Page 2 of 2 FirstFirst 12
Results 21 to 39 of 39

Thread: I Must Have Peed Someone Off??

  1. #21
    License owner
    Join Date
    Oct 2013
    Location
    Mexico
    Posts
    3

    Default

    Quote Originally Posted by Delta12 View Post
    Is there any way you can see from your logs which bot it is? I looked at mine and was unable to tell as all the "members" has different IPs which makes it VERY hard to tell which is real and which is bot
    Same thing, its using different ip's and have no logs at all, everything looks normal, in G.A. there is not even a suspicious country only there are 150 visits to the "Login Page" that Sunday, the only strange thing its the "Graphic its on and off" from displaying 3,000 more visitors to "back to normal".

    By now I have both catpchas enabled and set a "Dummy" answer (numbers/characters/letters) into the Q&A captcha in order to make it harder for the bot to "guess" it, lets see what will happen, it's a shame to lose genuine registrations but what to do? This bot its a real pain in the a...!!!

    back_to_normal.jpg

    when_bot_is_on.jpg
    Last edited by Juegos Gratis; 02-17-2014 at 04:03 PM. Reason: Added a text line to make the post more clear
    Professional Web Development:
    - Games Portals
    - Classifieds Websites
    - OsCommerce
    - Graphic Design
    - Custom Templates

  2. #22
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Keep me updated on the results
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  3. #23
    License owner
    Join Date
    Jul 2010
    Location
    Sunny South Carolina
    Posts
    1,003

    Default

    Most up to date list.

    http://www.gforceinternet.co.uk/2013...sers-htaccess/

    You are going to have many, many more bots to add to the list as time goes by. Getting rid of the useless registration will help immensely. You will find that most sign-ups are bot or spammers. Don't leave your registration page blank. Just put an image like I did or text telling people that registrations have been disabled. Do a Google search for current offline browsers (these steal all of your content at once and stress your server) and add each one to the block list that isn't already on it. Good luck.

    Screenshot_1.jpg

    Update: This is what offline browsers can do to your site. Your CPU usage will go through the roof. Hosts do not like this! Check your logs daily! Block rinse and repeat.

    In the above case it was this ip 178.137.230.7 and this user agent WebMoney Advisor
    Block the ip and the user agent. There are tons of offline browsers and spam bots that will attack your sites. Be diligent and check your logs!
    Last edited by mystical; 02-17-2014 at 07:43 PM.
    My Redneck YouTube Channel

    Need a logo or banner? PM Me!

    Just an old dude with his hobbies......

  4. #24
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Thanks for the share mate!
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  5. #25
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Quoted from below link

    A Better Way to Stop the Bots

    A better approach to stop these annoying bots from successfully submitting your forms is to trick them into revealing themselves. Bots are programmed to fill in all the fields in a form and submit it. This can be used against them. If we hide certain fields using CSS or other methods regular humans will not be able to fill out these fields. Bots still see these fields and diligently fill them out, thus indicating to us they are bots. We can test for the existence of data in these honeypot fields and if detected reject the submission. Good thing bots are stupid. "

    http://riserinteractive.com/stop-for...ha-or-quizzes/

    We need a MOD like this!! Can anyone come up with something like this?
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  6. #26
    License owner
    Join Date
    Jun 2009
    Location
    Charlottesville, Virginia, USA
    Posts
    3,315

    Default

    Quote Originally Posted by Delta12 View Post
    Quoted from below link

    A Better Way to Stop the Bots

    A better approach to stop these annoying bots from successfully submitting your forms is to trick them into revealing themselves. Bots are programmed to fill in all the fields in a form and submit it. This can be used against them. If we hide certain fields using CSS or other methods regular humans will not be able to fill out these fields. Bots still see these fields and diligently fill them out, thus indicating to us they are bots. We can test for the existence of data in these honeypot fields and if detected reject the submission. Good thing bots are stupid. "

    http://riserinteractive.com/stop-for...ha-or-quizzes/

    We need a MOD like this!! Can anyone come up with something like this?
    There use to be a fellow named M.A.R.K. around here long time ago. He had a mod exactly like that with the hidden fields. I have no idea where it is or what it was called but its possibly in the OLD mods list that he published - not even sure how to locate that right off. Its been a long time. Anyway we do have that mod. Im sure it will need some updating.

  7. #27
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Quote Originally Posted by Bad Wolf View Post
    There use to be a fellow named M.A.R.K. around here long time ago. He had a mod exactly like that with the hidden fields. I have no idea where it is or what it was called but its possibly in the OLD mods list that he published - not even sure how to locate that right off. Its been a long time. Anyway we do have that mod. Im sure it will need some updating.
    I had a little play with it last night by editing /includes/forms/register_form.php - I thought I had it working...to test it I removed below from my CSS so that the field was actually visible and then I simply registered and filled in the hidden field with the hope that it would die("You are a bot!"); and not allow registration however it still allowed me to register which states the obvious once again...I can't code to save my own life...lol

    Code:
    .honeypot {
        display: none;       
    }
    I believe if someone can implement this on the existing register_form.php then all problems would be cured! This method makes perfect sense, bots are programmed to fill out all fields and when they do fill out the hidden field then BOOM...Registration Fails!
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  8. #28
    License owner
    Join Date
    Jul 2010
    Location
    Sunny South Carolina
    Posts
    1,003

    Default

    Quote Originally Posted by Delta12 View Post
    I had a little play with it last night by editing /includes/forms/register_form.php - I thought I had it working...to test it I removed below from my CSS so that the field was actually visible and then I simply registered and filled in the hidden field with the hope that it would die("You are a bot!"); and not allow registration however it still allowed me to register which states the obvious once again...I can't code to save my own life...lol

    Code:
    .honeypot {
        display: none;       
    }
    I believe if someone can implement this on the existing register_form.php then all problems would be cured! This method makes perfect sense, bots are programmed to fill out all fields and when they do fill out the hidden field then BOOM...Registration Fails!
    The honeypot method is only going to stop simple bots. Bots evolve every day and will find a way to sign up no matter what you do. Real people can also sign up and put spam in the sign up fields. You can then block their ip but in a matter of seconds they can come right back with a proxy and do it all over again. You are trying to fight a losing battle. Just my opinion.
    Last edited by mystical; 02-19-2014 at 05:16 PM.
    My Redneck YouTube Channel

    Need a logo or banner? PM Me!

    Just an old dude with his hobbies......

  9. #29
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Quote Originally Posted by mystical View Post
    The honeypot method is only going to stop simple bots. Bots evolve every day and will find a way to sign up no matter what you do. Real people can also sign up and put spam in the sign up fields. You can then block their ip but in a matter of seconds they can come right back with a proxy and do it all over again. You are trying to fight a losing battle. Just my opinion.
    I think the last time you warned me about something I was ignorant I have learned a very valuable lesson, I think this time round I'm going to take your advice
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  10. #30
    License owner
    Join Date
    Feb 2009
    Posts
    1,635

    Default

    Been looking into this a bit but you can stop the fake registrations for now with a temp fix as no doubt it wont last long..

    open register.php

    replace all with

    Code:
    <?php
    
    if (isset($template['register_form'])) {
    	$register_form = '.'.$setting['template_url'].'/'.$template['register_form'];
    }
    else {
    	$register_form = 'includes/forms/register_form.php';
    }
    
    if (isset($_GET['done'])) {
    	// Include reCaptcha
    	if ($setting['use_captcha'] == 1) {
    		require_once('includes/misc/recaptchalib.php');
    		$resp = recaptcha_check_answer ($setting['captcha_privkey'],
                		$_SERVER["REMOTE_ADDR"],
                    	$_POST["recaptcha_challenge_field"],
                    	$_POST["recaptcha_response_field"]);
            if ($resp->is_valid) {
            	$captcha_success = 1;
            }
            else {
            	$captcha_success = 0;
           	}
        }
        else {
    	    $captcha_success = 1;
        }
        if ($setting['use_qa_captcha'] == 1) {
        	$user_answer = secure(strtolower($_POST["qa_captcha_answer"]));
        	$formatted_answers = str_replace(", ", ",", strtolower($setting['qa_captcha_answers']));
        	
        	$answers = explode(',', $formatted_answers);
        	foreach ($answers as $answer) {
        		if ($answer == $user_answer) {
        			$qa_captcha_success = 1;
        		}
    		}
    		
    		if (!isset($qa_captcha_success)) {
    			$qa_captcha_success = 0;
    		}
        }
        else {
    	    $qa_captcha_success = 1;
        }
                    
    	// Get form data & secure where needed
    	$username = mysql_secure($_POST['username1']);
    	$password = $_POST['password'];
    	$password2 = $_POST['password2'];
    	$email = mysql_secure($_POST['email1']);
    	
    	$username_valid = preg_match('/^[A-Za-z ][A-Za-z0-9 ]*(?:_[A-Za-z0-9 ]+)*$/', $_POST['username1']);
    
