News:

Join the Facebook Fan Page.

Main Menu

password incorrect errors

Started by tempneff, February 01, 2011, 01:15:23 AM

Previous topic - Next topic

squad



Gosh thankfully, not really thankfully, but I was starting to think I
would go crazy with blocking IP addys. I have given up for now.

I hope there is a simple solution really shortly to stop these, I think I
will go block my site from guests until the solution is found. I really
count on the couple that are viewable, but if it cuts back on this well
it will have to be done :) :)

Thank you to the member who brought this to everyones attention.

squad



I decided since I like perople to read something about my forum
I'd decided to make a new board viewable to 'guests' and hopefully
that will cure this rubbish for the present time.

Probably not really the 'right' thing to do but I've done it anyway.

I dragged a post from a member that i know (banned) will not come
back, well I hope so anyway. Using a banned member I figured they
would only get the ban message and with that I locked the post.
I also didn't include any moderators.

I hope this will get rid of them for now, when things settle down
again I'll revert bac to the original stuff that was viewable to guests
but keep this on hold for any future attacks.

PLAYBOY

Any improvement yet? Did it really work?
Because i closed my forum to guests but i still get the bots attacks.

RustyBarnacle

Anyone tried that htaccess file someone posted in one of the threads about this?  I don't have enough members to make an accurate test.

Cal O'Shaw

You're going to continue getting attacks.  Blocking the membernames is a protection against FUTURE users of the attack code, before they come to your site and try to harvest names.

Which is why it would be really, REALLY great if we could get some sort of patch (even hand edit) to replace membernames with something like "(hidden)" or "(restricted)" when guests come calling.  Because that is going to be the ONLY WAY to cut down the attacks.

If any of the SMF wizards could help us, or at least tell us help is on the way, it would be wonderful.

Again, nothing fancy, with just this simple check before the places where the membername would be displayed, do the following:
if Guest = true then display "(hidden)" else display membername.
The places needed:
- on main index after "last post by"
- on topic index after "last post"
- on topic where membername is displayed

Any help greatly appreciated!

Cal


crash56

Quote from: RustyBarnacle on February 12, 2011, 07:01:11 PM
Anyone tried that htaccess file someone posted in one of the threads about this?  I don't have enough members to make an accurate test.

I loaded the .htaccess file assembled by Elysia posted here.  I have only had it in place a couple of hours, so keep in mind that I haven't had a great deal of time to test its effects, but for the first time in several days, my Error Log is empty.  It looks like it has worked.

Illori

have you also upgraded to 1.1.13? it was posted in one of the other threads on this issue that they added some code to help with this issue.

YogiBear

I would suggest for the future members use a different screen name from their sign-in name. This does seem to confuse these robots which are also plaguing me at the moment.
SMF v2.1.3  Mods : Snow & Garland v1.4,  PHP  v.7.4.33

PLAYBOY

Quote from: Cal O'Shaw on February 12, 2011, 07:21:56 PM
You're going to continue getting attacks.  Blocking the membernames is a protection against FUTURE users of the attack code, before they come to your site and try to harvest names.

Which is why it would be really, REALLY great if we could get some sort of patch (even hand edit) to replace membernames with something like "(hidden)" or "(restricted)" when guests come calling.  Because that is going to be the ONLY WAY to cut down the attacks.

If any of the SMF wizards could help us, or at least tell us help is on the way, it would be wonderful.

Again, nothing fancy, with just this simple check before the places where the membername would be displayed, do the following:
if Guest = true then display "(hidden)" else display membername.
The places needed:
- on main index after "last post by"
- on topic index after "last post"
- on topic where membername is displayed

Any help greatly appreciated!

Cal

I think implementing recapctcha on the login secreen would be quicker and easier. But at this stage, i am ok with any kind of solution because im loosing money and visitors every minute.

Cal O'Shaw

As I said, the problem with recapcha on the login is that means you will require EVERY member to enter both their password and the capcha phrase.  Depends on the users as to whether the extra step is worth what a site offers.

PLAYBOY

I think it would be the useful, temporary and easiest solution. or somebody can do both and whoever want they can use it. But somebody needs to help us guys cmon... how long is this suffer gonna take...

squad



So far with closing the forum and using a banned member for
now was the easiest and quickest I could do. I knew it wouldn't
stop the current rubbish, but figured it would stop them using
any other usernames then they already had  :(

Today I will set a 'anon' member up and redo what I have done,
only because I am worried about maybe legal side of dragging
a banned member up. Plus if this banned member was to find
out on the off chance - I wouldn't fancy reading any emails form
them - they have a rather nasty tongue  ::)

As for adding recapctcha at log-on for my forum would only drive
members away. I'm very small and battle as it is to attract members.
I am a free to join forum, no strings and battle against a few other
forums, one free and two paid to join they all have thousands of
members and I have less than 500  :o

This attack is certainly not what I need at the moment!

busterone

I have not had any of these attacks myself, so I ask this just out of curiosity. Out of all the admins that have been getting these attacks posting here, how many of you allow guests to view the member list?

squad

Quote from: busterone on February 12, 2011, 10:43:28 PM
I have not had any of these attacks myself, so I ask this just out of curiosity. Out of all the admins that have been getting these attacks posting here, how many of you allow guests to view the member list?

I certainly don't, they seem to be using usernames from post in what is
viewable to the general public ie; not registered users.

Al the usernames tried were only in the 'non registered' members area.

You should consider yourself lucky if you have not been a target :) Whats
your secret?

Cal O'Shaw

We do not.

As has been stated in this topic, they are reading the main index and topic indexes and grabbing the member name that follows the strings "last post by" and "last post".

busterone

Quote from: squad on February 12, 2011, 10:49:14 PM
Quote from: busterone on February 12, 2011, 10:43:28 PM
I have not had any of these attacks myself, so I ask this just out of curiosity. Out of all the admins that have been getting these attacks posting here, how many of you allow guests to view the member list?

I certainly don't, they seem to be using usernames from post in what is
viewable to the general public ie; not registered users.

Al the usernames tried were only in the 'non registered' members area.

You should consider yourself lucky if you have not been a target :) Whats
your secret?
I have no idea really. I have been using the Stop spammer mod for over a year, and recently httpBL/Project Honeypot. I also have the forum Firewall installed. I can't say any one of them or the combination has anything to do with it to be honest. I have noticed that my forum has seemed to drop off the spammers/bots list lately though. I guess they got tired of never getting in, so moved on. Maybe the spammers communicate with one another about wasting efforts on some sites or something.  :D

PLAYBOY

Quote from: busterone on February 12, 2011, 10:43:28 PM
I have not had any of these attacks myself, so I ask this just out of curiosity. Out of all the admins that have been getting these attacks posting here, how many of you allow guests to view the member list?

I have never let that happen.

We need a solution guys. Please somebody help us.

vbgamer45

Use the .htaccess that has worked fine for me zero attempts. in the past couple hours.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

PLAYBOY

I may have skipped that part. What is htaccess way?

squad

Quote from: vbgamer45 on February 12, 2011, 11:14:52 PM
Use the .htaccess that has worked fine for me zero attempts. in the past couple hours.

Quote from: PLAYBOY on February 12, 2011, 11:16:43 PM
I may have skipped that part. What is htaccess way?

Yes please, how to and what to .htaccess, remembering some of us are not
really as savvy as others :) Especially myself!

Advertisement: