The Arcive of Official vBulletin Modifications Site.

Hostname or Useragent Registration Ban · **Released**: 02-23-2012

THIS ADD-ON IS NO LONGER AVAILABLE AND IS NOT SUPPORTED

This is an add-on that is designed with vBulletin 4.1.5. It may not work on earlier versions of vBulletin. It is known to be working on vB versions 3.8.7, 4.0.7 and 4.1.5 through 4.2.0. I don't know if it is compatable with all versions of vB or not.

On my site, I receive quite a few PMs asking me how I prevent spam from being posted there. While I can't release everything I use because some of it is server based (external from vBulletin), I can release one of the lines of defense that I use.

This mod allows you to ban Hostnames and Useragents from registering on your site.

If a hostname or useragent contains any of the words you specify and they are trying to register, they are presented with an error telling them they are forbidden from registering on your site. And no registration screen ever appears.

In the event the hostname is blank, a WHOIS can be performed to establish the identity of the system being used to register.

The 'External Content' pulled by this mod is only the WHOIS information when that is enabled.

WARNING: This mod has the potential of banning humans from registering. Choose what words you use carefully.

Personally, I am not very concerned about banning an occasional human from registering. So, from time to time my system may ban a human that uses an anonymous proxy.

NOTE: This mod has a 'Don't Ask, Don't Tell' clause. Please don't post telling people what words to ban. We don't need spammers getting around this mod by reading posts telling them what is being filtered.

REQUIREMENTS: In order for the WHOIS function used in this mod to work properly, your server must have OPENSSL installed.

* INSTALLATION *
---------------------
1) Upload the contents of the 'upload' folder to your forum's root.
(If your forum's location is http://www.example.com/forums/, the root is /forums/)

2) Import the product XML file (product-hostusercheck.xml) into the Product Manager in AdminCP.

3) Take some time to set the options in ACP->Settings->Options->Prevent Hostname or Useragent from Registering.

4) Be sure to turn on the mod when setting options in ACP->Settings->Options->Prevent Hostname or Useragent from Registering.

* History (Changelog) *
-----------------------------
1.0.3 (December 12, 2013)
- Fix hostname not being checked under certain circumstances.

1.0.2 (March 1, 2012)
- Fix error on registration page when Useragent or Hostname to ban is blank.

1.0.1 (February 24, 2012)
- Wrong hook being used for one of the plugins.

1.0.0 (January 22, 2012)
- Public Release

nhawk · #82 03-21-2014, 10:13 PM

Quote:

Originally Posted by BadgerDog

PM's you with list, which is the one Ozz recommended...

Regards,
Doug

LOL, this one was simple.

It's blocked because 'tor' is in the list (monitor5.securi.net). So it did it's job.

In either case, securi.net has no business accessing register.php, so the add-on did it's job.

It didn't ban securi from accessing the site, it just stopped it from registering.

So, re-enable the add-on.

Max Taxable · #83 03-21-2014, 10:16 PM

Quote:

Originally Posted by nhawk

LOL, this one was simple.

It's blocked because 'tor' is in the list (monitor5.securi.net). So it did it's job.

In either case, securi.net has no business accessing register.php, so the add-on did it's job.

It didn't ban securi from accessing the site, it just stopped it from registering.

So, re-enable the add-on.

And that is a oversight on my own part, since I compiled most of that list.

I'll be recommending "tor" be removed post haste. I think we have it covered with another definition anyway.

BadgerDog · #84 03-21-2014, 10:23 PM

Quote:

Originally Posted by nhawk

LOL, this one was simple.

It's blocked because 'tor' is in the list (monitor5.securi.net). So it did it's job.

In either case, securi.net has no business accessing register.php, so the add-on did it's job.

It didn't ban securi from accessing the site, it just stopped it from registering.

So, re-enable the add-on.

Unfortunately, Sucuri needs to access out site as it's a primary security monitor and does complete server scans every 1/2 hour...

Regards,
Doug

BadgerDog · #85 03-21-2014, 10:26 PM

Quote:

Originally Posted by Max Taxable

And that is a oversight on my own part, since I compiled most of that list.

I'll be recommending "tor" be removed post haste. I think we have it covered with another definition anyway.

Ok, I removed tor and have saved the mod and restarted it..

Thanks for all the help guys... :up:

Regards,
Doug

nhawk · #86 03-21-2014, 10:30 PM

Quote:

Originally Posted by BadgerDog

Unfortunately, Sucuri needs to access out site as it's a primary security monitor and does complete server scans every 1/2 hour...

Regards,
Doug

It can access the site. The add-on doesn't stop that. It just threw an error to it saying it can't register.

Max Taxable · #87 03-21-2014, 10:42 PM

Quote:

Originally Posted by BadgerDog

Unfortunately, Sucuri needs to access out site as it's a primary security monitor and does complete server scans every 1/2 hour...

Regards,
Doug

Once again... It does not and should not be trying to register. That is not part of its normal behavior.

BadgerDog · #88 03-21-2014, 10:42 PM

Quote:

Originally Posted by nhawk

It can access the site. The add-on doesn't stop that. It just threw an error to it saying it can't register.

Roger that ... :up:

Thanks again...

Regards,
Doug

lazytown · #89 03-22-2014, 07:35 PM

Quote:

Originally Posted by ozzy47

TBH, I would just turn off the PM's, once you know the mod is working after sending you some PM's, there is no need for them, you know it is working, so turn them off.

I prefer to keep logs, but a log with dozens of PMS a day is unmanageable. See ask the recent posts above for an example of why you'd would to keep a record so that you can search if later (sucuri being blocked).

nhawk · #90 03-22-2014, 09:36 PM

Quote:

Originally Posted by lazytown

I prefer to keep logs, but a log with dozens of PMS a day is unmanageable. See ask the recent posts above for an example of why you'd would to keep a record so that you can search if later (sucuri being blocked).

Securi was not blocked from the site. Nobody is blocked from the site with this mod. Securi was blocked from registering. There's a big difference.

https://vborg.vbsupport.ru/showpost....7&postcount=86

ozzy47 · #91 03-23-2014, 04:39 PM

Ok just a follow up on the Sucuri situation.

Sucuri will scan your site with several different user-agents (including the one you mentioned).
During this scan, the bot will crawl through all links found in the site, and looks like it's hitting the registration link.

Sucuri will not follow the robots.txt directives. Since it tries to behave as a "real user" it'll ignore that file. The only way to do it would be creating a .htaccess file to redirect SiteCheck to a 404 or a different page when hitting those forms.

So you can add tor back to the list if you wish, and add this to your htaccess file.

Code:

<Filesmatch "^(register)\.php$">
order allow,deny
allow from all
deny from 192.155.95.139
deny from 66.228.40.185
</Filesmatch>

That will stop Sucuri from hitting the registration trigger, and it is what they recommended to me.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.24482 seconds Memory Usage 2,328KB Queries Executed 25 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)bbcode_code (9)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)modsystem_post (1)navbar (4)navbar_link (120)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (11)post_thanks_box (5)post_thanks_box_bit (11)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (2)post_thanks_postbit (11)post_thanks_postbit_info (10)postbit (11)postbit_onlinestatus (11)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

3 благодарности(ей) от:
home9000, tareqbd, too_cool_3

2 благодарности(ей) от:
Max Taxable, RichieBoy67

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!