    	// Check if all sections were submitted and display correct error
    	if ((!$username) || (!$email) || (!$password) || (!$password2) || ($password != $password2) || ($captcha_success == 0) || ($qa_captcha_success == 0) || ($username_valid == false)) {
    		echo '<div id="error_message">'.REG_ERROR1.':<br />';
    		if ((!$username) || ($username_valid == false)) {
    			echo REG_ERROR2."<br />";
    		}
    		if (!$email) {
    			echo REG_ERROR8."<br />";
    		}
    		if (!$password) {
    			echo REG_ERROR3."<br />";
    		}
    		if ($password != $password2) {
    			echo REG_ERROR4."<br />";
    		}
    		if ((isset($captcha_success) && $captcha_success == 0) || (isset($qa_captcha_success) && $qa_captcha_success == 0)) {
    			echo 'Incorrect answer on captcha';
    		}
    		echo '</div>';
    		include $register_form;
    	}
    	else {
    		// Is username in use?
    		$sql_username_check = mysql_query("SELECT username FROM wss_users WHERE username='$username'");
    		$username_check = mysql_num_rows($sql_username_check);
    		// Is email in use?
    		$sql_email_check = mysql_query("SELECT email FROM wss_users WHERE email='$email'");
    		$email_check = mysql_num_rows($sql_email_check);
    		
    		// Email or username is in use
    		if (($email_check > 0) || ($username_check > 0)) {
    			echo '<div id="error_message">'.REG_ERROR6.':<br />';
    			if ($email_check > 0) {
    				echo REG_ERROR5."<br />";
    			}
    			if ($username_check > 0) {
    				echo REG_ERROR7."<br />";
    			}
    			echo '</div>';
    			include $register_form;
    		}
    		// No errors, proceed 
    		else {
    			$passwordpro = md5($password);
    			$username = htmlspecialchars($username);
    			$date = time();
    			
    			if (isset($_COOKIE['wss_ref'])) {
    				$referrer = intval($_COOKIE['wss_ref']);
    			}
    			else {
    				$referrer = 0;
    			}
    			$seo_url = seoname($username);
    			$user_ip = mysql_secure($_SERVER['REMOTE_ADDR']);
    			// If email validation is off, instantly activate the account
    			if ($setting['email_on'] == 0) {
    				$sql = mysql_query("INSERT INTO wss_users (username, password, email, activate, joined, referrer, lastip, seo_url)
            		VALUES('$username', '$passwordpro', '$email', '1', '$date', $referrer, '$user_ip', '$seo_url')") or die (mysql_error());
            		$new_user = mysql_insert_id();
            		if (isset($_COOKIE['wss_ref'])) {					
    					$date = time();
    					$profile_url = ProfileUrl($new_user, seoname($username));
    					mysql_query("INSERT INTO wss_messages (user_id, sender_id, sender_name, title, message, date) 
    					VALUES ('$referrer', '$new_user', '$username', '$username ".REF_PM_TITLE." $setting[site_name]', '$username ".REF_PM_MESSAGE.": <a href=\"$profile_url\">$profile_url</a>', '$date')");
    				}
    				echo VALIDATED;
    			}
    			// Email validation is on: create account and send validation email
    			else {
    				$sql = mysql_query("INSERT INTO wss_users (username, password, email, joined, referrer, lastip, seo_url)
           			VALUES('$username', '$passwordpro', '$email', '$date', $referrer, '$user_ip', '$seo_url')") or die (mysql_error());
    
    				$userid = mysql_insert_id();				
    				$data = array('email_address' => $email, 'to_username' => $username, 'subject' => EMAIL_REGISTER_HEADER.' '.$username, 'send_email' => 1);
    				$data['validate_url'] = $setting['site_url'].'/index.php?task=validate&id='.$userid.'&code='.$passwordpro;
    
        			SendEmail($data, 'validate_email');
    
    
    				echo EMAIL4; // Email sent message
    			}
    		}
    	}
    }
    else {
    	include $register_form;
    }
    ?>

    open includes/forms/register_form.php

    replace all with

    Code:
    <?php
    $c_answer = '';
    if (isset($_POST['username1'])) {
    	$username = secure($_POST['username1']);
    	$email = secure($_POST['email1']);
    	if (isset($_POST['qa_captcha_answer']))
    		$c_answer = secure($_POST['qa_captcha_answer']);
    }
    else {
    	$username = '';
    	$email = '';
    }
    ?>
    
    <form method="post" action="<?php echo $setting['site_url'];?>/index.php?task=register&amp;done=1">
    <div class="register_form">
    <?php echo REGISTER_USERNAME;?><br />
    <input name="username1" type="text" class="form_textbox" maxlength="30" value="<?php echo $username;?>" /><br /><br />
    
    <?php echo REGISTER_EMAIL;?><br />
    <input name="email1" type="text" class="form_textbox" value="<?php echo $email;?>" /><br /><br />
    
