xoops forums

barryc

Just can't stay away
Posted on: 2011/1/22 0:36
barryc
barryc (Show more)
Just can't stay away
Posts: 480
Since: 2004/3/20
#11

Re: Has reCaptcha been hacked?

I took one step that ghia mentioned and that may be helping. I have a two step registration process, the first being just the basics (user name, email, etc.) and the second containing additional information, including first and last name, which are required. I originally had Xoops set to save both steps, but now only save after the second step. I haven't received any spam registrations since doing that but I'll know more tomorrow. I'm sure "they" will soon figure a way around that too. I did do a test registration after making that change and it came through. Filling only the first form (step) did not.

Peekay, I have installed your hack for blocking direct access to register.php. Hopefully you can modify that.

Regarding the idea of not entering a registration unless a valid email address is entered, I don't think that will work. Some of these spammers do use valid email addresses. Once they register they may start filling your site with spam advertising or, worse, porn. So far none of the spam registrations on my site have followed up with confirmations. That may be because the email addresses are spoofed or that they are simply not monitoring the registration confirmation messages. Presumably there would be thousands of them. I do know that I don't get many bounce messages although I've had a few, suggesting that many of the email addresses are real.

barryC

redheadedrod

Home away from home
Posted on: 2011/1/22 0:49
redheadedrod
redheadedrod (Show more)
Home away from home
Posts: 1296
Since: 2008/2/26
#12

Re: Has reCaptcha been hacked?

I have started a thread about a new profile module. In case you can't find it the link is here...

https://xoops.org/modules/newbb/viewto ... id=335690#forumpost335690

Would like to have some input on how to help make "this" problem go away with this new module.

barryc

Just can't stay away
Posted on: 2011/1/22 21:52
barryc
barryc (Show more)
Just can't stay away
Posts: 480
Since: 2004/3/20
#13

Re: Has reCaptcha been hacked?

Just an update for information purposes. After making the first step on our registration pages "not saved" and including a couple of required fields in the second step I have had no more spam registrations. By now, based on the last couple of weeks, I would have seen half a dozen. The change seems to have at least temporarily stopped these guys.

barryC

Kainaij

Quite a regular
Posted on: 2011/2/9 6:10
Kainaij
Kainaij (Show more)
Quite a regular
Posts: 256
Since: 2004/10/5
#14

Re: Has reCaptcha been hacked?

Hi,

I have also been inundated with a ton of registrations. I've tried a couple of the captcha registration fixes to no avail as I juuust received 2 registrations while writing this. It almost seems as I've stirred the hornets nest by trying these. The last captcha I installed (frankblacks) gave me a 1 hour respite and then after that bang again with the bot registrations.

Can you give instructions as to how I can enable the two step registration process?

Thank you.

barryc

Just can't stay away
Posted on: 2011/2/9 15:05
barryc
barryc (Show more)
Just can't stay away
Posts: 480
Since: 2004/3/20
#15

Re: Has reCaptcha been hacked?

Here's what I did. In the admin pages for the Profile module, make a couple of additional fields, such as first name and last name and make them required. there is a entry for "Show in registration form" where you enter "Step 2" so that they need to be completed in the second step of registration. In Profile admin/registration steps for "Save after step" enter No for step 1 and Yes for step 2.

On my site I modified the Disclaimer to include a statement that registration is a two step process and "please complete both steps". That is so a human registering will know what to do.

So far that has completely stopped those annoying spam registrations. I still have my site set to require admin approval of a registration but so far all have been genuine.

barryC

Kainaij

Quite a regular
Posted on: 2011/2/9 23:15
Kainaij
Kainaij (Show more)
Quite a regular
Posts: 256
Since: 2004/10/5
#16

Re: Has reCaptcha been hacked?

Hi Barryc,

Thanks for the reply first of all.

I did try your fix to a "t", but I cannot get a 2nd page to render with the First Name and Last Name required fields.

I am using version 1.55 of the Profile module and currently using Xoops 2.4.1.

The following message is one I get at my homepage (http://kainaistudies.com btw):

Notice: Deprecated function 'mod_getUnameFromIds', use XoopsUserUtility directly. in file /Frameworks/art/functions.user.php line 26

Thanks for any input.

barryc

Just can't stay away
Posted on: 2011/2/9 23:32
barryc
barryc (Show more)
Just can't stay away
Posts: 480
Since: 2004/3/20
#17

Re: Has reCaptcha been hacked?

I am using 2.4.4 at the moment. Someone more familiar with the differences between that and 2.4.1 will have to comment.

I assume that you created the first name and last name fields and made them required.

See this image for how my First Name field is set up and this one for the registration steps.

barryC

timgno

Module Developer
Posted on: 2011/5/6 12:17
timgno
timgno (Show more)
Module Developer
Posts: 1504
Since: 2007/6/21
#18

Re: Has reCaptcha been hacked?

I can't longer make registred of users, upgrading to xoops 2.5.1a, after sending the form appears blank page

mboyden

Moderator
Posted on: 2011/5/19 16:31
mboyden
mboyden (Show more)
Moderator
Posts: 484
Since: 2005/3/9 1
#19

Re: Has reCaptcha been hacked?

I've just released a community site on XOOPS and we're beginning to see a large number of spam bot and automated mass registrations. Another site on an older version of XOOPS has the same problem (without Profile module). I'd implemented reCAPTCHA but that didn't stop it either. And I was having similar problems with the XOOPS CAPTCHA system as well. And I needed to use reCAPTCHA because of a disability requirement.

It does appear that the spammers and blackhats have come up with methods to get around reCAPTCHA. I've found references to both programmatic methods as well as paying somebody in some foreign country $0.05/submission ($5/100).

I've found several other discussion here on X.o about spammer registrations and posts, and today, wishcraft announced the new Profile 1.68, which I'll have to try out as well, but it's focus appears to be more on invitations and such.

I've seen a few solutions proposed including the hidden field (not to easy since both the XOOPS register as well as the Profile Module use XOOPS Forms instead of presenting through Smarty which would make it easier to target) but also still requires either special programming, and or human intervention and review, as well as special fields with math or other text identification. I've also seen people that block by IP, country, and such (but we can't do that).

However, one possible method I found comes from Stop Forum Spam, and could be integrated into the Profile module to check registrations against an RBL (and perhaps give a success message but not actually add it to the database, or add it but then add it to a special Spammers group). We could even add a link that allows admins to report spammers into this block-list.

Has anyone tried this method? I'm putting it on my list to try it, but I've got too much on my plate at the moment.

I've also found using Akismet and Defensio to help stop it (from Rob Mason on how to code to stop spam).

And I found Xortify which is somehow tied to StopForumSpam, but will have to research it further as well (and it appears to be only good for XOOPS 2.5.x which I've not yet adopted).

Like others suggested, we're adding users to a Spammer group without user rights on the system (to help keep them from coming back), but then we'll have too many folks in the database and to be able to send an occasional system message may be problematic. We've also moved to a 2-page registration, but will see how much that actually helps.

Anyhoos, still working on those bloody b*stards.
Pessimists see difficulty in opportunity; Optimists see opportunity in difficulty. --W Churchill

XOOPS: Latest | Debug | Hosting and Web Development

barryc

Just can't stay away
Posted on: 2011/5/19 19:46
barryc
barryc (Show more)
Just can't stay away
Posts: 480
Since: 2004/3/20
#20

Re: Has reCaptcha been hacked?

As I've indicated previously, the two step registration process worked for me. I was getting hammered with spam registrations but haven't had any since going to the two step process. It is important not to save step 1, save only after step 2. Also have a couple of fields in step 2 that are required.

Try it. It will probably work for you.

BC