[ABD] Instant Ban - Spam Bots registration - (updated)

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Locked
User avatar
niekas
Registered User
Posts: 562
Joined: Sun Sep 23, 2001 7:34 am

[ABD] Instant Ban - Spam Bots registration - (updated)

Post by niekas » Sat Apr 03, 2004 4:12 am

Known to be working with v2.0.6 and up

<update>everyone who installed this please change (thanks to artesea who noticed this)

Code: Select all

&& $mode='editprofile' &&

to

Code: Select all

&& $mode=='editprofile' && 
</update>

I implemented a system to ban the IP on spot if the bot tries to register such user. They only try to promote links to their own website. thats what this MOD will prevent. The back links spam bot is after can be in website field or signature field. I configured registration page not to display website and signature fields. They are activated only after user has 10 posts (configurable). (SCROLL down for simplier MOD - where signatures are not checked)

If bot tries to submit website or signature fields before that - instant ban.
after dude tried 12 different IP's he apparently removed my site from his list. No more porn spam. He was really pissing me off. I think its one genius running this scam.

Code: Select all

## MOD Title: Instant Ban - Spam Bots registration
## MOD Author: niekas
## MOD Description: prevents spam bots registering on your forum by
## removing website and signature fields in registration and profile form 
##untill users reached certain amount of posts
## MOD Version: 1.0.1 
## 
## Installation Level: (Easy) 
## Installation Time: ~5 minutes
## Files To Edit: 
##               /includes/usercp_register.php
##               /templates/subSilver/profile_add_body.tpl
## Included Files: (n/a) 

# 
#-----[ OPEN ]------------------------------------------ 
#
includes/usercp_register.php

# 
#-----[ FIND ]------------------------------------------ 
# 

$error = FALSE;


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#

$cut_off=10; //how many posts should user have before form fields are activated

// ---------------------------------------
if (($mode == 'register' && ($HTTP_POST_VARS['website'] != '' || $HTTP_POST_VARS['signature'] != '') ) || ($userdata['user_posts'] < $cut_off && $mode=='editprofile' && ($HTTP_POST_VARS['website'] != '' || $HTTP_POST_VARS['signature'] != '')))
{
	$ban_this=encode_ip(getenv('REMOTE_ADDR'));

	$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)
	VALUES ('" . $ban_this . "')";
	if ( !$db->sql_query($sql) )
	{
		message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql);
	}
	$sql = "DELETE FROM " . SESSIONS_TABLE . "
		WHERE session_ip = '" . $ban_this . "'";
	if ( !$db->sql_query($sql) )
	{
		message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);
	}
	message_die(GENERAL_MESSAGE, "banned", '', __LINE__, __FILE__);

}

# 
#-----[ FIND ]------------------------------------------ 
#
if ( $mode == 'editprofile' )
	{
		$template->assign_block_vars('switch_edit_profile', array());
	}

# 
#-----[ REPLACE WITH ]------------------------------------------ 
# 

if ( $mode == 'editprofile' )
	{
		$template->assign_block_vars('switch_edit_profile', array());
		if ($userdata['user_posts'] >= $cut_off)
		{
		$template->assign_block_vars('switch_edit_website', array());
		}
	}

# 
#-----[ OPEN ]------------------------------------------ 
#

/templates/subSilver/profile_add_body.tpl

# 
#-----[ FIND ]------------------------------------------ 
#
<tr> 
	  <td class="row1"><span class="gen">{L_WEBSITE}:</span></td>
	  <td class="row2"> 
		<input type="text" class="post"style="width: 200px"  name="website" size="25" maxlength="255" value="{WEBSITE}" />
	  </td>
	</tr>

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
#
<!-- BEGIN switch_edit_website -->
 
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_website -->


# 
#-----[ FIND ]------------------------------------------ 
#

	<tr> 
	  <td class="row1"><span class="gen">{L_SIGNATURE}:</span><br /><span class="gensmall">{L_SIGNATURE_EXPLAIN}<br /><br />{HTML_STATUS}<br />{BBCODE_STATUS}<br />{SMILIES_STATUS}</span></td>
	  <td class="row2"> 
		<textarea name="signature"style="width: 300px"  rows="6" cols="30" class="post">{SIGNATURE}</textarea>
	  </td>
	</tr>

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
#
<!-- BEGIN switch_edit_website -->
 
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_website -->


Of course you can add a notice about this in your template - that website and signature field will be activated after certain amount of posts or ask them to contact administrator.

Let me know if it works for you


UPDATE - if you'd rather only check against website and leave signatures intact use this simplier code:

Code: Select all


# 
#-----[ OPEN ]------------------------------------------ 
# 
includes/usercp_register.php 

# 
#-----[ FIND ]------------------------------------------ 
# 

$error = FALSE; 


# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 


// --------------------------------------- 
if ($mode == 'register' && $HTTP_POST_VARS['website'] != '' ) 
{ 
   $ban_this=encode_ip(getenv('REMOTE_ADDR')); 

   $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip) 
   VALUES ('" . $ban_this . "')"; 
   if ( !$db->sql_query($sql) ) 
   { 
      message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql); 
   } 
   $sql = "DELETE FROM " . SESSIONS_TABLE . " 
      WHERE session_ip = '" . $ban_this . "'"; 
   if ( !$db->sql_query($sql) ) 
   { 
      message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql); 
   } 
   message_die(GENERAL_MESSAGE, "banned", '', __LINE__, __FILE__); 

} 


# 
#-----[ OPEN ]------------------------------------------ 
# 

/templates/subSilver/profile_add_body.tpl 

# 
#-----[ FIND ]------------------------------------------ 
# 
<tr> 
     <td class="row1"><span class="gen">{L_WEBSITE}:</span></td> 
     <td class="row2"> 
      <input type="text" class="post"style="width: 200px"  name="website" size="25" maxlength="255" value="{WEBSITE}" /> 
     </td> 
   </tr> 

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
# 
<!-- BEGIN switch_edit_profile --> 
  
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_profile --> 

Last edited by niekas on Sat Dec 03, 2005 11:24 am, edited 8 times in total.

User avatar
Xxh2kxX
Registered User
Posts: 149
Joined: Fri Aug 22, 2003 6:03 pm
Contact:

IS THERE

Post by Xxh2kxX » Sat Apr 03, 2004 3:12 pm

IS THERE ANY DEMO OF THIS MOD .. :?:

User avatar
niekas
Registered User
Posts: 562
Joined: Sun Sep 23, 2001 7:34 am

Re: IS THERE

Post by niekas » Sat Apr 03, 2004 4:17 pm

Xxh2kxX wrote: IS THERE ANY DEMO OF THIS MOD .. :?:




look i just took the first user with fairly active forum from phpbb who had a link to his forum - look at his memberlist:

http://www.tinklepit.com/forums/memberl ... &start=550

http://www.linuxsolved.com/forums/membe ... &start=390

you will see the problem right away

No i didn't set up demo, but its fairly simple and straightforward
first just edit your

includes/usercp_register.php

and try to register or edit profile (if user has less than 10 posts)

Submit website or signature along with it.

you will get yourself banned (so use proxy or be ready to unban yourself in phpMyAdmin or use proxy and login into admin panel to unban yourself)

After you see that its working edit and upload template file.

Of course its better if you test it on non production forum.
Last edited by niekas on Mon Apr 05, 2004 11:53 am, edited 2 times in total.

User avatar
NoahK
Registered User
Posts: 217
Joined: Wed Nov 12, 2003 4:49 am
Location: Atlanta, GA
Contact:

Post by NoahK » Sun Apr 04, 2004 3:52 am

So if someone registers and posts 5 times, then enters in their website and/or a sig, they get auto banned?
Come play Final Fantasy Tactics: Online!
Features:
- Pick one of 351 class combinations. Battle 150 different monsters. Find over 2,200 weapons, armor, and items. Fight in tournaments or play the Gil Slots. Anything goes!

User avatar
niekas
Registered User
Posts: 562
Joined: Sun Sep 23, 2001 7:34 am

Post by niekas » Sun Apr 04, 2004 4:06 am

NoahK wrote: So if someone registers and posts 5 times, then enters in their website and/or a sig, they get auto banned?


they can't - website field is not displayed untill user posted certain amount of posts (in this mod is 10). Regular user cannot be banned - only someone who is trying to cheat your forum by submitting form which wasn't generated by your server.

Before they reach 10 (you can configure any amount) posts there is no place for them to enter website or signature - form fields are not displayed. After they posted 10 posts - website and signature fields magically appear and they can enter the details.

User avatar
Thunderphreak
Registered User
Posts: 13
Joined: Wed Jan 28, 2004 3:36 am
Location: Germany

Post by Thunderphreak » Sun Apr 04, 2004 11:27 am

SpamBots won't fill out the registration forms like a human user.

