61
ghia
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2009/12/22 0:28

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Quote:
If you want to use this hack it seems you will have to make the change in both files.

I recommend that also. Deleting one is not a good option.

62
sailjapan
Re: Mass user registrations.... bots perhaps? Anyone else getting these?

Have you seen this module XOOPS Bot Signup Protection 1.04?

63
barryc
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/9 15:34

  • barryc

  • Just can't stay away

  • Posts: 480

  • Since: 2004/3/20


Reactivating this discussion I hope.

Recently I have been getting spurious registrations again, despite having both reCaptcha and Peekay's referrer hack on my site. These folks typically register then post a series of messages to the forums (cbb) containing advertising material.

The most recent one, after registering, posted a series of messages that contained text from previous posts in the thread, and included a URL to their site.

I am wondering whether some bots have found a way around both the reCaptcha scheme and the peekay hack or whether they are simply manually registering.

Previously I had some help from you guys looking at the logs to analyze how the registrations were done. I'm not a good enough programmer to reliably determine that. If anyone is willing to take a look I can supply the pertinent log information.

In the meantime, I've switched to requiring webmaster activation. Bit of a pain but no more so than having to delete a long series of spam posts, which also irritate our genuine members by sending out notifications.

barryC

64
ghia
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 12:03

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


The only way to recognize a user from a script in the logs is the speed posting.

You can also try Frank Black's SexyCaptcha.


But it is not uncommon that some humans are payed to disperse spam on certain boards and sites. There is nothing that you can do against it, apart from swift removal of unwanted posts and comments.
Protector has also some mechanisms to prevent many links in such postings.
If you have low user sign on, then webmaster activation is a good idea.

65
barryc
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 14:27

  • barryc

  • Just can't stay away

  • Posts: 480

  • Since: 2004/3/20


Thanks ghia,

I do think these are manual registrations. I have changed to webmaster approval of new registrations but one yesterday fooled me. It looked genuine, although it used a gmail address containing a trailing number. That makes it suspicious but I know many people whose email addresses contain similar numbers. Anyway, I approved it and today got a large batch of spam messages. All come from the same IP address, which I could block. The problem is that the IP could be spoofed and I might be blocking the wrong person.

barryC

66
ghia
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 14:53

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Yeah, that can happen, when the IP is part of your target audience. If not block the entire net of it by Apache.

On eg your fish site, you could also add a required field for the profile at registration, with some personal questions as how many and which species do you have?

(It seems like you use real names with the forum posts. That might scare off some (good) people also.)

67
barryc
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 15:14

  • barryc

  • Just can't stay away

  • Posts: 480

  • Since: 2004/3/20


Quote:

ghia wrote:
Yeah, that can happen, when the IP is part of your target audience. If not block the entire net of it by Apache.

On eg your fish site, you could also add a required field for the profile at registration, with some personal questions as how many and which species do you have?

(It seems like you use real names with the forum posts. That might scare off some (good) people also.)


ghia,

I tried to search for the IP but came up with "no records found". This may be an unregistered IP. I don't know enough about IP technology to know the answer to that.

the problem with asking for info like "what species do you keep" is that many registrants are browsing but might not keep these fish yet. Our hope is, of course, to attract them to the hobby.

I know it is common practice to allow people to use "handles" when posting. In our case, I don't think genuine people have the need to hide their real name. I haven't received a single complaint about it. Anyway, they can enter a fake name when they register. There's nothing I can do to prevent that.

What would be useful is for the CBB forum preferences to allow approval of posts by the moderator. For a high volume site, that would be a pain, but for us it would be doable, at least short term until this person gives up.

barryC

68
ghia
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 15:26

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


Never used it, but I tought there was a permission for posting with aproval in NewBB 3.08
Quote:

I tried to search for the IP but came up with "no records found".
What was the IP number? If it is fom an unused range or something, then you can block it.

Quote:
I don't think genuine people have the need to hide their real name.
You would be surprised. All companies do an internet search when you have solicitation or promotion and most people will not like to have too many results in Google.
If you have a very common name, you can hide in the masses, but else you are giving up a lot of your privacy, which can be abused as well.

69
Peekay
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 15:33

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


Quote:
What would be useful is for the CBB forum preferences to allow approval of posts by the moderator.

I'm sure that CBB allows that?. The 'Blue Move' forum here on XO is moderated at present (although it's new and I think Mamba may have forgotten to change the settings).

If the registration is done by a human to pave the way for robot spam, then all you can do is shift your defence to the forum. Moderation would work, but I guess the bot may well attack a CBB file directly, much like the register bots hit register.php.

The registration will be done using a proxy and the bot IP will be spoofed, so IP bans are a waste of time really.

Even XO gets these spam posts from time to time. You just have curse them and delete them.
A thread is for life. Not just for Christmas.

70
barryc
Re: Mass user registrations.... bots perhaps? Anyone else getting these?
  • 2010/8/11 15:47

  • barryc

  • Just can't stay away

  • Posts: 480

  • Since: 2004/3/20


You are right about CBB. I expected to find it under preferences but it is in permissions, under "can post without approval". So, I've changed it such that our members can do so but registered users cannot. I hope it works. I'll do a test registration soon and try to post. Hopefully this nuisance will go away if I disallow the posts for a while and I can revert back.

The IP is 119.155.27.37

You make a good point about real names. Perhaps I've been naive about that. I will think about resetting it to not show real names.

barryC

Login

Who's Online

313 user(s) are online (196 user(s) are browsing Support Forums)


Members: 0


Guests: 313


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits