Want to get involved in developing SMF, then why not lend a hand on our github!
Started by vbgamer45, May 08, 2009, 11:45:43 PM
Quote from: Karl BensonIt is a cat and mouse game between forum software and bot-creators to secure forums against spam bots.Using generic/centralised anti-spam measures makes it viable for bot-creators to try to get past them.If every forum employs completely different anti-bot measures it makes it almost impossible to create bots for mass-automated registration.
1.1 - 29th May 2009 o Now the register page isn't cacheabled. It is useful against "Send Form" and "Go Back" o Fix a bug in Register.template and password visible. Thanks DistantJ for report1.0 - 2nd May 2009 o Initial release o Adds Mutation in the Form Register
Quote from: JBlaze™ on May 08, 2009, 11:49:45 PMVery nice .LORD.!This is interesting! Installing on my forum as we speak.
Quote from: brelwit on May 09, 2009, 12:54:17 AMDoesn't work for me. After doing a test registration, it produces an error "Registration is disabled" or something like that.
Quote from: A.SK on May 09, 2009, 02:58:52 PMGood concept .LORD.It would be really good if there is an screenshot.
Quote from: blondeamon on May 09, 2009, 05:23:31 PMcool mod, thanks
Quote from: Tiribulus on May 09, 2009, 05:59:15 PMLemme see if I got this.Open a registration form, fill it out, but don't submit it yet.Install the mod.Click submit for the registration begun in step 1. There will be an error.Register a new account as usual and everything is now invisible.A couple things first.JBlaze has no hesitation about this and I know he knows what he's doing (not that you don't) so that's a plus.However, I can't help asking, how are future registrations determined to be either fake or real? Also is this testing deal some sort of "activation" or something? I'm not grilling you, it's just that my over active mind gets the best of me sometimes when I don't understand something.
Quote from: imno007 on May 09, 2009, 08:30:45 PMAre there options for this in the admin?
Quote from: .LORD. on May 09, 2009, 07:40:52 PMExcuse me if I have not understood.The MOD makes this. But first we must understand how bots operate.The users do click on the link Register. Fill the boxes and then click on the button Register.The bots don't make that. The bots sent the variables with his registration.What variables? What are the names of the variables?The Spammers will study who to break the software. In the case of a forum (in this case SMF), the registers variable is always the same name (user, email, passwrd1, passwrd2). So no problem in sending these variables filled with his information.This MOD makeup, random mutations in the register template form, and (eg) the changes to (a3423ads234234asdasd, sdf34a56234234asdasd, blah, blah).Spammers don't know this, then they will send the variables (user, email, passwrd1, passwrd2) as always.Moreover, if their registration fails, the spammers they can see the error message. Then make a page re study, and will modify their bot. The "message of error/distraction" will think the spammers the registration failed because your forum have the register disable.Sorry for my bad English.
Quote from: akaiphan on May 09, 2009, 11:16:49 PMyou have a screen shot? I really want to see how it looks before put it on my forum
Quote from: ThePro on May 12, 2009, 02:05:43 PMwhat exactly does this mod do, does it change the url of the register form?
Quote from: Tiribulus on May 12, 2009, 11:34:05 PMThe short version is it detects spambots when they attempt to bypass the normal registration routine and returns an error saying registrations are disabled.