[ABD] Instant Ban - Spam Bots registration - (updated)

[Lord Raiden]

Yeah, if this keeps up, I might have to do that too.

[Jizumonkey]

I've just run into problems with this. I had it running fine before but now i've updated to 2.0.17 it no longer shows the signature area in your profile, and as such a few of my members are getting huffy!

I overwrote the two files back to their 2.0.17 full versions and started from scratch but still the same thing happens.

Is there anything I can do about this as this is about the most useful mod i've come across and the only one i use nowadays.

Thanks

[Jizumonkey]

bumpity

[Jizumonkey]

A reply really would be helpful

[DuQues]

All the signups are from "yandex.ru".

That one I have seen come past as well.

[computersOC]

Always attach my signature: yes no

that still shows for the user, even though their sig box doesn't in the edit profile.

EDIT: I installed this and 0.0.0.0 now shows up three times in my ban list. Why?

[Lord Raiden]

I get the same thing too. What it is, is the spammer is masking their IP to the webserver's environment variables. So the webserver can't see anything but zeros, and that's what it logs. Not much you can do about it short of blocking users who spoof or block their IP addresses from registering.

I've decided a simpler aproach to this. I've combined the spam bot ban script here with a simple policy. You don't post within 30 days, I delete your account. If it gets worse, I will drop it to 7. So if the register and don't post within 7 days, buh-bye.

[niekas]

I get the same thing too. What it is, is the spammer is masking their IP to the webserver's environment variables. So the webserver can't see anything but zeros, and that's what it logs. Not much you can do about it short of blocking users who spoof or block their IP addresses from registering.

I've decided a simpler aproach to this. I've combined the spam bot ban script here with a simple policy. You don't post within 30 days, I delete your account. If it gets worse, I will drop it to 7. So if the register and don't post within 7 days, buh-bye.

It's impossible to mask IP to server environment variables

try this:

http://www.phpbb.com/phpBB/viewtopic.ph ... 08#1281708

or getenv('REMOTE_ADDR') instead of $REMOTE_ADDR

I updated the code with getenv().

you could even plug this function:

Code: Select all

function getip() {
   if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
   $ip = getenv("HTTP_CLIENT_IP");

   else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
   $ip = getenv("HTTP_X_FORWARDED_FOR");

   else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
   $ip = getenv("REMOTE_ADDR");

   else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
   $ip = $_SERVER['REMOTE_ADDR'];

   else
   $ip = "unknown";

   return($ip);
}

http://lt.php.net/manual/en/function.getenv.php#53599

also this:

The function 'getenv' does not work if your Server API is ASAPI (IIS).

So, try to don't use getenv('REMOTE_ADDR'), but $_SERVER["REMOTE_ADDR"].

[Spockman]

Just want to say a quick, "Thank YOU!!!!" for this mod! I have two archived forums that I only today realized were getting hit with bot registrations. We have a G-rated site and need to keep it that way and this should stop the scum for quite a while!

[matt621]

Is there like a file or official type post where we can get the full mode in one place, with all updates on it? This thread started out over a year ago and it looks like there were some changes along the way. It'd be great to have the final version someplace.

Thank you.

[computersOC]

Another BUG:

I see the same IP address listed like five times in my banlist. Can we have this mod do a check first to see if it is already listed? Thanks.

[Grattier]

Wow nice mod... just can't wait the final version!

[matt621]

Another BUG:

I see the same IP address listed like five times in my banlist. Can we have this mod do a check first to see if it is already listed? Thanks.

that appears to be more than a bug. If the script is working and the user is banned, they should not be able to access the site again and thus that IP should not be posting after it's banned for the first time.


also, are you banning sitewide via the .htaccess file or just the forums? Seems to me, site wide would be better. No use having them screwup the guestbook, blog, etc.

[computersOC]

It adds it to the phpBB banlist.

[darakhshan]

this is great, I have to try it