xoops forums

Anonymous

Posted on: 2012/5/10 17:04
Anonymous
Anonymous (Show more)
Posts: 0
Since:
#1

What to do against fake users registering?

At nlxoops.nl about 3 to 4 fake users are registered daily. They all are users with strange names and from none Dutch speaking countries... Sometimes they spam in our forum but it looks like fortify is doing a good job, I see spam only once or twice in a month.

What can be done about this fake users registering? Captcha is enabled so I wonder, do spammers take time to register and decifer captcha? Or is captcha useless and do they use bots with the capability to decifer captcha?

hipoonios

Friend of XOOPS
Posted on: 2012/5/10 17:14
hipoonios
hipoonios (Show more)
Friend of XOOPS
Posts: 298
Since: 2005/9/24
#2

Re: What to do against fake users registering?

I got about 3-5 to fake accounts on my site daily. But now I get about 2-3/months. Thanks to the Stop Forum Spam setting in Protector

All captchas sucks. At least the onces that comes with Xoops. I have also tried to use Re-Captcha. But that seems to be worst of them all.
I love Xoops!

Anonymous

Posted on: 2012/5/11 8:22
Anonymous
Anonymous (Show more)
Posts: 0
Since:
#3

Re: What to do against fake users registering?

Stop forum spam was not enabled yet, I did and will see what happens

wishcraft

Module Developer
Posted on: 2012/5/11 12:33
wishcraft
wishcraft (Show more)
Module Developer
Posts: 3710
Since: 2007/5/18
#4

Download: Xortify 3.04 - Beat the spammers!!!

I had that problem on chronolabs.coop, there is a couple of options you can do for one you can use Profile 1.76 to add a validation field that will lock the submit button on the registration form until the form is validated, you then prepare a table of answeres for a question you ask on the form. I orginally did this where you would have to know an existing email address, but this didnt work I still got spam signup.

What they are that are signing up is Captcha Sweat shops these prodominately operate out of China and places like india where people are paid less than $1 USD a day to set up accounts on websites for a bot attack later on. Stop forum spam doesn't cover this type of spammer / harvestor. But i find it is in Project Honeypot.

Xortify 3.04 (download) is completely bug free if you would like to give it a go, if you want we can set up a netherlands cloud for it at http://xortify.nlxoops.nl if you like which means for that intial query of 1 IP address every 24 hours, or 1 IP address, username and/or email address every 24 hours or whatever you set it for, then you can point the xortify in the nl at xortify.nlxoops.org instead of having to wait for the europe -> australia pipe to clear as DNS Resolution.

But i warn you xortify is sitting on a Beast it gets currently over 69 million api hits a month. I found like many others did including Ivan that xortify solves all the other problems that protector doesn't cover for including captcha sweat shops..

So try it out http://xortify.com to get the client for XOOPS. It is quiet likely that the API key in protector will be disabled talking to paul from SFS soon as it offers not anti bot or IP Cache querying system like built into the xortify cloud or anything else that has allowed Xortify to query for SFS in over 55k queries an hour.

The problem with it being built into protector is you are all using the Same API Key, that as paul from Stop Forum Spam who is on my skype told me should never be published with OS otherwise he will close it down when i was talking to them about the load and setting up a pipe between our machines while writting xortify. See the API it gets abused by people trying to DOS Attack and other stuff on his API on his system. It is only a matter of time till that silly idea of duplicating the wheel in protector from xortify, is disabled and then income the spammers again.

I also find that i intermitently get a WSOD when the API query in protector fails cause it isn't in a try {} catch () {} clause in php as well as some of the anti crash system put into and well researched by myself over the SDLC of Xortify.

Mamba: We need to set up http://xortify.xoops.org as well at some point as it is included with 2.6 as per my branch task. The 2.6.0 version is already written, just so people have options.
Resized Image
www.ohloh.net/accounts/226400

Follow, Like & Read:-

twitter.com/SimonXaies
github.com/Chronolabs-Cooperative
facebook.com/SimonSXaies

Anonymous

Posted on: 2012/5/11 13:26
Anonymous
Anonymous (Show more)
Posts: 0
Since:
#5

Re: What to do against fake users registering?

Xortify is running already Simon, you did some finetuning yourself remember I enabled sfs in protector yesterday and it seems like adding some extra protection, seven ip adresses where blocked and some posts are deleted. I did not see this before!

I would love to give some space for an european xortify cloud, but am afraid my reseller account can't handle the amount of data... Is there an advantage in having a seperate european cloud?

wishcraft

Module Developer
Posted on: 2012/5/11 14:38
wishcraft
wishcraft (Show more)
Module Developer
Posts: 3710
Since: 2007/5/18
#6

Re: What to do against fake users registering?

Which version of Xortify are you running the latest.. Perhaps you need to lower the tollerances a bit on the setting if you are getting spam signup, this means your users will be getting banned at the moment you didn't want banned before i did the fine tuning as protector has absolutely none of that.. and i know what sort of narfarious people compute in the netherlands, I am friends with some of them.

There are bots an also Captcha Sweat shops that will have harvested your email from somewhere that send out emails saying they are banned and a genuine users and so on and even pretend to be a real user.

Well Ideally I would like to set up a Xortify cloud for europe on http://xortify.xoops.org seeming it is hosted in the UK at surpass.. But i am still waiting on the slow slow slow response from emails I sent over 3 months ago..

It wouldn't get as much traffic as xortify.com which is the primary unless it is heavily used by your users, maybe only 1 millions hits a month.

I can provide you the file base and a copy of the Database if you want just contact me on one of my IM I have listed on my profile. Skype is best.

You can put an article up on using xortify on http://xortify.nlxoops.nl it would be just a case of changing http://xortify.com to http://xortify.nlxoops.nl in the preferences of xortify and signing up to use it I guess. I would have to work quickly on a provider for the the xortify client so there is a xortify server client that syncronises our clouds as well..

The only advantage really is lower DNS Resolution times, this can take anything upto 10 seconds with an Australian server in some countries especially europe the pipe between australia and everywhere else isn't fantastic.
Resized Image
www.ohloh.net/accounts/226400

Follow, Like & Read:-

twitter.com/SimonXaies
github.com/Chronolabs-Cooperative
facebook.com/SimonSXaies

Anonymous

Posted on: 2012/5/11 15:47
Anonymous
Anonymous (Show more)
Posts: 0
Since:
#7

Re: What to do against fake users registering?

I guess waiting for a final European solution is a better strategy. I think nlxoops is at the moment the one and only site using xortify in the Netherlands, and maintaining and supporting local clouds everywhere does not sound as a good strategy....

irmtfan

Module Developer
Posted on: 2012/5/12 8:12
irmtfan
irmtfan (Show more)
Module Developer
Posts: 3419
Since: 2003/12/7
#8

Re: What to do against fake users registering?

personally i hate captcha and the re-captcha is the worst of them.
solving the captcha for english users is much easier than non english users.
particularly non english territories with the languages using non latin characters like arabic and persian have mush troubles with re-captcha these days.

The IP realtime black list servers (RBL, Xortify cloud, sfs, ...) is another solution but it is not totally reliable.
maybe they will be useful in some countries in Europe, America and Japan that users have valid IPs but in most Mideast countries and China users have shared IPs and have to connect under VPN and proxies to rescue from Internet Filtering.
IMO for this kind of users the only solution is using "the local text captcha" (using the local characters and numbers eg: Greek number for math captcha)
personally i use this kind of captcha in my high traffic persian website and it works great.
i dont have any registered bots for days while i had about 9 to 10 daily robots before applying it.

Also i think the java script solution like the protector plugin postcommon_register_insert_js_check.php may be useful while today robots are clever enough to pass them.

Anonymous

Posted on: 2012/5/12 16:53
Anonymous
Anonymous (Show more)
Posts: 0
Since:
#9

Re: What to do against fake users registering?

Many thanks, until now I learned a lot in this thread. It's good to know what happens under the hood and how spammers operate. Modules like xortify and protector do a good job but but finetuning is rocket science for an average webmaster like I am

Roby73

Friend of XOOPS
Posted on: 2012/5/12 22:38
Roby73
Roby73 (Show more)
Friend of XOOPS
Posts: 262
Since: 2011/6/15
#10

Re: What to do against fake users registering?

i have not fake user. (for now )
I have modified profile module, i have insert recaptcha code in all registration steps.
Registration form only in last step.

With protector forum anti spam, all is ok. 2, 3 real user everyday.