They'll parse the index page, analyze that it's a phpBB and send the normal registration data per GET or POST directly to the phpBB, without using any (by this mod modified) registration form.

In this case those bots will try to submit some website or signature data, which no human user could do (because it is removed in the form).

So this mod can differ those (simple) bots from human users, and no normal user will get banned if he doesn't "cheat" like those bots.
My mother language is German. Therefore, if you find any major grammar or spelling mistakes or you cannot understand the meaning of my postings, feel free to PM me *g*

misohoni
Registered User
Posts: 150
Joined: Fri Jan 23, 2004 5:31 pm
Location: Hong Kong
Contact:

Post by misohoni » Sun Apr 04, 2004 1:19 pm

didn't work for me - I think it's to do with the changing user_cp in includes file. The "Username" disappeared and only when I unstalled the changes on the user_cp file was when it worked...

strange stuff
----------------------------------------
Cars under $1000 - New and used cars cheap
http://www.usedcars.org.nz

User avatar
niekas
Registered User
Posts: 562
Joined: Sun Sep 23, 2001 7:34 am

Post by niekas » Sun Apr 04, 2004 8:45 pm

misohoni wrote: didn't work for me - I think it's to do with the changing user_cp in includes file. The "Username" disappeared and only when I unstalled the changes on the user_cp file was when it worked...

strange stuff


what do you mean "the username disappeared"?

misohoni
Registered User
Posts: 150
Joined: Fri Jan 23, 2004 5:31 pm
Location: Hong Kong
Contact:

Post by misohoni » Mon Apr 05, 2004 3:18 am

The username input box on the Register page disappeared. Only when I re-entered the original coding was when it came back...
----------------------------------------
Cars under $1000 - New and used cars cheap
http://www.usedcars.org.nz

User avatar
niekas
Registered User
Posts: 562
Joined: Sun Sep 23, 2001 7:34 am

Post by niekas » Mon Apr 05, 2004 3:29 am

misohoni wrote: The username input box on the Register page disappeared. Only when I re-entered the original coding was when it came back...


you probably added

Code: Select all

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
# 
<!-- BEGIN switch_edit_website --> 
  
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_website --> 
in a wrong place

this code supposed to surround the template code that is not shown to the user before he reached predefined amount of posts.

did you add this code to the part of your template where it displays username?

misohoni
Registered User
Posts: 150
Joined: Fri Jan 23, 2004 5:31 pm
Location: Hong Kong
Contact:

Post by misohoni » Mon Apr 05, 2004 5:55 pm

ok I'll try again tomorrow and get back to you - but don't think I added it in wrong place...
----------------------------------------
Cars under $1000 - New and used cars cheap
http://www.usedcars.org.nz

gbechtel
Registered User
Posts: 17
Joined: Sat Apr 26, 2003 5:45 pm
Contact:

I like it

Post by gbechtel » Mon Apr 05, 2004 9:02 pm

Installed no problem, tested on a few accounts and works like a charm on the human side anyway.

Have not had a real problem with the bots because of other mods already installed but it's a nice addition.

gbechtel
Registered User
Posts: 17
Joined: Sat Apr 26, 2003 5:45 pm
Contact:

I like it

Post by gbechtel » Mon Apr 05, 2004 9:12 pm

Installed no problem, tested on a few accounts and works like a charm on the human side anyway.

Have not had a real problem with the bots because of other mods already installed but it's a nice addition.

misohoni
Registered User
Posts: 150
Joined: Fri Jan 23, 2004 5:31 pm
Location: Hong Kong
Contact:

Post by misohoni » Tue Apr 06, 2004 2:56 am

Nope doubled checked again, Once I install it - the username disappears. Doesn't matter
----------------------------------------
Cars under $1000 - New and used cars cheap
http://www.usedcars.org.nz

clockwise
Registered User
Posts: 4
Joined: Thu Apr 08, 2004 1:55 am

Post by clockwise » Thu Apr 08, 2004 1:56 am

I'm getting the following error after carrying out the changes you listed:

Parse error: parse error in /hsphere/local/home/clockwis/emaculation.com/phpBB/includes/template.php(127) : eval()'d code on line 279

Any hints?

This spam thing is really bugging me.

Locked

Return to “[2.0.x] MODs in Development”

Who is online

Users browsing this forum: No registered users and 10 guests