Advertisement:

Author Topic: Simple Machines Forums attacks  (Read 1788091 times)

Offline b4pjoe

  • Jr. Member
  • **
  • Posts: 380
  • Gender: Male
    • B4print.com
Re: Simple Machines Forums attacks
« Reply #20 on: February 19, 2011, 08:31:46 PM »
5+ hours using only Arantor's mod. ZERO errors.

And yes, thanks Arantor.

Offline ACAMS

  • Full Member
  • ***
  • Posts: 598
  • HEY, watch this....here, hold my beer
    • gametechmods.com
Re: Simple Machines Forums attacks
« Reply #21 on: February 19, 2011, 08:33:59 PM »
Additional protection for your members accounts
2. Add verification to the login page
Login verification
This mod enhances the login page, by adding security verification, just as can be done during registration. We strongly recommend to use custom questions, rather than Captcha. Questions that a human would answer easily, but a bot could not guess work well.  Once you install it, the settings in your forum admin panel
Security and Moderation > Anti-Spam:
> Require verification on registration and login pages
> Visual verification image to display
> Number of verification questions user must answer
> Verification Questions
will be applied to both registration and login pages.
In addition, the mod enhances logging in your SMF error log.

I would like to have this Login verification mod, but it did not have an install option when I uploaded it to my 2.0 RC3 packages folder.
 
I searched mods in hopes of it being able to Parce to RC3 and it was not found.
 
That seems to be a MAJOR problem with SMF updating every two weeks here lately......simple updates screwes up the whole damn software and makes current mods not work. SMP is too plain and useless in my book without mods. I have had my modified theme for a year, and when I updated to RC3....IT GOT MESSED UP AND WOULD NOT WORK!!!!!!!.......took me two days to MAKE it work, and it does not look like it did at first!
 
If you guy's want to update every other day.....MAKE MODS BE COMPATIBLE!!!!!......there is no sense in changing it so much that my theme DOES NOT WORK!!!!
 
 
Is this mod planned for release so I can parse it to RC3?
 
 
EDIT:
 
I deleted the package from the folder and tried to upload through the forum (a trick that sometimes works) and I got this error.
 
The package you are trying to download or install is either corrupt or not compatible with this version of SMF.
« Last Edit: February 19, 2011, 08:39:12 PM by ACAMS »

Offline

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 61,613
Re: Simple Machines Forums attacks
« Reply #22 on: February 19, 2011, 08:38:03 PM »
The changes since 2.0 RC3 are all bug fixes, security enhancements and enhancements so that most mods don't need to make theme edits. Unfortunately something like this has to.
Damaged people are dangerous. We know we can survive.

Offline ACAMS

  • Full Member
  • ***
  • Posts: 598
  • HEY, watch this....here, hold my beer
    • gametechmods.com
Re: Simple Machines Forums attacks
« Reply #23 on: February 19, 2011, 08:43:13 PM »
I have LOTS of hand made and installed mods I don't want to lose, but the email login is causing trouble too, and I think this will fix the problem.
 
Can it be used on RC3?
 
Yes, it blocks totally on the bot's MO, and uncovered what I believe is a bug in SMF itself in the process - which the bot is actually exploiting, though indirectly. (I have documented the bug on the tracker, naturally)

I'm now happy that it's doing what it's supposed to, so I've removed the debugging log it did and provided a general error (English only, didn't see any point in doing that part properly)

Should install cleanly on all 1.1.x and current 2.0 versions.

Offline StarWars Fan

  • Jr. Member
  • **
  • Posts: 157
  • Gender: Male
Re: Simple Machines Forums attacks
« Reply #24 on: February 19, 2011, 08:43:53 PM »
I'm now hours and hours without a single bot hit... with 2 lines of code and my users noticed nothing ;) And no, the login CAPTCHA is not the answer. Mind you, I have a custom CAPTCHA anyway ;)

Arantor's 2 lines of code solved my problem for over 2 hours now with no problems and no other mods... THANK YOU ARANTOR!

Offline

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 61,613
Re: Simple Machines Forums attacks
« Reply #25 on: February 19, 2011, 08:46:52 PM »
Quote
Can it be used on RC3?

Yes, it installs on 1.1.x plus RC3, RC4 and RC5.
Damaged people are dangerous. We know we can survive.

Offline ACAMS

  • Full Member
  • ***
  • Posts: 598
  • HEY, watch this....here, hold my beer
    • gametechmods.com
Re: Simple Machines Forums attacks
« Reply #26 on: February 19, 2011, 08:59:26 PM »
I guess I need to install it by hand.....where can I find the code?
 

Offline

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 61,613
Re: Simple Machines Forums attacks
« Reply #27 on: February 19, 2011, 09:00:21 PM »
No, I made the package info EXPRESSLY check for 1.1.x, 2.0 RC3, 2.0 RC4 and 2.0 RC5.
Damaged people are dangerous. We know we can survive.

Offline Norv

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 18,314
  • Blue Wolf
Re: Simple Machines Forums attacks
« Reply #28 on: February 19, 2011, 09:04:00 PM »
Please find Arantor's Login detector attached here: Login Detector mod. You shouldn't need to install it by hand, installing through package manager should work.

I understand the problems you're facing with RCs, however I have to recommend that you take into account upgrading your forum, as RC4 and RC4 Security Patch (which is only a mod for it) have important security fixes.

ETA: ninja-ed again. I'm slow today. :D
To-do lists are for deferral. The more things you write down the later they're done… until you have 100s of lists of things you don't do.
File a security report | Developers' Blog | Bug Tracker

Also known as Norv on D* | Norv N. on G+ | Norv on Github

Offline

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 61,613
Re: Simple Machines Forums attacks
« Reply #29 on: February 19, 2011, 09:05:17 PM »
Also it should be noted that if you're truly desperate, RC4's patch can be installed on RC3 with emulation. This is in no way a long term solution, though, it is a stop gap until you can properly upgrade.
Damaged people are dangerous. We know we can survive.

Offline ACAMS

  • Full Member
  • ***
  • Posts: 598
  • HEY, watch this....here, hold my beer
    • gametechmods.com
Re: Simple Machines Forums attacks
« Reply #30 on: February 19, 2011, 09:16:03 PM »
OK, Login detector installed, but I wanted Login verification to work and can't find anything on it.
 
Also, what does  Login detector do?
Where do I see it?
How do I control it?
 
Can I get Login verification to work with RC3?

Offline

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 61,613
Re: Simple Machines Forums attacks
« Reply #31 on: February 19, 2011, 09:18:50 PM »
Quote
Also, what does  Login detector do?
Where do I see it?
How do I control it?

It stops the current bot attacks dead.

There's nothing to see, it's a two line patch that traps the current attacks and just makes them fail quietly. No configuration options provided, none are necessary.

Quote
Can I get Login verification to work with RC3?

Doubtful.
Damaged people are dangerous. We know we can survive.

Offline ACAMS

  • Full Member
  • ***
  • Posts: 598
  • HEY, watch this....here, hold my beer
    • gametechmods.com
Re: Simple Machines Forums attacks
« Reply #32 on: February 19, 2011, 09:23:54 PM »
If I update to RC4 will I lose all my mods and themes?

Offline Joshua Dickerson

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 12,665
  • Gender: Male
    • joshuaadickerson on LinkedIn
Re: Simple Machines Forums attacks
« Reply #33 on: February 19, 2011, 09:34:14 PM »
Check the mod's page to see if they install on your version or just try it. Use a backup.
Need help? See the wiki. Want to help SMF? See the wiki!

Did you know you can help develop SMF? See us on Github.

How have you bettered the world today?

Offline live627

  • Developer
  • SMF Hero
  • *
  • Posts: 4,004
  • Gender: Male
  • Cat: Destroy!
    • live627 on Facebook
    • @live627 on Twitter
    • livemods
Re: Simple Machines Forums attacks
« Reply #34 on: February 19, 2011, 11:41:34 PM »
If I update to RC4 will I lose all my mods and themes?
Yes, just like when you upgraded to RC3. But why not go for RC5?

Offline Aleksi "Lex" Kilpinen

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 15,430
  • Gender: Male
  • The Artist Formerly Known as LexArma
Re: Simple Machines Forums attacks
« Reply #35 on: February 20, 2011, 12:45:56 AM »
Disabling Tor Access and setting up a Honeypot and installing httpBL worked for very well for me, and I've also been able to keep other bots like spammers at bay with this setup very well.
« Last Edit: February 20, 2011, 01:04:35 AM by LexArma »
Finnish Support Local Moderator & Support Specialist
My Mods: Facebook and Twitter Sharer



Offline Kryzen

  • SMF Friend
  • SMF Hero
  • *
  • Posts: 3,678
  • Gender: Male
Re: Simple Machines Forums attacks
« Reply #36 on: February 20, 2011, 03:29:31 AM »
Thanks for the tips, Norv and thanks Arantor for the mod. :)

Offline Aoife

  • Semi-Newbie
  • *
  • Posts: 94
  • Gender: Female
  • Guild Leader/Web Admin
    • Divine Alliance of Mok'Nathal
Re: Simple Machines Forums attacks
« Reply #37 on: February 20, 2011, 09:49:39 AM »
Disabling Tor Access and setting up a Honeypot and installing httpBL worked for very well for me, and I've also been able to keep other bots like spammers at bay with this setup very well.

I'd love to be able to use httpBL but don't run my own server.  I've installed Arantor's patch and it's cut down the number of login attempts significantly but my main forums are still getting hit with registration attempts by bots that are blacklisted in the Project Honey Pot database. I closed registration several days ago so they can't get in, just fill up my error log.

Thanks to all who have been and are still working on these issues! I appreciate everyone's efforts!



Offline

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 61,613
Re: Simple Machines Forums attacks
« Reply #38 on: February 20, 2011, 09:50:28 AM »
The registration attempts are a totally different vector of attack, almost certainly spammers trying it on, not the bots trying to break into accounts.
Damaged people are dangerous. We know we can survive.

Offline Aoife

  • Semi-Newbie
  • *
  • Posts: 94
  • Gender: Female
  • Guild Leader/Web Admin
    • Divine Alliance of Mok'Nathal
Re: Simple Machines Forums attacks
« Reply #39 on: February 20, 2011, 09:56:21 AM »
The registration attempts are a totally different vector of attack, almost certainly spammers trying it on, not the bots trying to break into accounts.

ya, I realize that. Just commenting on it is all, and just a minor annoyance compared to the hack attacks which aren't happening now, thanks to you and your mod.  :)