Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 12 Jul 2010, 07:30
DAMINK DAMINK is offline
 
Join Date: Jun 2010
[resolved] Spam bots

Ok were all used to spam bots. Xrummer and the like.
Now i am new to vBulletin but the one thing i did notice immediately once i merged my MyBB forum over to VB was how easily spam bots were able to register.
I can only assume this relates to some vulnerability in VB?
Given they can read Captures, Random questions and the like.
So i started the battle to defeat the buggers as we do.
First i added the proxy script to help a little.
I then added additional registration requirements.
Most recently i added the mod which puts a timer on the registration process. This actually works quite well. However they are still trying to register constantly.
So this go me to thinking. There has to be a better way to stop these buggers.
Now here is my thoughts on it. Tell me if its a good idea or a stupid one please.

First rename register.php to a new name.
Change all links from the forum to point to your new page.
Then recreate register.php but make it a bot trap only now and nothing more writing to the .htaccess file and ultimately banning there ip the moment they trip the trap.
Making sure your robots.txt file is up to date to reflect changes obviously.
I assume xrummer and other tools are using vb as the target and therfor using register.php as the default register page.
Its clear they can beat the capture and other options so i think there really is no option but to make it harder.
Anyway thats the basic idea of what i want to do.
I have mostly finished it. But i have one problem currently and need some help.
I have only edited the old register.php file and renamed it currently. The bot trap bit i have no problems with.
I can register using the new file fine however at the last point of registration is sends me back to the original register.php file. Now if i can remove this then i am home free i think.
Anyone have any ideas how to stop it redirecting back to register.php?do=addmember and have it go to MYFILENAME.php?do=addmember?
Finally could this be a security issue itsself trying this?
Thanks.
__________________
FTW Forum <- Home of the damned!

Last edited by DAMINK; 14 Jul 2010 at 10:22. Reason: I worked it out.
Reply With Quote
  #2  
Old 12 Jul 2010, 07:44
PirateTinman PirateTinman is offline
 
Join Date: May 2009
When I started up my forums SPAM Bots where all over the site, but one of the first things I did was getting the vbStopForumSpam Modification http://www.vbulletin.org/forum/showthread.php?t=230921

After that I have never had a SPAM Bot registering to the site and it works extremely well.
I suggest you taking a look at it if you have issues with SPAM.
Reply With Quote
  #3  
Old 12 Jul 2010, 08:04
DAMINK DAMINK is offline
 
Join Date: Jun 2010
Its not that i have many issues with spam bots any more. I have been able to basically stop them now. But xrummer is a pretty smart tool and i imagine it will not be long before more patches are needed to stop them. Currently its only the timelimit mod that is stopping them.

I have bigger plans to be honest should i be able to sort this register.php file out.
But first i need to get a renamed register.php file to work properly.
So anyone able to help me with that?
__________________
FTW Forum <- Home of the damned!
Reply With Quote
  #4  
Old 12 Jul 2010, 14:22
mrt12345's Avatar
mrt12345 mrt12345 is offline
 
Join Date: Feb 2009
This had happen to me very fast once i just open my first forum , as soon you add a random question to your registration it stops them dead. The first week i had my forum installed i got about 40 spammers from bots . add my questionnaire it cam to a stop right away.
Reply With Quote
  #5  
Old 12 Jul 2010, 19:55
KProjects KProjects is offline
 
Join Date: Feb 2006
i'll 2nd the vbstopforumspam mod - it's a -MUST HAVE- on any vbulletin site.
__________________

Stop Spammers
Reply With Quote
  #6  
Old 12 Jul 2010, 21:24
DAMINK DAMINK is offline
 
Join Date: Jun 2010
Thanks for the advice guys but i am really after something specific here.
Stopping the bots i have already done. Ultimately i want to be able to change the register.php file name and have it function properly.
So if anyone is able to tell me what i have to do to complete this it would be great.
As i said in OP. I have been able to get a renamed register.php file to work fine. The registration process works but it is redirecting back to register.php?do=addmember.
I want it to go to MYFILENAME.php?do=addmember?
Thanks if anyone can help and thanks for the above advice also.
__________________
FTW Forum <- Home of the damned!
Reply With Quote
  #7  
Old 12 Jul 2010, 22:16
Nickbe Nickbe is offline
 
Join Date: Jul 2007
Why bother really? My set-up has effectively killed all bots.

