PDA

View Full Version : I Must Have Peed Someone Off??



Delta12
02-04-2014, 12:27 AM
I thought I'd share this as it is quite funny however the only reasonable explanation for it is that I must have peed someone off somewhere?

Between today and yesterday I have received over a 150 new members to my Brand Wallpaper site and it is still rising. Jackpot I thought at first however after investigation I noticed that EVERY new member has a website URL.

My guess is that a link to my site has been placed somewhere in a forum that obviously encourage users to sign up as they will get a back-link in the process. The reason I'm thinking this is because I have a MOD in place that shows a country flag next to users (they are all different) in admin panel and there is Last Active date which means they all have valid e-mails. All of them also filled out the "about" and "interests" fields.

Here is an example of 1

Location: Johnstown

About: I'm Louella and I live in Johnstown.
I'm interested in Engineering, Scrapbooking and Russian art. I like to travel and watching Modern Family.

Interests: Scrapbooking

Website: http://****************



HOWEVER they all wasted their time!!!! :) My members list can only been seen if you are a registered member hence why I think they register and SECONDLY although my sign-up form allows you to specify your website URL it does not display it under your profile - I have set it up like that in the beginning so that URLs specified is for my viewing ONLY.

I must say, I'll leave it and won't delete them, it sure does make my site look very popular not to mention the flood of traffic I'm receiving but know this they are wasting their time as their links are NOT visible.

If you perhaps know who is behind this, please do me a favor and tell them that I say thanks for the traffic and for making my site look more popular! I hope to reach a 1000 members by the end of the week...lol

Bad Wolf
02-04-2014, 05:35 AM
I get alot of that on my arcades. So, just to be a dick I removed the site URL include on the profile pages too - on a few sites anyway. They sign up, add their link n go. I get a new member and they dont get sh*t lol. I do wish they stick around and play a couple of games tho.

WhyMe
02-04-2014, 07:24 AM
Been getting the same thing the last few days Delta so your not alone. I have it set to email verification and half of them verified. The other half were throw away email addresses, lol. I just deleted the verified ones as I haven't made it so they cant put website in profile, yet.

Delta12
02-04-2014, 08:10 AM
Been getting the same thing the last few days Delta so your not alone. I have it set to email verification and half of them verified. The other half were throw away email addresses, lol. I just deleted the verified ones as I haven't made it so they cant put website in profile, yet.

Mine allows them to put website in profile however it does not display their URL in profile, only I can see the URL in admin :) When I first started out with WSS I had these measures put in place by the "The One". God I miss the code master! Shame he is not around much anymore :)

Jayw
02-04-2014, 10:20 AM
Are they all genuine people? Because if a lot of you are getting the same thing, then maybe its a spam bot that's been built? If they are genuine then great it's good to hear. If not then, that's a real shame.

Delta12
02-04-2014, 11:30 AM
Are they all genuine people? Because if a lot of you are getting the same thing, then maybe its a spam bot that's been built? If they are genuine then great it's good to hear. If not then, that's a real shame.

Mystical suggested in a PM earlier that it may be a bot however I'm not entirely convinced yet as they all confirmed their e-mails. If it is a Bot then I'll be dammed - they are getting too clever now!

WhyMe
02-04-2014, 06:57 PM
Don't think they are genuine as some of them come from the same ip and list the same site in the website fields. I took and removed the website field from users profile, lets see how they like that. Better than me spending time deleting them and like Delta said, makes the site look more popular, lol. Thanks for the idea :).

iMage
02-04-2014, 06:57 PM
there is a bot that can actually do that, there are a couple diffrent apps that can take care of things like that for you, and in the event its a forum or something it even has teh ability to make posts as well if the person using the script is familiar with the posting template of the forum software. I believe its called Themaposter or something to that effect, i have seen people post about it on some other forums i have been a long standing member at, i have never used it myself though so its kinda hard to say if it would work on WSS

Delta12
02-04-2014, 07:20 PM
Don't think they are genuine as some of them come from the same ip and list the same site in the website fields. I took and removed the website field from users profile, lets see how they like that. Better than me spending time deleting them and like Delta said, makes the site look more popular, lol. Thanks for the idea :).

