The Arcive of Official vBulletin Modifications Site.

mpasternak · #1 12-29-2011, 02:13 PM

I'm having a spambot explosion of lates

In the last month i'm getting nearly 1000 spambots register a day on my site. Most don't pass human verification thankfully, But i am getting around 20 a day that get through.

I've got ReCaptha and email verification, as well as a "skill testing questioN" and yet they're getting through, then posting anywhere from 1 to 100 posts in the span of minutes with their nonsense links and gibberish.

I cannot monitor the queue enough to manually approve all users and the site isn't really big enough that it has regular new registrations.

But i need a solution for this. Being higher up in the search rankings is important for the business, But I can't have these issues with spambots.

Is there any solution?

FreeResellers · #2 12-29-2011, 02:49 PM

Are you running on vB 3.8.x or 4.x?

Max Taxable · #3 12-29-2011, 02:54 PM

This mod is the endemol of all spam bots. Nothing else touches it. Instructions in thread for v4 compatibility. This should be a standard feature of vBulletin.

https://vborg.vbsupport.ru/showthread.php?t=135094

mpasternak · #4 12-29-2011, 03:10 PM

i'm in 4.x if that helps

Max Taxable · #5 12-29-2011, 03:28 PM

Quote:

Originally Posted by mpasternak

i'm in 4.x if that helps

The Mod I linked is easily adjusted for all versions of vB4. Here's a stat - since I installed that Mod last October, it has caught over 2,000 spam bot registrations and stopped them and has interfered with exactly zero humans.

The Mod generates a email to you each time, detailing what username they tried to register with, what IP it came from, and what email they tried to use. VERY useful information for donating to Project Honey Pot! It's a must-have Mod.

nhawk · #6 12-29-2011, 05:35 PM

I do pretty much the same thing as that mod at server level and ban the IP in iptables (drop with no reponse) so their computer hangs while their system waits for a response from my server.

Turn about is fair play in my book.

Max Taxable · #7 12-29-2011, 06:49 PM

Quote:

Originally Posted by nhawk

I do pretty much the same thing as that mod at server level and ban the IP in iptables (drop with no reponse) so their computer hangs while their system waits for a response from my server.

Turn about is fair play in my book.

The Mod can be set to autoban, but I don't ban IPs, it's not necessary with that Mod. It just stops them, and reports them - also without giving the human botnet operators any clue as to why. It just gives them the standard vBulletin "The administrator has disabled registration" phrase. It lies.

kh99 · #8 12-29-2011, 09:01 PM

Quote:

Originally Posted by Max Taxable

...This should be a standard feature of vBulletin.

There's one problem with that - no doubt it would be trivial to program a bot to get past it, so if it were a standard feature it would most likely be useless.

FWIW at my site we use question and answer human verification and that Spam-O-Matic thing that looks up info at stopforumspam.com (and submits to it if you want), and between them they stop hundreds a day. We end up getting 5-10 registrations per day and I'm pretty certain those are actual humans. Anyway, I have no idea how it would compare to the one Max Taxable linked to - maybe we'll try that one out some day.

nhawk · #9 12-29-2011, 09:22 PM

Quote:

Originally Posted by Max Taxable

The Mod can be set to autoban, but I don't ban IPs, it's not necessary with that Mod. It just stops them, and reports them - also without giving the human botnet operators any clue as to why. It just gives them the standard vBulletin "The administrator has disabled registration" phrase. It lies.

That works

But, I don't even want to waste the PHP processing power to give them a reason. They aren't worth a nanosecond of PHP time to me. Let the server itself and firewall handle them and hang their system waiting for a reply from my server until their end times out with an error that the web site can't be found.

To date.. zero spam on my site. (now watch me get hammered)

Max Taxable · #10 12-29-2011, 10:32 PM

Quote:

Originally Posted by kh99

There's one problem with that - no doubt it would be trivial to program a bot to get past it, so if it were a standard feature it would most likely be useless.

FWIW at my site we use question and answer human verification and that Spam-O-Matic thing that looks up info at stopforumspam.com (and submits to it if you want), and between them they stop hundreds a day. We end up getting 5-10 registrations per day and I'm pretty certain those are actual humans. Anyway, I have no idea how it would compare to the one Max Taxable linked to - maybe we'll try that one out some day.

The whole point of using bots is speed. Therefore the botnet admins never going to adjust bots to make them take their time registering. This is if they ever figure out time is the issue.

I use the Q&A verify as well, but with a twist - the answer is identical to the very LONG question, which is instructions to copy and paste the question into the answer box!

I definitely agree a mufti-tiered system is best. There's no magic bullet - but there's sure some good ones!

Quote:

Originally Posted by nhawk

That works

But, I don't even want to waste the PHP processing power to give them a reason. They aren't worth a nanosecond of PHP time to me. Let the server itself and firewall handle them and hang their system waiting for a reply from my server until their end times out with an error that the web site can't be found.

To date.. zero spam on my site. (now watch me get hammered)

For many people though, a handy-dandy ready-made xml product file is near the ceiling of their abilities!

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04334 seconds Memory Usage 2,260KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (6)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!