Random Question
-------------------------------------------
The random question I have stops every bot out there. Basically what I have done is created 10 images that each consist of six digits like the one below...



The random question is:

View this security picture and enter the FIRST, THIRD and LAST number.

So basically you must click on a link to see the image and enter in the numbers asked for. Each of the 10 images has a different code and each image asks for a different set of numbers i.e. first, second, third, fourth, next to last, last....

If a bot gets through the first line of defence it has a few more hurdles to jump through.
-------------------------------------------


Useful Mods
-------------------------------------------
vbstopforumspam - Explained above.

Stop the Registration Bots - Basically bots fill out registration forms in an instant. This mod has a user set time limit (I set it to 15 seconds). If a user fills in the registration form in under 15 seconds it is assumed that its a bot and the registration is no accepted.

Moderate New Registrations Based On IP Geographical Origin
- This is a cool mod that basically sends new registrations with IP's from specific countries to the moderation cue. For example most of my spam comes from China, Russia, India and Bagladesh. So if anybody from those 4 countries registers they are put on the moderation cue for a moderator to manually check and activate their account.

VSa - Advanced Permissions Based on Post Count -Say bye to pm and visitor message spam and also standard post spam. Basically I use this mod to set a 10 post limit before a user can

1. Send PM's.
2. Send visitor messages.
3. Post any form of links.

So if a spam bot penetrates the first three barriers they cannot post links or pm/vm spam.
-------------------------------------------

It sounds like you have your heart set on creating this mod. If you do and post it up I will probably install it. However, with all that's out there already it is not really needed.

Last edited by Nickbe; 12 Jul 2010 at 22:25.
Reply With Quote
  #8  
Old 13 Jul 2010, 07:20
DAMINK DAMINK is offline
 
Join Date: Jun 2010
I dont need advice on how to get rid of bots!
I have been able to stop them already! As mentioned in the OP and in the 3rd post which is also mine. And again now.

I DONT HAVE ANY SPAM BOTS TO WORRY ABOUT CURRENTLY. THIS IS ABOUT SOMETHING ELSE

I need advice on how to edit the register.php file
Can someone help me in regards to this?????????
I want to do more than simply rename a damn file.
I dont want to disclose what i plan to do ultimately until i complete and test it.
What i do want is advice on a simple file edit!!
I have asked at vbulletin.com <- not allowed! What that site is for i have no idea. I cant ask about editing code and i cant ask for someone to do it for me. Really apart from purchase what is the point of the .com address??

I have asked at vbulletin.org <- And here we are? .

Look i am new to VB and I had invisioned many active members who would be willing to assist.
I must admit i do feel a little the fool now. A mate and a great coder for MyBB did tell me i would not get what i expected out of VB.
Hate to say it. But to date he has actually been spot on.

Side note to anyone that cares to listen.
I dont want to rely on any of the bot products here.
Why? Simple. The marketers who use tools such as xrummer also participate in places like this.
So any way we attempt to stop the bots will ultimately be worked around at some point.
The capture is a good example of this.
To make new registrations jump through 30 hoops and clap 62 times is not the way to fix this problem i assure you. Thats called a bandaid fix.
Further more. If everyone is using a mod that works great and stops bots. How long before a hole is found? Seriously. People spend countless hrs trying to get past these sort of things. They will always win.

Anyway thats me having a winge. Notice the over usage of exclamation points? lmao
Seriously though. I really really really really want to be able to edit the file.
So i would love advice on this and perhaps not on the other ways to stop bots.
Although i do appreciate the advice.

