Jump to content

Bots / Scripts Can Register on 2.3.5


Guest Katsuma

Recommended Posts

It certainly did on the systems I administer. The ONLY problem we've had is the occasional human registrant that keeps trying to start a new post in one section after the other. They give up and leave, then we delete the membership and ban the IP C block. Problem solved.

The new fonts and backgrounds, along with the patch to xmlout.php, will no doubt help. But I prefer the "nuclear" option: overwhelm them with choices to make, none of which a bot seems able to cope with.

Link to comment
Share on other sites

  • Replies 161
  • Created
  • Last Reply

This patch has had zero effect... I'm still getting hundreds of spam registrations.... this is a major breakthrough for the spammers. I'm even getting child porn posted. This is bad.



after the patch + backgrounds and fonts, all spam registrations have stopped on my board..
Link to comment
Share on other sites

I got 1300 new account today it was a spam bot and i have spent 6 hours or more to delete...


I finally patch the system and stop the suckkerrsssssss... :huh: -_- :thumbsup:




I installed the patch but still registering



HailMaryPC


IP: 195.60.174.21


annetzdark@tmail.org Registering (User validation)


Today, 08:48 PM


0 days and 0 hours ago


0 Today, 08:48 PM




This patch has had zero effect... I'm still getting hundreds of spam registrations.... this is a major breakthrough for the spammers. I'm even getting child porn posted. This is bad.




I took back my previous post and an

update i am still getting 100s new account, the patch has no effect at all...

HailMaryPC (195.60.174.21)..
oradiatte@gmail.com
Validating (0 Posts)
Joined: Today, 10:25 PM

:(
Link to comment
Share on other sites

I too had the the JellyDreamas bot register on the same date which has caused me to be on the look out for the bloody things. Nothing stays secure for tool long these days does it? I've since had a number of bots get through, so yes I too agree the anti-spam Captcha now needs updating. This is why I like the idea of Recaptcha, when it gets circumvented, they update it without you having to update your site and mess your skins up!



So for now, I've gone back to the tried and trusted Anti-Spam Question custom profile field technique, which worked 100% in the past for me. I tried to find it again in the articles but in the end I did it on my own using a similar

tutorial

in the resources section that requires numbers entering.



Anyway, navigate your way here...



[i]Admin CP > Management > Users And Groups > Custom Profile Fields > Add New >[/i]



And enter the following information...



[b]Field title[/b] > Anti-Spam Check Question


[b]


Description[/b] > Is snow hot or cold? (Answer in lower case)


[b]


Field Type[/b] > Text Input



[b]Maximum Input[/b] > 100


[b]


Display order[/b] > 1


[b]


Expected Input[/b] > cold



[b]Include on registration page?[/b] > Yes


[b]


Field must be completed?[/b] > Yes



[b]Can be edited by member? [/b]> No



[b]Make private profile field?[/b] > Yes



[b]Admin and moderator editable only[/b]> Yes



I also recommend testing it to make sure it works but I have had no issues with this at all. When I entered anything other than the required answer, the board knocked me back.


very very thanks, guys, active this, tomorrow or after remove, but this temporaney STOP the bot ;)
http://resources.invisionpower.com/index.p...mp;article=6104
bye bye

Whiroph
Link to comment
Share on other sites

It never occurred to me to delete the existing fonts and backgrounds so I've just done that. Actually it makes sense, if they could read the old ones, why keep 'em?

I have 2 boards and despite about 40 bots registering today (prior to the patch), I only got 3 explicit pRon shots posted on the 2 boards. Very embarassing, but not Invision's fault of course. 'Tis the way of the intermaweb these days unfortunately.

Link to comment
Share on other sites

It never occurred to me to delete the existing fonts and backgrounds so I've just done that. Actually it makes sense, if they could read the old ones, why keep 'em?



I have 2 boards and despite about 40 bots registering today (prior to the patch), I only got 3 explicit pRon shots posted on the 2 boards. Very embarassing, but not Invision's fault of course. 'Tis the way of the intermaweb these days unfortunately.


use this ;) i have tested and stop all, for the momento :)
http://resources.invisionpower.com/index.p...mp;article=6104
bye bye

Whiroph
Link to comment
Share on other sites

I too had the the JellyDreamas bot register on the same date which has caused me to be on the look out for the bloody things. Nothing stays secure for tool long these days does it? I've since had a number of bots get through, so yes I too agree the anti-spam Captcha now needs updating. This is why I like the idea of Recaptcha, when it gets circumvented, they update it without you having to update your site and mess your skins up!



So for now, I've gone back to the tried and trusted Anti-Spam Question custom profile field technique, which worked 100% in the past for me. I tried to find it again in the articles but in the end I did it on my own using a similar

tutorial

in the resources section that requires numbers entering.



Anyway, navigate your way here...



[i]Admin CP > Management > Users And Groups > Custom Profile Fields > Add New >[/i]



And enter the following information...



[b]Field title[/b] > Anti-Spam Check Question


[b]


Description[/b] > Is snow hot or cold? (Answer in lower case)


[b]


Field Type[/b] > Text Input



[b]Maximum Input[/b] > 100


[b]


Display order[/b] > 1


[b]


Expected Input[/b] > cold



[b]Include on registration page?[/b] > Yes


[b]


Field must be completed?[/b] > Yes



[b]Can be edited by member? [/b]> No



[b]Make private profile field?[/b] > Yes



[b]Admin and moderator editable only[/b]> Yes



I also recommend testing it to make sure it works but I have had no issues with this at all. When I entered anything other than the required answer, the board knocked me back.


I saw for any one still having issues use this, it works wonderfully.
Link to comment
Share on other sites

ok weird, your site must be really popular or some thing.
I got 2 spam bots today one just after the announcement of the fix and then one after I installed the fix.
The second one did not post but had the same video in their siggy.
I do not allow adult content and both bots had adult videos in the siggies.

Link to comment
Share on other sites

My problem isn't bots, but actual spammers. (well unless by chance all of these registrations today are bots who post spam links. But I assume it's a real person, probably from this site). I think something needs to be put into place to not allow registrations from the same IP address for x minutes. Allowing only 1 account per IP is not a good idea, but at least limiting how quickly the same IP can regiter would help a tiny bit.

Link to comment
Share on other sites

so, I am done, everything is fixed. I tried to register so I see what has changed...below is a screenshot of the registration process.


post-117836-1222904005_thumb.jpg

Does everything looks ok?


yay glad to hear it is fixed.

Oh and about what some one else said about it being a real person.
That is possible I have come across sites that pay you to spam links on forums. They were showing it on one of those webmaster sites I think it was adminzone but it might have been a different one.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...