Ad bots in 3.6.4

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Blackjack
    Senior Member
    • Dec 2000
    • 204

    #16
    It is their job to try and foil these bots, image verification and email verification are tools to do this. However, anything a human can read, so can a bot. You can't stop them, vBulletin can't stop them, all they can do is make it harder for them. The only way to really stop them is by moderating each registration and verify they are real people by inquiry. Really, get off you high horse and actually have some understanding about how the bots work. How long have you been using the Internet? How new are you to running a web community? This is nothing new, this is common knowledge by most.
    Me: Gryphon | My vBulletin Hacks
    Sites: Allied Tribal Forces | The Hounds of Zeus | PlanetSide-Universe

    Comment

    • Halo2Forum.com
      Member
      • May 2005
      • 94

      #17
      Originally posted by Blackjack
      It is their job to try and foil these bots, image verification and email verification are tools to do this. However, anything a human can read, so can a bot. You can't stop them, vBulletin can't stop them, all they can do is make it harder for them. The only way to really stop them is by moderating each registration and verify they are real people by inquiry. Really, get off you high horse and actually have some understanding about how the bots work. How long have you been using the Internet? How new are you to running a web community? This is nothing new, this is common knowledge by most.
      Thanks for the "lesson", but if VB has the software to manage millions of users on a forum, they should have the software to make it virtually impossible for a simple thing like image verification.

      How new I am to the web community? Don't know, look at my name, go to the site, and look at stats to find out.

      Another thing you ALSO missed is when I pointed out the 30 some versions of VB upgrades we've had. If this wasn't an issue on the older version, how can it be on the new one? I thought upgrades means improvements....

      PS: What's the link to your forum?

      Comment

      • NetHogz
        New Member
        • Aug 2005
        • 19
        • 3.7.x

        #18
        Well, enabling True-type fonts and a few of the additional options to the image verification seems to have done the trick.

        I went and looked at the logs. The bots have 'random' browser-ID strings, and seem to follow this sequence:

        06:47:15 GET /index.php
        06:47:15 GET /register.php s={some number here}
        06:47:16 POST /register.php do=checkdate
        06:47:17 POST /register.php do=register
        06:47:17 GET /image.php type=regcheck&imagehash={hash1}
        06:47:19 POST /register.php do=addmember
        (and this repeats)
        06:47:20 GET /image.php type=regcheck&imagehash={hash2}
        06:47:22 POST /register.php do=addmember
        (etc, until)
        06:47:27 POST /register.php do=addmember
        (long delay)
        07:00:59 GET /register.php a=act&u={uid}&i={number}

        It follows the right sequence of requests, and will keep retrying image-recognition on the captcha images until it gets a success. Looking at last nights logs, would suggest the bot(s) have been tweaked, with a little longer delay between requests and retrying the "GET /register.php" stage after every 2 failures.

        I had 3 bot registration attempts in this last log, all foiled by the modified captcha settings.

        Comment

        • Blackjack
          Senior Member
          • Dec 2000
          • 204

          #19
          Doesn't matter the stats if all you do is create a forum for a popular game and by a vBulletin license. If you actually know how to code you would know of the impossibility you are requesting. My own sites don't have tons of users, I administer multiple sites with tons of users and I know php and I know bots and I have common sense. I also know many 15 year old kids who managed to get a license together and some web space and cover a popular game and have no idea about the technical aspects of their forums, so forum popularity really means nothing to me. I run a multitude of different boards and vBulletin gets the least amount of bot posts by far compared to any other.
          Last edited by Blackjack; Sun 3 Dec '06, 2:13pm.
          Me: Gryphon | My vBulletin Hacks
          Sites: Allied Tribal Forces | The Hounds of Zeus | PlanetSide-Universe

          Comment

          • NetHogz
            New Member
            • Aug 2005
            • 19
            • 3.7.x

            #20
            Sadly, this is an AI game. vB gets better... Bots get better... vB gets better... but as Blackjack points out, there's no ceiling.

            I've seen other captcha suggestions, but they only work because they are "novel" ... that is, they aren't commonly used enough that it's worth the bots taking on the approach.

            Take for example (and to not pick on) the "4 images / 4 captions" technique... a bot only needs to crack this once (off top of my head, 4! iterations), and then can publish this, and that particular set of images is broken. Any other such challenge-response with small set of entropy is easy to break.

            I'm probably going to ponder over this some-what

            Comment

            • Halo2Forum.com
              Member
              • May 2005
              • 94

              #21
              Originally posted by Blackjack
              Doesn't matter the stats if all you do is create a forum for a popular game and by a vBulletin license. If you actually know how to code you would know of the impossibility you are requesting. My own sites don't have tons of users, I administer multiple sites with tons of users and I know php and I know bots and I have common sense. I also know many 15 year old kids who managed to get a license together and some web space and cover a popular game and have no idea about the technical aspects of their forums, so forum popularity really means nothing to me. I run a multitude of different boards and vBulletin gets the least amount of bot posts by far compared to any other.
              All you did is create a forum for a popular game? Do you know how many forums there are for Halo and what I did to get to this level? It's called years of experience and 1000s of hours spent on the vbulletin software to get to 1.7 Million+ posts on a forum.

              No offense, but maybe you don't have a popular site; and bots tend to attack forums like mine to get most out of it. My point was that this is an issue I've noticed only in the 3.6 version and with the updates coming out almost every month, I was surprised at this.

              And yes, I recommend the True-type font, it made a difference over night. I recommend VB keeping that option a default for the next upgrade.

              Comment

              • Reece^B
                Senior Member
                • Jan 2006
                • 290
                • 3.6.x

                #22
                Ah I've had an increase in spam, from zero to alot.
                I saw this thread and checked the e-mail address, it was [email protected]

                Why cant anything be done to stop this, authority wise? Cant people track the IP to the location or something?

                Comment

                • Darkblade
                  Senior Member
                  • Jul 2004
                  • 690
                  • 3.6.x

                  #23
                  I am having this issue as well. I have like about over 40 ad bots who spammed up my board selling their stupid products. Is there a stop to this? It's really frustrating.

                  Check out my ban logs and you'll see what I'm talking about.

                  Metal Gear Forums - Discussion on the popular series of computer and console stealth-based games.

                  My Mods: Coming Soon | My Tutorials: Coming Soon

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...