lauram340 Posted October 2, 2008 Share Posted October 2, 2008 can someone help by telling me how i block IP address's? xx Link to comment Share on other sites More sharing options...
Keith J. Kacin Posted October 2, 2008 Share Posted October 2, 2008 We are continuing to develop methods of reducing the amount of spam received. In addition to our recent spam prevention improvements ( http://forums.invisionpower.com/index.php?showtopic=277539 ), we are working on an update to IP.Board 2.3.6. This will include better spam protection provided by reCAPTCHA ( http://recaptcha.net/ ). The update should be released later today. Please keep an eye out for a newsletter and a bulletin in your Admin CP for when it is released. You can also subscribe to this forum:http://forums.invisionpower.com/index.php?showforum=1 What we will need for you... We will need you to visit the reCAPTCHA site linked above. From there, sign up for a free account by clicking "Get reCAPTCHA". Once signed up, you will be presented with a Private and Public Key. Please keep these keys handy, as once you upgrade to IP.Board 2.3.6, you will need to enter them in your Admin CP in order to make use of reCAPTCHA. Thank you for your understanding with this matter. Link to comment Share on other sites More sharing options...
Midnightmadness Posted October 2, 2008 Share Posted October 2, 2008 Done and Done Thanks Keith! Link to comment Share on other sites More sharing options...
Energizer Posted October 2, 2008 Share Posted October 2, 2008 .....we are working on an update to IP.Board 2.3.6. This will include better spam protection... Is there ever a safety for the problem with spam? I fear they will find a way to always adapt. It is only a matter of time. :unsure: Link to comment Share on other sites More sharing options...
Management Charles Posted October 2, 2008 Management Share Posted October 2, 2008 Yes the spam prevention will always be bypassed - email is a testament to that. The good thing about reCaptcha is that they can push updates remotely if their system is bypassed to address the issue. Link to comment Share on other sites More sharing options...
AtariAge Posted October 2, 2008 Share Posted October 2, 2008 We will need you to visit the reCAPTCHA site linked above. From there, sign up for a free account by clicking "Get reCAPTCHA". Once signed up, you will be presented with a Private and Public Key. Please keep these keys handy, as once you upgrade to IP.Board 2.3.6, you will need to enter them in your Admin CP in order to make use of reCAPTCHA. Thank you for your understanding with this matter. This is great, as I'm already using reCAPTCHA on several other non-forum related pages on my site, so this will fit in nicely..http://www.atariage.com/contact.php ..Al Link to comment Share on other sites More sharing options...
Energizer Posted October 2, 2008 Share Posted October 2, 2008 When they can vBulletin the difficulty of the graphics for Spam Protection freely choose. But I do not believe that it is therefore safer. :rolleyes: Link to comment Share on other sites More sharing options...
desti Posted October 2, 2008 Share Posted October 2, 2008 Exactly! The register.php code already used the new method of generating the numbers in the image but xmlout.php didn't. This meant all spammers had to do was load the page and then re-load the image to get the easier-to-crack image. Spammers simulate mouse click?? How he call JS -> init_gd_image()? Link to comment Share on other sites More sharing options...
Keith J. Kacin Posted October 2, 2008 Share Posted October 2, 2008 Spammers simulate mouse click?? How he call JS -> init_gd_image()? I think if they are able to read images, they can manage to simulate a mouse click. Link to comment Share on other sites More sharing options...
henke37 Posted October 2, 2008 Share Posted October 2, 2008 Yeah, because the spamers most definitely doesn't create a program that works on a lower level and goes directly for the action urls. Link to comment Share on other sites More sharing options...
desti Posted October 2, 2008 Share Posted October 2, 2008 I'm add simple code to xmlout.php and create table ibf_xmlout_log.. extract($_SERVER); $text = "->".$REQUEST_METHOD." ".$REQUEST_URI." ".$HTTP_REFERER." ".$HTTP_USER_AGENT."<-"; $this->ipsclass->DB->do_insert( 'xmlout_log', array( 'ip' => $REMOTE_ADDR, 'data' => $text)); forum under attack... Link to comment Share on other sites More sharing options...
_ALwarrior_ Posted October 2, 2008 Share Posted October 2, 2008 I have tried this patch and appear to work! Thanks Invision Staff!!! Link to comment Share on other sites More sharing options...
Nervosa Posted October 2, 2008 Share Posted October 2, 2008 Some of the new backgrounds and font colors I feel blend in to much and may detour new users in registering. Is there anyway to maybe change it up a bit, color blind users will have a hell of a time registering. Link to comment Share on other sites More sharing options...
bfarber Posted October 2, 2008 Share Posted October 2, 2008 Some of the new backgrounds and font colors I feel blend in to much and may detour new users in registering. Is there anyway to maybe change it up a bit, color blind users will have a hell of a time registering. You can upload your own images and fonts to style_captcha/captcha_backgrounds and captcha_fonts Link to comment Share on other sites More sharing options...
Brett B Posted October 2, 2008 Share Posted October 2, 2008 You can upload your own images and fonts to style_captcha/captcha_backgrounds and captcha_fonts Same here Nervosa. Will uploading custom images and fonts make it easier for bots to register? Link to comment Share on other sites More sharing options...
NickTheGreek Posted October 2, 2008 Share Posted October 2, 2008 I'm add simple code to xmlout.php and create table ibf_xmlout_log.. extract($_SERVER); $text = "->".$REQUEST_METHOD." ".$REQUEST_URI." ".$HTTP_REFERER." ".$HTTP_USER_AGENT."<-"; $this->ipsclass->DB->do_insert( 'xmlout_log', array( 'ip' => $REMOTE_ADDR, 'data' => $text)); forum under attack... useful, could this be integrated to ACP so we could check on all those logs generated upon registration ? Link to comment Share on other sites More sharing options...
Cool Surfer Posted October 3, 2008 Share Posted October 3, 2008 yes, seems a nice idea. We can track which ip is doing it. Link to comment Share on other sites More sharing options...
desti Posted October 3, 2008 Share Posted October 3, 2008 No records in in xmlout_log table.. Bots don't reload images!? o:)useful, could this be integrated to ACP In normal forum conditions (no bot attack) it may be userfull for check captcha readability. Link to comment Share on other sites More sharing options...
Ozziedoggers Posted October 3, 2008 Share Posted October 3, 2008 You can upload your own images and fonts to style_captcha/captcha_backgrounds and captcha_fonts Has anyone done this? i have updated the fonts/images but on trying to read them im having a hard time, never mind some of the simpletons we get on the forum trying to read them :lol: would be ever grateful if someone got some custom ones they would be willing to share, drop me a PM or maybe for ease of everyone link it here Link to comment Share on other sites More sharing options...
Twisted Gamer Posted October 3, 2008 Share Posted October 3, 2008 All Of You That Are Complaining Your Custom Profile Fields Are Having No Effect On Bots Are not listening to what your being told. I have looked at each and every one that has complained so far (that linked there website) and none of your custom fields require and "EXACT" input. You just check to see if its a number or letters or don't check it at all (most of them). That defeats the purpose of an Anti Bot Field. You need to follow the suggestion exactly to the letter. This article in the Resource site spells it out just like it's been spelled out here in these forums several times already.http://resources.invisionpower.com/index.p...mp;article=6104 If you look for exact input and not "nnn" or "aaaa" or some combination then the script bots can not get past the registration page. I have not had any script bot registrations since putting an anti bot profile field on the registration page over a year ago. I get scanned by bots daily. And none have ever made it past. This method will not stop human spammers. Only admin validation will make a dent in those and even then if they use unique names you'll have a hard time catching them till they spam. Link to comment Share on other sites More sharing options...
desti Posted October 3, 2008 Share Posted October 3, 2008 Mail validation - Remove direct link to validate. Bot use only direct link to validation page and can't compile it from text. Edit cache/lang_cache/en/lang_mail_content.php (in $lang['reg_validate']) searchTo activate your account, simply click on the following link: <#THE_LINK#> (AOL Email users may need to copy and paste the link into your web browser). ------------------------------------------------ Not working? ------------------------------------------------ If you could not validate your registration by clicking on the link, please visit this page: replace to To activate your account, please visit this page: Link to comment Share on other sites More sharing options...
TCWT Posted October 3, 2008 Share Posted October 3, 2008 Thanks for adding recaptcha support. I know this is rare but what if their servers go down, could you code it so it'll load the standard captcha? Link to comment Share on other sites More sharing options...
media Posted October 3, 2008 Share Posted October 3, 2008 Thanks for adding recaptcha support. I know this is rare but what if their servers go down, could you code it so it'll load the standard captcha? That is the question that needs to be answered by ipb stuf??? Link to comment Share on other sites More sharing options...
TCWT Posted October 3, 2008 Share Posted October 3, 2008 :huh: Link to comment Share on other sites More sharing options...
desti Posted October 3, 2008 Share Posted October 3, 2008 That is the question that needs to be answered by ipb stuf??? It's normal question. reCaptcha server may be stopped or DDos-ed. Board engine must check it and switch to internal captcha. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.