43
Sorry, have been up all night.... I also put that same line in register.php
require_once XOOPS_ROOT_PATH.'/includes/secret.php';
The same place I put it in index.php. I think THAT is what stopped the bot registrations. I did all this 2 weeks ago and I had to go back over it all this morning to remember how I made it work.
Originally I had that line in header.php but for some reason you could still view the site after getting banned. This way it blocks bots from the XOOPS directories that only bots would scan, the main site page and registration page. I imagine adding that line to the index.php in the contact module would do the same thing. Once a bot does it's scan it can no longer access your registration, main page or contact form. GOOD bots will exclude the disallow folders so it only catches those bad bots.
I may work more on the whole thing later, but like I said.... for now it stopped those pesky automatic registrations that were somehow making it past the captchas.
