The Arcive of Official vBulletin Modifications Site.

Rename register.php by BOP5 · **Released**: 05-03-2013

Brought to you by BirdOPrey5 / Qapla.com

It's great when you stop spam bots during registration but this mod gives you a chance to stop them BEFORE they even attempt to register.

I have received multiple reports from people who say their "register.php" was getting hammered with spam requests- so much so it was like a denial of service attack. Even if they disabled registration they would waste so much resources their site was slow or worse- had to be taken offline.

What this mod does is allow you to rename the register.php file- my theory is many of the vBulletin spamming bots are hard coded to look for register.php. Using a unique name will throw them off, at least for a while.

To manually change the name of register.php would have meant dozens, maybe hundreds of manual edits to files and templates previously.

This mod makes it as simple as possible. At worst you will need to edit 2 phrases and 1 file, and some people don't need to edit anything at all.

Compatible with VB 3.8.x (and 3.7, and 3.6 probably too) and all VB 4.x.x versions.

Basic Instructions
1) Import XML File
2) Go to mod settings in Admin CP
3) Rename your register.php file via FTP or some other means- make it a unique value but only use basic letters, numbers, underscores, or hyphens. Something like "joeregister999.php"
4) In the mod settings, set the value of register.php to the new file name you chose.
5) If you require email verification during registration follow the next setting in the Admin CP and edit the phrases listed (activateaccount and activateaccount_chnage phrases in Email Body)
6) Finally, if you use Facebook Connect on your forum make the manual file edit of class_bootstrap.php as instructed.

Now enjoy your new filename for register.php, I hope it reduces server load and spam in general.

------------------------------------------------------

Please "Mark as Installed" if you use this.

Donations always appreciated. :up:
Nominate MOTM if you LOVE it!

----

Note- if having problems sending activation codes or other Admin CP related activities use the solution in post #197.

Trevor Matthews · #32 05-09-2013, 09:54 AM

I found a small problem.
I needed to resend the activation code for a new member.
In User Manager/Quick User Links/Email Activation Codes

The page is not found as it is looking for register.php
I easily changed web page address to my renamed register.php file but it would be nice to know what to change to correct this.

BirdOPrey5 · #33 05-09-2013, 12:06 PM

Quote:

Originally Posted by Trevor Matthews

I found a small problem.
I needed to resend the activation code for a new member.
In User Manager/Quick User Links/Email Activation Codes

The page is not found as it is looking for register.php
I easily changed web page address to my renamed register.php file but it would be nice to know what to change to correct this.

You're right- Fixed in new version 1.1.5. Thank you for pointing it out.

I added another plugin in the Admin CP user editing to deal with the name change. :up:

Trevor Matthews · #34 05-09-2013, 04:54 PM

Many thanks, that did the trick.

djbaxter · #35 05-10-2013, 01:50 PM

I was planning to try this out over the weekend when I had more time but yesterday I had a bot swarm large enough to take out MySQL with a "too many connections" error (dedicated server). I got up early this morning to add this to 4 forums.

Where's your donate button, BOP5? I don't see one here or on your site.

...

D'oh! Maybe I'm up a little TOO early. "Support Developer"

BirdOPrey5 · #36 05-10-2013, 02:29 PM

Thank you, it is much appreciated.

(On my site you need to register to see the donate link because I do it via the subscription system.)

Max Taxable · #37 05-11-2013, 01:45 PM

Quote:

Originally Posted by djbaxter

I was planning to try this out over the weekend when I had more time but yesterday I had a bot swarm large enough to take out MySQL with a "too many connections" error (dedicated server).

That sounds alot more like a DDoS attack than just garden variety spam.

djbaxter · #38 05-11-2013, 02:11 PM

Quote:

Originally Posted by Max Taxable

That sounds alot more like a DDoS attack than just garden variety spam.

No.

1. They were hitting register.php and some of them got by the spambot timer add-on and registered with the usual spambot signature registration info.

2. There were enough hits in a short enough period of time to breach the "too many connections" limit had it been a DDoS attack there would have been a lot more over a longer period of time. I experienced one of those several years ago and they're unmistakable in their scope. This was a spambot swarm.

Max Taxable · #39 05-11-2013, 02:28 PM

Quote:

Originally Posted by djbaxter

No.

1. They were hitting register.php and some of them got by the spambot timer add-on and registered with the usual spambot signature registration info.

Re: The bolded. How?

Quote:

2. There were enough hits in a short enough period of time to breach the "too many connections" limit had it been a DDoS attack there would have been a lot more over a longer period of time. I experienced one of those several years ago and they're unmistakable in their scope. This was a spambot swarm.

Got'cha.

djbaxter · #40 05-11-2013, 02:39 PM

Quote:

Originally Posted by Max Taxable

Re: The bolded. How?

The simple answer is because they exceeded the minimum time required by the add-on to be identified as human. Maybe that was because some of the bots have been reworked to compensate for anti-bit timers. Maybe it was because the bot swarm slowed down site response time enough that they met the crtiteria. I don't know.

But I can say that while the anti-bot timer certainly prevented a large number of spambot registrations for me, it didn't catch them all.

On the other hand, the effectiveness of the combination of the anti-bot timer and this add-on has been astounding so far.

Max Taxable · #41 05-11-2013, 02:46 PM

Quote:

Originally Posted by djbaxter

The simple answer is because they exceeded the minimum time required by the add-on to be identified as human. Maybe that was because some of the bots have been reworked to compensate for anti-bit timers. Maybe it was because the bot swarm slowed down site response time enough that they met the crtiteria. I don't know.

But I can say that while the anti-bot timer certainly prevented a large number of spambot registrations for me, it didn't catch them all.

On the other hand, the effectiveness of the combination of the anti-bot timer and this add-on has been astounding so far.

I figured it might be.

Alot of people don't realize the timer add-ons are all page load time dependent. Terrible proxies the botnets usually use, and other factors can contribute to slow load times thus letting some autospam bots get registered.

Spam fighting requires layers of defenses and vigilance by site owners, for sure. It's not a casual undertaking.

What version of the timer add-on are you using? I'm still on the original v1.1.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.07270 seconds Memory Usage 2,373KB Queries Executed 26 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (7)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (4)navbar_link (120)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)pagenav_pagelinkrel (11)post_thanks_box (26)post_thanks_box_bit (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (3)post_thanks_postbit (11)post_thanks_postbit_info (10)postbit (3)postbit_attachment (11)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_attachment postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

24 благодарности(ей) от:
CrossWind, datoneer, da_judge, Digital Jedi, ggrimes620, icona, Jeromedia603, john7911, kmplex, Lynne, madness85, Max Taxable, oneill, puertoblack2003, Ramsesx, RedTurtle, RichieBoy67, rodriiverduguez, seb5594, Teascu Dorin, TheLastSuperman, thomas, too_cool_3, WendM

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!