[ABD] Instant Ban - Spam Bots registration - (updated)

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Locked
Lord Raiden
Registered User
Posts: 391
Joined: Sat Jun 26, 2004 11:24 pm
Contact:

Post by Lord Raiden »

Yeah, if this keeps up, I might have to do that too. :(
Steve Lake
-Owner/Admin/Author of:
-Raiden's Realm - Bringing Linux to the World
Jizumonkey
Registered User
Posts: 60
Joined: Thu May 08, 2003 9:17 pm
Location: Isle of Wight

Post by Jizumonkey »

I've just run into problems with this. I had it running fine before but now i've updated to 2.0.17 it no longer shows the signature area in your profile, and as such a few of my members are getting huffy!

I overwrote the two files back to their 2.0.17 full versions and started from scratch but still the same thing happens.

Is there anything I can do about this as this is about the most useful mod i've come across and the only one i use nowadays.

Thanks
Jizumonkey
Registered User
Posts: 60
Joined: Thu May 08, 2003 9:17 pm
Location: Isle of Wight

Post by Jizumonkey »

bumpity
Jizumonkey
Registered User
Posts: 60
Joined: Thu May 08, 2003 9:17 pm
Location: Isle of Wight

Post by Jizumonkey »

A reply really would be helpful :)
DuQues
Registered User
Posts: 3
Joined: Tue Apr 26, 2005 12:18 pm
Location: The Hague, The Netherlands
Contact:

Post by DuQues »

Lord Raiden wrote: All the signups are from "yandex.ru".

That one I have seen come past as well.
computersOC
Registered User
Posts: 2528
Joined: Thu Dec 04, 2003 6:21 am
Location: New York
Contact:

Post by computersOC »

Always attach my signature: yes no

that still shows for the user, even though their sig box doesn't in the edit profile.

EDIT: I installed this and 0.0.0.0 now shows up three times in my ban list. Why?
http://www.computersOC.com - overclocking, P2P, broadband tweaks, ISP forums, more... Computer Building Help -- Overclocking Guide

Want us to install you a phpBB board or update your current one? Want mods/anti-spam mods installed? Moving to a new host? Check us out here.
Lord Raiden
Registered User
Posts: 391
Joined: Sat Jun 26, 2004 11:24 pm
Contact:

Post by Lord Raiden »

I get the same thing too. What it is, is the spammer is masking their IP to the webserver's environment variables. So the webserver can't see anything but zeros, and that's what it logs. Not much you can do about it short of blocking users who spoof or block their IP addresses from registering.

I've decided a simpler aproach to this. I've combined the spam bot ban script here with a simple policy. You don't post within 30 days, I delete your account. If it gets worse, I will drop it to 7. So if the register and don't post within 7 days, buh-bye.
Steve Lake
-Owner/Admin/Author of:
-Raiden's Realm - Bringing Linux to the World
niekas
Registered User
Posts: 562
Joined: Sun Sep 23, 2001 7:34 am

Post by niekas »

Lord Raiden wrote: I get the same thing too. What it is, is the spammer is masking their IP to the webserver's environment variables. So the webserver can't see anything but zeros, and that's what it logs. Not much you can do about it short of blocking users who spoof or block their IP addresses from registering.

I've decided a simpler aproach to this. I've combined the spam bot ban script here with a simple policy. You don't post within 30 days, I delete your account. If it gets worse, I will drop it to 7. So if the register and don't post within 7 days, buh-bye.


It's impossible to mask IP to server environment variables

try this:

http://www.phpbb.com/phpBB/viewtopic.ph ... 08#1281708

or getenv('REMOTE_ADDR') instead of $REMOTE_ADDR

I updated the code with getenv().

you could even plug this function:

Code: Select all

function getip() {
   if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
   $ip = getenv("HTTP_CLIENT_IP");

   else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
   $ip = getenv("HTTP_X_FORWARDED_FOR");

   else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
   $ip = getenv("REMOTE_ADDR");

   else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
   $ip = $_SERVER['REMOTE_ADDR'];

   else
   $ip = "unknown";

   return($ip);
}
http://lt.php.net/manual/en/function.getenv.php#53599

also this:
The function 'getenv' does not work if your Server API is ASAPI (IIS).

So, try to don't use getenv('REMOTE_ADDR'), but $_SERVER["REMOTE_ADDR"].
Spockman
Registered User
Posts: 5
Joined: Wed Sep 15, 2004 3:14 pm

Post by Spockman »

Just want to say a quick, "Thank YOU!!!!" for this mod! I have two archived forums that I only today realized were getting hit with bot registrations. We have a G-rated site and need to keep it that way and this should stop the scum for quite a while!
matt621
Registered User
Posts: 34
Joined: Wed Feb 19, 2003 10:59 pm

Post by matt621 »

Is there like a file or official type post where we can get the full mode in one place, with all updates on it? This thread started out over a year ago and it looks like there were some changes along the way. It'd be great to have the final version someplace.

Thank you.
computersOC
Registered User
Posts: 2528
Joined: Thu Dec 04, 2003 6:21 am
Location: New York
Contact:

Post by computersOC »

Another BUG:

I see the same IP address listed like five times in my banlist. Can we have this mod do a check first to see if it is already listed? Thanks.
http://www.computersOC.com - overclocking, P2P, broadband tweaks, ISP forums, more... Computer Building Help -- Overclocking Guide

Want us to install you a phpBB board or update your current one? Want mods/anti-spam mods installed? Moving to a new host? Check us out here.
Grattier
Registered User
Posts: 25
Joined: Mon Feb 02, 2004 2:45 am

Post by Grattier »

Wow nice mod... just can't wait the final version!
matt621
Registered User
Posts: 34
Joined: Wed Feb 19, 2003 10:59 pm

Post by matt621 »

computersOC wrote: Another BUG:

I see the same IP address listed like five times in my banlist. Can we have this mod do a check first to see if it is already listed? Thanks.


that appears to be more than a bug. If the script is working and the user is banned, they should not be able to access the site again and thus that IP should not be posting after it's banned for the first time.


also, are you banning sitewide via the .htaccess file or just the forums? Seems to me, site wide would be better. No use having them screwup the guestbook, blog, etc.
computersOC
Registered User
Posts: 2528
Joined: Thu Dec 04, 2003 6:21 am
Location: New York
Contact:

Post by computersOC »

It adds it to the phpBB banlist.
http://www.computersOC.com - overclocking, P2P, broadband tweaks, ISP forums, more... Computer Building Help -- Overclocking Guide

Want us to install you a phpBB board or update your current one? Want mods/anti-spam mods installed? Moving to a new host? Check us out here.
darakhshan
Registered User
Posts: 794
Joined: Fri Apr 30, 2004 7:18 pm

Post by darakhshan »

this is great, I have to try it
Locked

Return to “[2.0.x] MODs in Development”