There are many many ways of limiting their access, here's one if you know their useragent https://vborg.vbsupport.ru/showthread.php?t=264932, but there are simpler thinsg you can do, don't allow guests to view members list, dont allow guests to view who's online, force password changing (vb3.8 onwards) every xx days.......the list goes on
There are many many ways of limiting their access, here's one if you know their useragent https://vborg.vbsupport.ru/showthread.php?t=264932, but there are simpler thinsg you can do, don't allow guests to view members list, dont allow guests to view who's online, force password changing (vb3.8 onwards) every xx days.......the list goes on
Looking at my logs under last attack - noticed they rotated through multiple User Agents all in the same 1 minute span ..that option of defense really seems to be a very minor hindrance to a real attack. Highly Agree about blocking the member list to guests help - vB.org should really consider this - especially the way this last attack occured alphabetically - I don't even see a valid reason to make the list available to registered users . Hate forced password changes myself - seems to encourage users to pin them to their workstation to keep up.
Set guest to post limits of five or more before they can view lists. As we all mentioned earlier, it is only when a human spammer directly invades your forum, that you need to worry and report them. Bots just like any other insect, is a pest that can be dealt with in very simple precautionary measures.
As for cataloging these IP, that has already been done at 'stopforumspam.com' they already have a long list of reported IPs you can check against.
don't allow guests to view members list, dont allow guests to view who's online
I second that. Especially if that's the way they get the names.
At this moment the are busy with BL from the alphabet, because I could dozens of mails since yesterday evening.
06-09-2013, 11:34 PM
Linear Mode