Leave the field where they fill in the URL when registering, remove the field where the URL displays in profile after they registered :) If it is a bot then I guess they will never know but if it is a spammer he will soon notice that he wasted his time after he logged in for the first time :)

@iMage -the only bot I know of that is capable of it is SEnuke, it even fills in CAPTCHA, post and spin articles not to mention that it auto register fake e-mail accounts and much more however I don't think the average person can afford to run SEnuke unless he is planning on making a living out of spamming

WhyMe
02-04-2014, 10:35 PM
Leave the field where they fill in the URL when registering, remove the field where the URL displays in profile after they registered :) If it is a bot then I guess they will never know but if it is a spammer he will soon notice that he wasted his time after he logged in for the first time :) Thats what I did, only removed it from profile. They can still list it during registration but it's never seen on profile, love it. Since my last post i have had 1 more sign up, lol. I'm also keeping an eye on the comment counts too so I can see if they try that approach.

iMage
02-04-2014, 11:05 PM
@ Delta, themaposter and there used to be another one i cant think of the name of were coded by noobie coders for the warez scene to register and post to 100s of blogs,forums etc all in one click. Im not sure if these are still avail, but the developer of them i know personally, well on the internet by their alias anyway, neither are involved in Warez anymore, but the apps/scripts are still floating around out there and being used. Warez kiddies were earning alot of money from paid filehosts which is why these were such valuable tools to some people. And the tools were sold VERY cheap as well, i think like $10 or something like that

Delta12
02-05-2014, 09:02 AM
Thats what I did, only removed it from profile. They can still list it during registration but it's never seen on profile, love it. Since my last post i have had 1 more sign up, lol. I'm also keeping an eye on the comment counts too so I can see if they try that approach.

Great! :) As for the comments, they definitely take chances there as well - replace your comments system with http://intensedebate.com

Check my comments to see it in action :) This allows you to moderate your comments. For every comment placed you are sent an e-mail, after log-in you can then manually change the comment e.g. remove the URL and then place the comment.

I get comments like "I really like this wallpaper, it awesome but also check this one out www.***** (http://www.*****) "

I simply remove "but also check this one out www.***** (http://www.*****) " :)



@ iMage - I'm behind the times then! :) Personally I'll just let them get on with it. Allow them to register with their URL and allow them to comment with their URL and let them find out afterwards that they wasted their time. In return I get a site that looks more popular than it is...lol

Delta12
02-09-2014, 08:21 AM
I just noticed that some F***ERS can't be stopped! They are adding their link now to the "Interests" section, so to avoid the profiles looking messy I have restored the URL showing in profiles HOWEVER I added "target="_blank" rel="nofollow" to the links so that I don't loose the visitor when a link is clicked and secondly that crawlers don't follow the links which results in me sharing PR juice.

To do this I simply went into /includes/profile/profile_main.inc.php

and changed


else {
$profile['website_link'] = '<a href="'.$row['website'].'">'.$row['website'].'</a>';
}

to


else {
$profile['website_link'] = '<a href="'.$row['website'].'"target="_blank" rel="nofollow">'.$row['website'].'</a>';
}


I will keep my brand wallpaper site to NOT display URLs in profiles until the problem starts there as well :)

mystical
02-10-2014, 04:44 PM
I took the easy way out. I just made it so you can't sign up. Problem solved. There is not too much point in having any members to begin with. I have had a wallpaper site for over a year now and only had one person signup who actually contributed anything. The one person that signed up and added wallpapers did the following....he added wallpapers with tons of links to his sites inside the properties of the image and inside the exif information for the image. Unless you are willing to check each and every submitted wallpaper one by one then you are fighting a losing battle and giving someone else free advertising. Sad but true. So for me I have a big FU to the spammers and finally a little piece of mind. :p

mystical
02-10-2014, 04:50 PM
Delta - Your no follow links may not pass link juice but will still get crawled by search engines.
An interesting read : http://www.socialseo.com/blog/an-experiment-nofollow-links-do-pass-value-and-rankings-in-google.html