    <?php echo REGISTER_PASSWORD;?> <br />
    <input name="password" type="password" class="form_textbox" /><br /><br />
    
    <?php echo REGISTER_PASSWORD2;?><br />
    <input name="password2" type="password" class="form_textbox" /><br /><br />
    
    <?php
    if ($setting['use_captcha'] == 1) {
    	require_once('includes/misc/recaptchalib.php');
    	echo recaptcha_get_html($setting['captcha_pubkey']);
    }
    ?>
    
    <?php
    if ($setting['use_qa_captcha'] == 1) {
    	echo $setting['qa_captcha_question'];
    	echo '<br /><input name="qa_captcha_answer" type="text" class="form_textbox" value="'.$c_answer.'" /><br /><br />';
    }
    ?>
    <br />
    
    <input type="submit" name="Submit" value="<?php echo REGISTER_BUTTON; ?>" class="register_button" />
    </div>
    </form>
    Tested on wss 121 and it seems to be a bot that scrapes content checking the html markup so it can do its thing.

    Edit:

    Cleaned up my site

    run this mysql query to delete non activated user signups

    Code:
    delete from wss_users where activate ='';
    now go to members list and not where the spam started date wise. You cant miss it or even better still do you remember how many users you had then check this info via phpmyadmin to find the id of the first spam registration.

    Mine was id 74 so I ran this query

    Code:
    delete from wss_users where id >=74
    Dont forget to backup your database
    Last edited by The One; 03-02-2014 at 03:04 PM.
    >>> All of my mods are unsupported at this time. <<<

  11. #31
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Thanks a million!! Glad to have you back! I'm only testing it on my 1 site for now. I emptied my entire users table, shame to loose the real members however I'm not going to go through a 1200 members to see who is fake and who's not so time will tell if this method works as I'm down to 1 member and that's me

    I missed your edit! I just cleared ALL my users
    Last edited by Delta12; 03-02-2014 at 03:20 PM.
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  12. #32
    License owner
    Join Date
    Feb 2009
    Posts
    1,635

    Default

    Quote Originally Posted by Delta12 View Post
    Thanks a million!! Glad to have you back! I'm only testing it on my 1 site for now. I emptied my entire users table, shame to loose the real members however I'm not going to go through a 1200 members to see who is fake and who's not so time will tell if this method works as I'm down to 1 member and that's me

    I missed your edit! I just cleared ALL my users
    Damn on missing edit ;/

    Let me know how your test goes.
    >>> All of my mods are unsupported at this time. <<<

  13. #33
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Quote Originally Posted by The One View Post
    Damn on missing edit ;/

    Let me know how your test goes.
    No problem at all, S*** Happens! Nevertheless test will be easier now as any member more that the current 1 will be under the magnifying glass
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  14. #34
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    It's been a week and I can now confirm that the MOD provided by "The One" is working!! Not a single BOT signup since I've implemented the MOD and I use to get between 20-30 a day.

    Thanks a million The One!
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  15. #35
    License owner
    Join Date
    Feb 2014
    Posts
    7

    Default

    Haha nice one, thats jokes.

  16. #36
    License owner
    Join Date
    Jul 2010
    Location
    Sunny South Carolina
    Posts
    1,003

    Default

    Quote Originally Posted by hiper17 View Post
    Haha nice one, thats jokes.
    What? I must of missed the joke.
    My Redneck YouTube Channel

    Need a logo or banner? PM Me!

    Just an old dude with his hobbies......

  17. #37
    License owner
    Join Date
    May 2012
    Location
    UK
    Posts
    1,284

    Default

    Quote Originally Posted by mystical View Post
    What? I must of missed the joke.
    A spammer with a different technique! Does a few posts first before he includes his link in his signature - they make me sick!
    * Main Website: Check my profile (PM me for links to my other sites) - Warning | Adults Only!
    * Hosting: VPS Cloud Server at TMDHosting - Great 24hr Support and Superb up-time!
    * Ad Networks: ExoClick | JuicyAds | AdXpansion - They Convert Well + On-time Payouts!

    PORNTRA - Free HD Porn Sex Movies.

  18. #38
    License owner
    Join Date
    Mar 2014
    Posts
    4

    Default

    When you say "run this mysql query to delete non activated user signups", what does that mean? Where do I put that code?

    I just completely dropped out of the SERPS and I'm freaking out a bit.
    Thanks for your help.

  19. #39
    License owner
    Join Date
    Mar 2013
    Posts
    5

    Default

    Dear all please find a solution bot attack(server loading and mail reply over loaded on host site) is still continuing on my av arcade website evenif the new latest av script AV Arcade 5.8 I use.

    any way to prevent that kind of attacks???

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •