Problem is, they won't be all that aware of all the variables involved. Your individual setting, variable page load times - they would almost have to program in a 60 second delay in their bots, REALLY going against the whole reason to use bots to start with. It will be interesting to see what the response is, if their ever is one. Spam fighting is a constant and ever changing war, heh. |
#20
|
||||
|
||||
Quote:
You set the bot to run and you go one about your day. Whether it takes 5 minutes or 5 hours is of no real concern to the person spamming links across forums. Yes it will take longer when the bots start adapting, but they will because there is still much money to be made with spamming links. While the time-lock method is a good method it is still going to be better to have some sort of captcha type challenge easy for humans but impossible for bots, long term, IMO. That said no reason not to install the bot-time-check for now. - My 2 cents. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|