Delta12
02-10-2014, 06:45 PM
Delta - Your no follow links may not pass link juice but will still get crawled by search engines.
An interesting read : http://www.socialseo.com/blog/an-experiment-nofollow-links-do-pass-value-and-rankings-in-google.html

Very interesting article indeed however unfortunately it was posted in 2010 :( A lot has happened since 2010 regarding Google's algorithm and a full history of this can be seen here (http://moz.com/google-algorithm-change). Here is a more recent article by the master Matt Cutts himself :) http://googlewebmastercentral.blogspot.co.uk/2013/02/a-reminder-about-selling-links.html

Juegos Gratis
02-17-2014, 12:47 PM
2 of my sites were attacked, one got 3,670 spam registered users in 14 days (started on January 31 2014), the other one 15 in one day (February 16 2014), I'm using AV Arcade (games script) with no Forums on both sites.

Seams like its an spam bot because its using the same "template":


All user names starts with an "Upper Case" followed by "Letters" and ends with "Upper Cases or Numbers" or a combination of them.
All fields are filled up the "Location and About" and the "Website" has errors in some cases such as: http://https://www.youtube.... and some of them are Pharmaceutical, Gyms, Spas, Sex Shops, Blogs Sites also several Youtube videos.
On Admin Panel / Users / Online Users I saw 2 or 3 users online at a time every 10 minutes or so.


I had non of the captchas enabled so after noticed the attack I enabled the reCAPTCHA on the most affected site and the spam stopped for a while then started again so I enabled the Q&A captcha and so far its stopped, on the less affected site I enabled the reCAPTCHA only and so far the spam registrations have stopped.

On the Google Analytics I noticed the "traffic" increased in 2,500 visitors/day on both sites and slow down the sites.
On Google AdSense the CPC went down in 25% since the attack started but the CTR has not been affected same for the "Page Views" no big changes.

If the spam continues I'm thinking on "Temporarily Remove" the Login/Registration page (displaying a blank page) until the bot "gets tired" any better Ideas?

Thank you.

Delta12
02-17-2014, 01:26 PM
Try this in your .htaccess http://stackoverflow.com/questions/20164696/how-to-block-spam-and-spam-bots-for-good-with-htaccess

I have not tried it myself yet so feedback would be appreciated once tested :)

Juegos Gratis
02-17-2014, 03:20 PM
Try this in your .htaccess http://stackoverflow.com/questions/20164696/how-to-block-spam-and-spam-bots-for-good-with-htaccess

I have not tried it myself yet so feedback would be appreciated once tested :)
Delta12 I'm already blocking several "bad bots" via .htaccess file and noticed that its slowing down the sites but thank you very much for your recommendation, I'm still thinking on display a blank login/registration page if the bot continues.

Note: Something strange its happening on Google Analitycs, suddenly its displaying 3,000 more visitors/day and after a while goes back to normal, I think this is when the bot its on, you can see on the images attached, this is why I do prefer to remove the login/registration page in order to avoid more problems.
Shity bot really!!!

1862

1863

Delta12
02-17-2014, 03:29 PM
Delta12 I'm already blocking several "bad bots" via .htaccess file and noticed that its slowing down the sites but thank you very much for your recommendation, I'm still thinking on display a blank login/registration page if the bot continues.

Note: Something strange its happening on Google Analitycs, suddenly its displaying 3,000 more visitors/day and after a while goes back to normal, I think this is when the bot its on, you can see on the images attached, this is why I do prefer to remove the login/registration page in order to avoid more problems.
Shity bot really!!!

1862

1863


HOLY SHI*!! That traffic would have been absolutely awesome if it was real! Shame one can't redirect it via your ad network's "mobile redirects" to earn from it...lol

Is there any way you can see from your logs which bot it is? I looked at mine and was unable to tell as all the "members" has different IPs which makes it VERY hard to tell which is real and which is bot

Juegos Gratis
02-17-2014, 04:53 PM
Is there any way you can see from your logs which bot it is? I looked at mine and was unable to tell as all the "members" has different IPs which makes it VERY hard to tell which is real and which is bot
Same thing, its using different ip's and have no logs at all, everything looks normal, in G.A. there is not even a suspicious country only there are 150 visits to the "Login Page" that Sunday, the only strange thing its the "Graphic its on and off" from displaying 3,000 more visitors to "back to normal".

By now I have both catpchas enabled and set a "Dummy" answer (numbers/characters/letters) into the Q&A captcha in order to make it harder for the bot to "guess" it, lets see what will happen, it's a shame to lose genuine registrations but what to do? This bot its a real pain in the a...!!! :D

1864

1865

Delta12
02-17-2014, 05:31 PM
Keep me updated on the results :)

mystical
02-17-2014, 08:22 PM
Most up to date list.

http://www.gforceinternet.co.uk/2013/01/blocking-bad-bots-scrapers-site-rippers-aka-offline-browsers-htaccess/

You are going to have many, many more bots to add to the list as time goes by. Getting rid of the useless registration will help immensely. You will find that most sign-ups are bot or spammers. Don't leave your registration page blank. Just put an image like I did or text telling people that registrations have been disabled. Do a Google search for current offline browsers (these steal all of your content at once and stress your server) and add each one to the block list that isn't already on it. Good luck.

1866

Update: This is what offline browsers can do to your site. Your CPU usage will go through the roof. Hosts do not like this! Check your logs daily! Block rinse and repeat.

In the above case it was this ip 178.137.230.7 and this user agent WebMoney Advisor
Block the ip and the user agent. There are tons of offline browsers and spam bots that will attack your sites. Be diligent and check your logs!

Delta12
02-17-2014, 08:47 PM
Thanks for the share mate! :)

Delta12
02-17-2014, 09:02 PM
Quoted from below link

A Better Way to Stop the Bots

A better approach to stop these annoying bots from successfully submitting your forms is to trick them into revealing themselves. Bots are programmed to fill in all the fields in a form and submit it. This can be used against them. If we hide certain fields using CSS or other methods regular humans will not be able to fill out these fields. Bots still see these fields and diligently fill them out, thus indicating to us they are bots. We can test for the existence of data in these honeypot fields and if detected reject the submission. Good thing bots are stupid. "

http://riserinteractive.com/stop-form-spam-without-captcha-or-quizzes/

We need a MOD like this!! Can anyone come up with something like this?

Bad Wolf
02-18-2014, 01:14 PM
Quoted from below link

A Better Way to Stop the Bots

A better approach to stop these annoying bots from successfully submitting your forms is to trick them into revealing themselves. Bots are programmed to fill in all the fields in a form and submit it. This can be used against them. If we hide certain fields using CSS or other methods regular humans will not be able to fill out these fields. Bots still see these fields and diligently fill them out, thus indicating to us they are bots. We can test for the existence of data in these honeypot fields and if detected reject the submission. Good thing bots are stupid. "

http://riserinteractive.com/stop-form-spam-without-captcha-or-quizzes/

We need a MOD like this!! Can anyone come up with something like this?

There use to be a fellow named M.A.R.K. around here long time ago. He had a mod exactly like that with the hidden fields. I have no idea where it is or what it was called but its possibly in the OLD mods list that he published - not even sure how to locate that right off. Its been a long time. Anyway we do have that mod. Im sure it will need some updating.

Delta12
02-18-2014, 01:44 PM
There use to be a fellow named M.A.R.K. around here long time ago. He had a mod exactly like that with the hidden fields. I have no idea where it is or what it was called but its possibly in the OLD mods list that he published - not even sure how to locate that right off. Its been a long time. Anyway we do have that mod. Im sure it will need some updating.

I had a little play with it last night by editing /includes/forms/register_form.php - I thought I had it working...to test it I removed below from my CSS so that the field was actually visible and then I simply registered and filled in the hidden field with the hope that it would die("You are a bot!"); and not allow registration however it still allowed me to register which states the obvious once again...I can't code to save my own life...lol


.honeypot {
display: none;
}

I believe if someone can implement this on the existing register_form.php then all problems would be cured! This method makes perfect sense, bots are programmed to fill out all fields and when they do fill out the hidden field then BOOM...Registration Fails!

mystical
02-19-2014, 06:11 PM
I had a little play with it last night by editing /includes/forms/register_form.php - I thought I had it working...to test it I removed below from my CSS so that the field was actually visible and then I simply registered and filled in the hidden field with the hope that it would die("You are a bot!"); and not allow registration however it still allowed me to register which states the obvious once again...I can't code to save my own life...lol


.honeypot {
display: none;
}

I believe if someone can implement this on the existing register_form.php then all problems would be cured! This method makes perfect sense, bots are programmed to fill out all fields and when they do fill out the hidden field then BOOM...Registration Fails!

The honeypot method is only going to stop simple bots. Bots evolve every day and will find a way to sign up no matter what you do. Real people can also sign up and put spam in the sign up fields. You can then block their ip but in a matter of seconds they can come right back with a proxy and do it all over again. You are trying to fight a losing battle. Just my opinion.

Delta12
02-19-2014, 07:51 PM
The honeypot method is only going to stop simple bots. Bots evolve every day and will find a way to sign up no matter what you do. Real people can also sign up and put spam in the sign up fields. You can then block their ip but in a matter of seconds they can come right back with a proxy and do it all over again. You are trying to fight a losing battle. Just my opinion.

I think the last time you warned me about something I was ignorant :) I have learned a very valuable lesson, I think this time round I'm going to take your advice :)

The One
03-02-2014, 02:39 PM
Been looking into this a bit but you can stop the fake registrations for now with a temp fix as no doubt it wont last long..

open register.php

replace all with



<?php

if (isset($template['register_form'])) {
$register_form = '.'.$setting['template_url'].'/'.$template['register_form'];
}
else {
$register_form = 'includes/forms/register_form.php';
}

if (isset($_GET['done'])) {
// Include reCaptcha
if ($setting['use_captcha'] == 1) {
require_once('includes/misc/recaptchalib.php');
$resp = recaptcha_check_answer ($setting['captcha_privkey'],
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
$captcha_success = 1;
}
else {
$captcha_success = 0;
}
}
else {
$captcha_success = 1;
}
if ($setting['use_qa_captcha'] == 1) {
$user_answer = secure(strtolower($_POST["qa_captcha_answer"]));
$formatted_answers = str_replace(", ", ",", strtolower($setting['qa_captcha_answers']));

$answers = explode(',', $formatted_answers);
foreach ($answers as $answer) {
if ($answer == $user_answer) {
$qa_captcha_success = 1;
}
}

if (!isset($qa_captcha_success)) {
$qa_captcha_success = 0;
}
}
else {
$qa_captcha_success = 1;
}

// Get form data & secure where needed
$username = mysql_secure($_POST['username1']);
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = mysql_secure($_POST['email1']);

$username_valid = preg_match('/^[A-Za-z ][A-Za-z0-9 ]*(?:_[A-Za-z0-9 ]+)*$/', $_POST['username1']);

// Check if all sections were submitted and display correct error
if ((!$username) || (!$email) || (!$password) || (!$password2) || ($password != $password2) || ($captcha_success == 0) || ($qa_captcha_success == 0) || ($username_valid == false)) {
echo '<div id="error_message">'.REG_ERROR1.':<br />';
if ((!$username) || ($username_valid == false)) {
echo REG_ERROR2."<br />";
}
if (!$email) {
echo REG_ERROR8."<br />";
}
if (!$password) {
echo REG_ERROR3."<br />";
}
if ($password != $password2) {
echo REG_ERROR4."<br />";
}
if ((isset($captcha_success) && $captcha_success == 0) || (isset($qa_captcha_success) && $qa_captcha_success == 0)) {
echo 'Incorrect answer on captcha';
}
echo '</div>';
include $register_form;
}
else {
// Is username in use?
$sql_username_check = mysql_query("SELECT username FROM wss_users WHERE username='$username'");
$username_check = mysql_num_rows($sql_username_check);
// Is email in use?
$sql_email_check = mysql_query("SELECT email FROM wss_users WHERE email='$email'");
$email_check = mysql_num_rows($sql_email_check);

// Email or username is in use
if (($email_check > 0) || ($username_check > 0)) {
echo '<div id="error_message">'.REG_ERROR6.':<br />';
if ($email_check > 0) {
echo REG_ERROR5."<br />";
}
if ($username_check > 0) {
echo REG_ERROR7."<br />";
}
echo '</div>';
include $register_form;
}
// No errors, proceed
else {
$passwordpro = md5($password);
$username = htmlspecialchars($username);
$date = time();

if (isset($_COOKIE['wss_ref'])) {
$referrer = intval($_COOKIE['wss_ref']);
}
else {
$referrer = 0;
}
$seo_url = seoname($username);
$user_ip = mysql_secure($_SERVER['REMOTE_ADDR']);
// If email validation is off, instantly activate the account
if ($setting['email_on'] == 0) {
$sql = mysql_query("INSERT INTO wss_users (username, password, email, activate, joined, referrer, lastip, seo_url)
VALUES('$username', '$passwordpro', '$email', '1', '$date', $referrer, '$user_ip', '$seo_url')") or die (mysql_error());
$new_user = mysql_insert_id();
if (isset($_COOKIE['wss_ref'])) {
$date = time();
$profile_url = ProfileUrl($new_user, seoname($username));
mysql_query("INSERT INTO wss_messages (user_id, sender_id, sender_name, title, message, date)
VALUES ('$referrer', '$new_user', '$username', '$username ".REF_PM_TITLE." $setting[site_name]', '$username ".REF_PM_MESSAGE.": <a href=\"$profile_url\">$profile_url</a>', '$date')");
}
echo VALIDATED;
}
// Email validation is on: create account and send validation email
else {
$sql = mysql_query("INSERT INTO wss_users (username, password, email, joined, referrer, lastip, seo_url)
VALUES('$username', '$passwordpro', '$email', '$date', $referrer, '$user_ip', '$seo_url')") or die (mysql_error());

$userid = mysql_insert_id();
$data = array('email_address' => $email, 'to_username' => $username, 'subject' => EMAIL_REGISTER_HEADER.' '.$username, 'send_email' => 1);
$data['validate_url'] = $setting['site_url'].'/index.php?task=validate&id='.$userid.'&code='.$passwordpro;

SendEmail($data, 'validate_email');


echo EMAIL4; // Email sent message
}
}
}
}
else {
include $register_form;
}
?>



open includes/forms/register_form.php

replace all with



<?php
$c_answer = '';
if (isset($_POST['username1'])) {
$username = secure($_POST['username1']);
$email = secure($_POST['email1']);
if (isset($_POST['qa_captcha_answer']))
$c_answer = secure($_POST['qa_captcha_answer']);
}
else {
$username = '';
$email = '';
}
?>

<form method="post" action="<?php echo $setting['site_url'];?>/index.php?task=register&amp;done=1">
<div class="register_form">
<?php echo REGISTER_USERNAME;?><br />
<input name="username1" type="text" class="form_textbox" maxlength="30" value="<?php echo $username;?>" /><br /><br />

<?php echo REGISTER_EMAIL;?><br />
<input name="email1" type="text" class="form_textbox" value="<?php echo $email;?>" /><br /><br />

<?php echo REGISTER_PASSWORD;?> <br />
<input name="password" type="password" class="form_textbox" /><br /><br />

<?php echo REGISTER_PASSWORD2;?><br />
<input name="password2" type="password" class="form_textbox" /><br /><br />

<?php
if ($setting['use_captcha'] == 1) {
require_once('includes/misc/recaptchalib.php');
echo recaptcha_get_html($setting['captcha_pubkey']);
}
?>

<?php
if ($setting['use_qa_captcha'] == 1) {
echo $setting['qa_captcha_question'];
echo '<br /><input name="qa_captcha_answer" type="text" class="form_textbox" value="'.$c_answer.'" /><br /><br />';
}
?>
<br />

<input type="submit" name="Submit" value="<?php echo REGISTER_BUTTON; ?>" class="register_button" />
</div>
</form>


Tested on wss 121 and it seems to be a bot that scrapes content checking the html markup so it can do its thing.

Edit:

Cleaned up my site

run this mysql query to delete non activated user signups


delete from wss_users where activate ='';

now go to members list and not where the spam started date wise. You cant miss it or even better still do you remember how many users you had then check this info via phpmyadmin to find the id of the first spam registration.

Mine was id 74 so I ran this query


delete from wss_users where id >=74

Dont forget to backup your database ;)

Delta12
03-02-2014, 04:17 PM
Thanks a million!! Glad to have you back! :) I'm only testing it on my 1 site for now. I emptied my entire users table, shame to loose the real members however I'm not going to go through a 1200 members to see who is fake and who's not so time will tell if this method works as I'm down to 1 member and that's me :)

I missed your edit! I just cleared ALL my users :(

The One
03-02-2014, 04:26 PM
Thanks a million!! Glad to have you back! :) I'm only testing it on my 1 site for now. I emptied my entire users table, shame to loose the real members however I'm not going to go through a 1200 members to see who is fake and who's not so time will tell if this method works as I'm down to 1 member and that's me :)

I missed your edit! I just cleared ALL my users :(

Damn on missing edit ;/

Let me know how your test goes.

Delta12
03-02-2014, 04:30 PM
Damn on missing edit ;/

Let me know how your test goes.

No problem at all, S*** Happens! Nevertheless test will be easier now as any member more that the current 1 will be under the magnifying glass :)

Delta12
03-08-2014, 07:52 PM
It's been a week and I can now confirm that the MOD provided by "The One" is working!! Not a single BOT signup since I've implemented the MOD and I use to get between 20-30 a day.

Thanks a million The One! :)

hiper17
03-12-2014, 06:50 PM
Haha nice one, thats jokes. http://www.voidspace.org.uk/python/rest2web/images/smilies/smile.gif

mystical
03-14-2014, 05:02 PM
Haha nice one, thats jokes. http://www.voidspace.org.uk/python/rest2web/images/smilies/smile.gif

What? I must of missed the joke. :)

Delta12
03-14-2014, 07:46 PM
What? I must of missed the joke. :)

A spammer with a different technique! Does a few posts first before he includes his link in his signature - they make me sick! :mad:

7after9
04-15-2014, 04:30 PM
When you say "run this mysql query to delete non activated user signups", what does that mean? Where do I put that code?

I just completely dropped out of the SERPS and I'm freaking out a bit.
Thanks for your help.

bariskoban
01-17-2015, 06:05 PM
Dear all please find a solution bot attack(server loading and mail reply over loaded on host site) is still continuing on my av arcade website evenif the new latest av script AV Arcade 5.8 I use.

any way to prevent that kind of attacks???:(