Download: Stop Spammer Registration

[demoneyezer]

Thanks for this one. Awesome job mate ! :thumbsup:

[Cyrem]

Yeehar Another(minor) Update!

- If you get an API key from StopForumSpam you can now help fight spam by submitting your block records back to their database!
- Username records now show in email reports.
- Emails now correctly formatted for plain text viewing.
- Email will show if the incident was sent to StopForumSpam (provided you have this turned on).
- Emails now get sent by IPB's functions (mainly just improves standards, no real difference user side).
- Threat level in emails for ProjectHoneyPot will display as 'n/a' if it is turned off or 'Offline' if the API was down at the time.

More soon...

@demoneyezer, cheers!

Total of 310 spammer accounts(on my forum) blocked so far....

[JahLion]

Check a registrants Username and "Statistics" when that be coming

[Cyrem]

Check a registrants Username[color=#282828][font=helvetica, arial, sans-serif] and "[/font][/color]Statistics[color=#282828][font=helvetica, arial, sans-serif]" when that be coming[/font][/color]

Most likely for 1.3.0. Adding the username count in the emails was me starting to add it in. I didn't want to have to put data of the spammers blocked into the forum database, but it looks like I have to, to store the statistics. Oh well... shouldn't be too long.

[JahLion]

Most likely for 1.3.0. Adding the username count in the emails was me starting to add it in. I didn't want to have to put data of the spammers blocked into the forum database, but it looks like I have to, to store the statistics. Oh well... shouldn't be too long.

respect

[elefteris]

Hello , it seems that this hook works !

I have already the Forum Spammer IP & Email Check via stopforumspam .... but it doesnt seems to work .. on me .... i have always boots registering ( but not validating ) .... s othey remaining on validating list ...

This hook here do not permitt them even to register ? as someone told that it isnt very obvious thst the 2 hook could collaborate , i m planning of unistalling the previous hook and installing this one ..... whats your advice ?

[JahLion]

Hello , it seems that this hook works !

This hook here do not permitt them even to register ? as someone told that it isnt very obvious thst the 2 hook could collaborate , i m planning of unistalling the previous hook and installing this one ..... whats your advice ?

This one is way better so tired this one and you will see the effect it have with spammers,i found this hook more like a firewall (LOL) because those spammers don't have a chance to even sign up.

[Cyrem]

Hello , it seems that this hook works !

This hook here do not permitt them even to register ? as someone told that it isnt very obvious thst the 2 hook could collaborate , i m planning of unistalling the previous hook and installing this one ..... whats your advice ?

Yes, they can fill out the registration page, but when they submit their registration they are greeted with a 'GET OUT!' message instead :tongue:

If they get rejected by this hook, no accounts should be created as it is supposed to halt the registration process before it completes.

[MGBrose]

Cyrem, Donation sent, thanks for the excellent work. Updating to latest today!

Is anyone suspect that these are a spambot that targets some kind of Ipboard registrationflaw/hole? My spam increased by about 1000x percent in the last two weeks until I added this addon.

[Cyrem]

Cyrem, Donation sent, thanks for the excellent work. Updating to latest today!

Is anyone suspect that these are a spambot that targets some kind of Ipboard registrationflaw/hole? My spam increased by about 1000x percent in the last two weeks until I added this addon.

Muchly appreciated!

It would seem IPB forums are being hit with it. I noticed Jan 2011, vb forum owners were having problems with a flood of spam when bots cracked recaptcha. It may be the case here.

[MGBrose]

Wow so really interesting phenomena here. After this hook has blocked 200ish registrations over 2 days, the spam registrations completely stopped.

I'm betting that these are distributed spam attacks from some centralized source calling the shots (targeting ipboard sites, site by site), also during the attacks we were seeing way too many registrations for it to be all done manually (with some usernames being attempted to be made 5-6 times), so im guessing with captcha being cracked all someone had to do was make a script that particularly target Ipboards login/registration system.

Either way, this completely eradicated all of our spammers. Thanks again for all of your hard work, you've helped protect the IPboard community, I just hope everyone else finds this hook as quickly as I did.

[demoneyezer]

I installed the initial version a few days ago and all seemed to work very good as I had quite some spam accounts detected and blocked.

I upgraded to the latest version yesterday and so far a few were detected and also a couple slipped through the maze. These last accounts have been able to register but show up in the validation list. I'm pretty sure it concerns spam accounts as both username and email are a complete mix of unsaying characters.

I am using recaptcha and also the registration questions. Do the bots get more and more clever each day ... :cry:

[Cyrem]

I installed the initial version a few days ago and all seemed to work very good as I had quite some spam accounts detected and blocked.

I upgraded to the latest version yesterday and so far a few were detected and also a couple slipped through the maze. These last accounts have been able to register but show up in the validation list. I'm pretty sure it concerns spam accounts as both username and email are a complete mix of unsaying characters.

I am using recaptcha and also the registration questions. Do the bots get more and more clever each day ... :cry:

There is no real changes between the checks between the old and new versions. If they are using new details that have not been recorded in the SFS database, they will get through... however it is somewhat unlikely that you'd be the one to get hit first. What settings do you have regarding SFS checks? Would you be able to send me their details so I can figure out why they might have gotten through?

In the newest one I did start stripping html tags out of emails...because some seemed to get through with a tag... idk I can try turning that off in the next version and see if it does anything.

Thanks.

[demoneyezer]

PM'd you my details of the mod installation.

Funny thing is that one of the slipped through accounts has been blocked before 3 times when using the same nick, though using different email addresses. A very recent attempt of him using a previous blocked email address has been blocked once again now.

[Cyrem]

PM'd you my details of the mod installation.

Funny thing is that one of the slipped through accounts has been blocked before 3 times when using the same nick, though using different email addresses. A very recent attempt of him using a previous blocked email address has been blocked once again now.

Thanks for the information. It currently doesn't check usernames, however his IP should have come up if it was used before. I'll investigate none-the-less.

[demoneyezer]

I got 2 new cases a bit earlier today. I also send their details to you by PM ... ;)

[Bethanyrayne]

Hi, I installed this and spam registrations are still getting through despite their IP being SFS database when I check manually. I tried the other hook someone wrote for this and couldn't get that one working either. Any ideas?

I have it enabled and configured correctly but it doesn't seem to check.

[3DKiwi]

Hi, I installed this and spam registrations are still getting through despite their IP being SFS database when I check manually. I tried the other hook someone wrote for this and couldn't get that one working either. Any ideas?

I have it enabled and configured correctly but it doesn't seem to check.

Try this alternative mod. Works for me. I've used it for quite some time and does a great job of keeping my forums spam free.

3DKiwi

[JahLion]

Hi, I installed this and spam registrations are still getting through despite their IP being SFS database when I check manually. I tried the other hook someone wrote for this and couldn't get that one working either. Any ideas?

I have it enabled and configured correctly but it doesn't seem to check.

You've must be doing something wrong because since i install this hook,it send over 71 spammers that tried to access the site to SFS database and not one get to sign up it just keep blocking them and reporting them to SFS.

[• Jay •]

You've must be doing something wrong because since i install this hook,it send over 71 spammers that tried to access the site to SFS database and not one get to sign up it just keep blocking them and reporting them to SFS.

Same here. This hook works great for me.

It has already blocked 292 registration attempts at B4U.

[Bethanyrayne]

@3DKiwi Hi, I tried that with same result.

I know I'm doing something wrong, the question is what?

[Cyrem]

@3DKiwi Hi, I tried that with same result.

I know I'm doing something wrong, the question is what?

Make sure you have these settings (as this is what I'm using to test).

• Hook Enabled
• Stop Forum Spam Lookup Enabled
• Match Email or IP Address
• Min Email: 2
• Min IP: 2
• Project Honeypot Lookup Enabled
• (Make sure you put in a BL Key)
• Min Threat level: 10
• Email Reporting on
• (Put in your email address)
  

Do you have any other hooks the may change the registration process? Do you have anything in the whitelist? The next version I'm going to put in emails for reporting unsuccessfully calls to SFS/PH just in case there was problems connecting at the time of registration.

The other problem can be, is allow_url_fopen disabled in your php.ini? and if it is, does your server support cURL?

[JahLion]

Crazy man these spammers have so many IP'S at SFS database but they all getting block any way..

Registration Block

A user has been blocked from registering. Details regarding the registration attempt have been provided below.

Username: keroltjejh

IP Address: 31.178.7.2

Email Address: mejrkfj@wkime.pl

Username Records: 192 (StopForumSpam)

IP Records: 4228 (StopForumSpam)

Email Records: 255 (StopForumSpam)

Threat Level: 45 (ProjectHoneyPot)

User has been reported to StopForumSpam.

[Bethanyrayne]

Make sure you have these settings (as this is what I'm using to test).

• Hook Enabled
• Stop Forum Spam Lookup Enabled
• Match Email or IP Address
• Min Email: 2
• Min IP: 2
• Project Honeypot Lookup Enabled
• (Make sure you put in a BL Key)
• Min Threat level: 10
• Email Reporting on
• (Put in your email address)
  

Do you have any other hooks the may change the registration process? Do you have anything in the whitelist? The next version I'm going to put in emails for reporting unsuccessfully calls to SFS/PH just in case there was problems connecting at the time of registration.

The other problem can be, is [font=courier new,courier,monospace]allow_url_fopen [/font]disabled in your php.ini? and if it is, does your server support cURL?

allow_url_fopen disabled

cURL support enabled

cURL Information libcurl/7.18.2 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.8 libssh2/0.18

Everything else is as you state except Project Honeypot which is not enabled.

[Creaky]

I am getting an occasional error from this mod, doesnt stop it from working though.

[22-Jan-2012 15:19:12] PHP Warning:  substr_count() [<a href='function.substr-count'>function.substr-count</a>]: Empty substring in /home/MYDOMAIN/public_html/hooks/cstopspamreg_d084df24081d3d17601ee650e718448e.php on line 23