 |
|
|
Mod Options |
vbStopForumSpam - known spammer lookup for new registrations Details »
|
|||||||||||
|
vbStopForumSpam - known spammer lookup for new registrations
Developer Last Online: Nov 2013 
This modification is in the archives.
vbStopForumSpam This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so. At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration. Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome. VB4 here http://www.vbulletin.org/forum/showt...hreadid=230921 Its the same code, it works in 3.54 to 4.0 What it does It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back. This version doesnt have - whitelisting or the ability to submit users to the database but it will within the next week. - automatic user deletion / post / PM purging. There are good tools out there already, this does something else. Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp. You do not need to download the product-vbstopforumspam-3.54.xml file unless you are using a vBulletin version older than 3.6.0 Changes to vB - 3 new database tables - 2 database table alternations - No new templates. - 2 Hook (register_addmember_process & register_addmember_complete) Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete Known to work - tested by me - vBulletin 3.6.8 on Apache 2.2 / PHP 5.1.2 on Linux using cUrl - vBulletin 3.7 Gold on Apache 2.0 / PHP 4.4.3 on Windows without cUrl (template changes wont work on 3.7 - thats in the next version with auto template changes) For code to submit spammers to the database, check this post for code changes http://www.vbulletin.org/forum/showp...&postcount=288 Reported in the thread to work - 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3 If you have 3.54, then you can use the product-vbstopforumspam-3.54.xml file attached instead of the one in the ZIP file, which will allow older vBulletin versions to access this mods' features. I personally havent tested this version, its a user contribution, thanks to Darrell Mobley, that changes the way the XML works when imported into older versions. Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item. REQUIRES MySQL 4.1.1+ Future versions - Automatic integration into vBulletin to add users to the stopForumSpam.com database from a form - Whitelisting of username / IP / email addresses - AJAX integration to allow for lookups from within the users profile - Decreased remote query count from three per user to one per user. Versions / Changes 0.1 Initial Release 0.2 pedigrees special brew birthday release. - Small security update. If you have 0.1 installed, download 0.2 and replace your existing functions_vbsfs.php with the one in the archive. It just tests to see if its running inside the VB framework before anything else. This is what happens when you code at 2am after drinking wine 0.3 - stopped it processing valid registrations twice - moved all non-function code into the plugin. Not a big one as 0.2 basically did that - fixed a typo in the log pruner that stopped it working (404) - removed unused fields from the database for people with mysql that doesnt support varchar > 255 (ie mySQL4). If you have 0.2 installed and dont need to prune your logs just yet, you dont really need to install this version but can instead wait for 1.0 unless of a massive security update. 0.4 - logs registrations that arent/wouldnt be blocked - fixed XML errors when username has a space it in - tightened up the cache so that it doesnt test a username against an email name to give a bypass result (for when a username is an email address that isnt banned where the email address is) - fixed some basic logic errors in the PHP 0.6 - Should work on PHP 4.4 now - rewrote the XML with PHP4 in mind (tested on Apache2.0/PHP 4.4.3) - Fixed a caching system where data wasnt being updated correctly which could cause a remote query when one wasnt needed - Possible false negative situation when a spammer was blocked due to SFS.com being down who then visited again when it was up but within the cache expiry time - Remote query failure when the result page isnt XML should work a bit better now. It does a very basic test for valid XML results. - Fixed log purging (again) and it should actually work properly now. - No longer requires PHP5 - The log viewer now links to a user profile when registration is allowed. v0.61 - Removed a template change that was invalid vBulletin code. The package you download will still say its 0.60 however NB : When upgrading from any version to 0.6, you must remove and then add the plugin due to changes in one of the database tables You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data. Issues are - The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit Installation - Follow the instructions in the zip file, that includes upload the correct folders - ONLY download the 3.54 xml file if youre using a vbulletin version prior to 3.6.0. use this file to install the mod instead of the xml file in the zip file. Please click Installed Download Now Only licensed members can download files, Click Here for more information. Addons Screenshots
Show Your Support
The following members like this post: rpgamersnet, Nassou
|
|||||||||||
About Developer
Visit Web Site
Not Supported 
DB Changes|
Similar Mod
|
||||
| Mod | Developer | Type | Replies | Last Post |
| Validate email by MX lookup | fastforward | vBulletin 2.x Full Releases | 28 | 22 Oct 2007 12:29 |
|
#61
27 May 2008, 20:32
|
||||
|
||||
|
Hmm, Ive done something bad here.
In between testing, copying/pasting from the server to my local machine to ZIP up the files, Ive made a bad mistake in the instructions ALL THOSE THAT MODDED THEIR TEMPLATES, NEED TO DO THIS Edit template MEMBERINFO - Find this and delete
Or revert the template if youve made no other changes God knows what I was thinking but unless you do this, people will see IP numbers of visitors. Ive very sorry for this and thanks to Wired1 for making me think about it. Ill be removing this from the instructions, reloading v0.61 without any template changes. In v0.7, the template changes will be automatic and verified completely No members have liked this post.
Last edited by pedigree; 27 May 2008 at 20:49. 
|
||||
|
#62
27 May 2008, 20:37
|
||||
|
||||
|
Originally Posted by pedigree
Instructions need to be clarified then (at least for 3.7.x). Currently they say edit MEMBERINFO and look for:
Looks like as of 3.7.x, they moved that code into the template I mentioned.
__________________
Admin of the Corsair Memory Forum (AKA the House of Help from back in the day) Admin of Petri's IT Forum / Moderator at webdesignforums.net No members have liked this post.
|
||||
|
#63
27 May 2008, 20:57
|
||||
|
||||
Thanks pedigree!
I have been blocking, using other mods, quite a lot of spammers coming from China lately. Will add this mod as an additional line of defense. 
No members have liked this post.
|
|
#64
27 May 2008, 20:57
|
||||
|
||||
|
Originally Posted by Wired1
Well, I completely bollocks up one of the most basic mistakes in PHP, the = and == comparisons
 If you modded the MEMBERINFO template, you need to undo the changes (or revert the template if no other changes have been made to it)Ive uploaded v0.61 without template mods in the instructions, have notified those with "installed" to undo the template changes. The core backend code will work on 3.6 and 3.7 and Ive code most of the code written for 3.7 that integrates a tab in the User Profile, based on the group list in the options (new configuration lists in v0.7) Until then however, Ill be testing the access controls like a nut job trying to get out of a box. All the template changes will be automatically parsed with hooks. No members have liked this post.
|
||||
|
#65
27 May 2008, 21:03
|
||||
|
||||
|
Why remove that section of code? Just add conditionals around it, that'll hide it from normal users
__________________
http://www.vettemod.com No members have liked this post.
Last edited by Twin_Turbo; 27 May 2008 at 21:40.
|
||||
|
#66
27 May 2008, 21:08
|
||||
|
||||
|
Originally Posted by Twin_Turbo
That as well but I wanted to make sure that nothing sneaked out... It was "Panic stations"
No members have liked this post.
|
||||
|
#67
27 May 2008, 21:14
|
||||
|
||||
|
Originally Posted by pedigree
Was that the only template edit in the old instructions?
When attempting to upgrade from 0.6 to 0.61, I get this error:
__________________
Admin of the Corsair Memory Forum (AKA the House of Help from back in the day) Admin of Petri's IT Forum / Moderator at webdesignforums.net No members have liked this post.
|
||||
|
#68
27 May 2008, 21:36
|
||||
|
||||
|
It was only the template edit, you dont need to reimport from 0.60 to 0.61
Although Im suprised to see that error. Ill have to add a check to test for suplicate posbfits like that.. It shouldnt ever happen The uninstall drops those two columns from the database
You might have to run drop uninstall/reinstall and if that fails, drop them from phpMyAdmin. Im going to look how that could possibly happen Theyre going to be gone in v0.7 anyway. No members have liked this post.
|
||||
|
#69
28 May 2008, 18:52
|
||||
|
||||
|
Great work - I think this is very promising.
@pedigree: You got PN, I think I have something for you 
__________________
www.MCSEboard.de MCP / MCSA / MCSE Board dedicated to Windows 2000 / XP / 2003 Server & Windows Vista. German Windows Server & Backoffice Community, Microsoft Community Partner (CLIP), MVPs inside. No members have liked this post.
|
|
#70
28 May 2008, 22:48
|
|||
|
|||
|
Wired I can only think that you didnt uninstall, thus it tried to recreate the postbits. Ive set the XML to ignore DB errors in the case of a force reinstall/overwrite
No members have liked this post.
|
|
#71
28 May 2008, 23:11
|
|||
|
|||
|
Is there any plan to port this to 3.7 ? In the interim I'm downloading the IPs and domains manually from StopForumSpam.com
No members have liked this post.
|
|
#72
28 May 2008, 23:47
|
|||
|
|||
|
v0.61 should work just fine in 3.7. I have access to someones 3.7 development board as it seems to be working great. Ive started on a specific 3.7 version that adds functionality to the user options as a tab - thats coming along nicely and I should have code out within a week, the 3.6 code isnt as easy to add.
It will have the ability to submit details to the remote site and test users details against the remote database if you think they managed to sneak past before the site was updated. Ive got it going on 3.7.0, he hasnt pulled 3.7.1 yet as hes in the middle of fixing the templates No members have liked this post.
|
|
#73
29 May 2008, 00:38
|
|||
|
|||
|
Originally Posted by pedigree
Just tested on 3.7.1 and it works great!
No members have liked this post.
|
|
#74
29 May 2008, 00:50
|
|||
|
|||
|
From an email I sent about recent site activity:
Sadly fake registrations started up again but still most are getting caught. Question. Is it possible to auto ban users based on their email domain suffix (.cn) I know I can prevent them from signing up with this using the out of box, but I prefer to let them continue to use a suffix I can recognize and am ok with bulk banning and then dump them in ban right away. The spammer (unless they read this post :-?) will not know why they are being banned and this will be quite a big net for me at present time. Any suggestions? No members have liked this post.
|
|
#75
29 May 2008, 01:35
|
||||
|
||||
|
Originally Posted by skippybosco
Personally, I use the User Banning Options and block certain IP ranges / domains from there.
So, you're wanting to LET them join, and then BAN? Why? Hey pedigree, the log only shows their username as a link if they've completed the registration process, correct?
__________________
Admin of the Corsair Memory Forum (AKA the House of Help from back in the day) Admin of Petri's IT Forum / Moderator at webdesignforums.net No members have liked this post.
|
|
«
Previous Mod
|
Next Mod
»
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Mod Options | |
|
|
| New To Site? | Need Help? |
All times are GMT. The time now is 19:58.