Perhaps a different way to get this answer?
Anyone know of any ACTIVE forums for vb help etc?
(sits back and patiently waits expecting a few replies today or tomorrow )
__________________
FTW Forum <- Home of the damned!
Reply With Quote
  #9  
Old 13 Jul 2010, 11:11
Nickbe Nickbe is offline
 
Join Date: Jul 2007
I do not know the answer to your problem. However, I wish to address your claim that a loophole will be found.

With creativity in our random questions bots will never make it through. If for example we all get different pictures of animals and ask a user to identify the animal ect. If we do what I do with my random question.

The mod you yourself have that sets a registration time limit 'Stop the Registration Bots' formerly knows as 'isbot' has been around for 3 years or so. It still catches 95% of bots! Why have the spammers not figured out how to overcome 'isbot'?

The answer is simple, they know how to but they wont bother. I would say that 90% of forums out there are no at all protected.

So they rather have their bots attempt to sign up to 1,000 forums at 2 seconds per forum. Maybe they get 900 successful registrations. It costs then 2,000 seconds or so.

If they set a bot to take 30 seconds on each reg page it would take 30,000 seconds. That is over 8 hours!

Considering that xrummer blasts usually number in the 5,000-10,000 to overcome 'isbot' they would need to have a computer running 40-80 hours to register to forums. It is simply not viable.

isbot is not a band-aid solution!

All a forum needs is the isbot mod and creativity with random questions.

Enjoy making your mod though, however useless it may be. If I could help I would, I suggest you ask for help somewhere else though. People here never listen.
Reply With Quote
  #10  
Old 13 Jul 2010, 11:46
DAMINK DAMINK is offline
 
Join Date: Jun 2010
To all that you posted above i agree.
And i also think when captchas first come out they thought they were bullet proof also.
Its not here not there really. I just wanted a simple bit of advice but thats proving difficult.
Who would have thought a simple file edit would be so difficult?
I will continue on my own and work out how this is done.

Thankyou everyone.
__________________
FTW Forum <- Home of the damned!
Reply With Quote
  #11  
Old 13 Jul 2010, 13:14
Nickbe Nickbe is offline
 
Join Date: Jul 2007
Try vbulletin.com you will be more likely to get your answer there. More people participate in that forum.
Reply With Quote
  #12  
Old 13 Jul 2010, 13:45
BSMedia BSMedia is offline
 
Join Date: Feb 2009
You can use replacement variables from the adminCP to change all links to register.php.

I have no clue how to go about logging visits to register.php, and banning the IP address, however automated banning of IP address doesn't sound like a good idea given that someone could link a visitor to register.php for that very reason...
Reply With Quote
  #13  
Old 13 Jul 2010, 21:24
DAMINK DAMINK is offline
 
Join Date: Jun 2010
@Nickbe. Read above mate. I tried at .com and got told NO help if you edit code.
@BSMedia I am rather suspect about the replacement variables.
Perhaps its simply i am not used to them. I am not sure.
However the redirects within the forum are simple anyhow. That i can do.
As for the automated banning. I have already worked that out just fine.
I have everything working except the one problem as mentioned several times here.
At the end of the registration process when using my custom register page i am getting redirected to register.php?do=addmember and i dont want this obviously.
I want to redirect to MYPAGE.php?do=addmember
If i could get that answered then i am home free. Yet it appears no one is willing to come forward and explain to me.

--------------- Added 14 Jul 2010 at 10:21 ---------------

Got it sorted out.
Thanks for all the help.
__________________
FTW Forum <- Home of the damned!

Last edited by DAMINK; 14 Jul 2010 at 10:21. Reason: Auto-Merged DoublePost
Reply With Quote
  #14  
Old 12 Nov 2011, 22:53
Marvin Hlavac Marvin Hlavac is offline
 
Join Date: Sep 2007
Damink, I'm in the process of researching how this could be done. Have you ever managed to complete this project? I've read register.php is referenced in numerous php files, so I guess they all would need to be edited, not just template edits.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 22:23.

Layout Options | Width: Wide Color: