Author Topic: [SOLVED] block SPAM registrations. . .  (Read 43993 times)

Nick Miletich

  • Beginner
  • *
  • Posts: 35
    • Hickory Web Design
Re: [SOLVED] block SPAM registrations. . .
« Reply #30 on: February 18, 2010, 10:35:15 am »
@ HelloMcFly

It was a pleasure reading about your trials and tribulations with the spambots.  thanks.  ;)

bpmurphy

  • Beginner
  • *
  • Posts: 12
Re: [SOLVED] block SPAM registrations. . .
« Reply #31 on: April 23, 2010, 03:16:25 am »
I get a parse error when I use this:

Parse error: syntax error, unexpected T_IF, expecting T_FUNCTION
Code: [Select]
//Added By Dan Yager to prevent SPAM
                   // www.quickheads.com

if (vmGet($d,'first_name','First Name' ) == vmGet($d,'last_name','Last Name' )) {
return False;
}

Any idea?

Uriel

  • Jr. Member
  • **
  • Posts: 78
    • Web design Hosting & Seo
Re: [SOLVED] block SPAM registrations. . .
« Reply #32 on: December 28, 2010, 09:53:52 am »
OK, I'm trying a new HACK of the file ps_shopper.php located here:

administrator\components\com_virtuemart\classes\ps_shopper.php

I added a few lines in the PHP code to check if FIRST NAME = LAST NAME

right below the following code:

Code: [Select]

/**
* Function to add a new Shopper into the Shop and Joomla
*
* @param array $d
* @return boolean
*/
function add( &$d ) {
global $my, $auth, $mainframe, $mosConfig_absolute_path, $sess,
$VM_LANG, $vmLogger, $database, $mosConfig_useractivation;

$ps_vendor_id = $_SESSION["ps_vendor_id"];
$hash_secret = "VirtueMartIsCool";
$db = new ps_DB;
$timestamp = time();

if (!$this->validate_add($d)) {
return False;
}



I added:


Code: [Select]
//Added By Dan Yager to prevent SPAM
                   // www.quickheads.com

if (vmGet($d,'first_name','First Name' ) == vmGet($d,'last_name','Last Name' )) {
return False;
}

I did some testing and this doesn't seem to be affected if I turn javascript off in my browser.  It will return the registrant back to the registration page without adding them.  This will allow a human to correct the First of Last name, but doesn't give a SPAMMER too much information.

This doesn't affect normal human users that are trying to register though.  I'll give another 24 hours and see if it cuts down on the SPAM registrations.

I'll report back here with the results.

Cheers,
Dan Yager
www.quickheads.com



Hello McFly,

Thank you for all that you have gone through so far!
Could you perhaps tell me if this would work on VirtueMart 1.1.2 stable?
Managing Member of Hosting-Webdesign http://www.hosting-webdesign.co.za

Bruce Morgan

  • Sr. Member
  • ****
  • Posts: 672
Re: [SOLVED] block SPAM registrations. . .
« Reply #33 on: January 06, 2011, 23:20:18 pm »
I forgot that I had implemented this hack and had lost it during some recent updates.  I started receiving spam registrations again and just reinstalled it.  Ihope something like this will be present in the next VM update (1.5 or 2.0?)

Bruce
www.pepper-passion.com

ganzziani

  • Beginner
  • *
  • Posts: 11
    • gabotronics
Re: [SOLVED] block SPAM registrations. . .
« Reply #34 on: August 24, 2011, 01:16:15 am »
I've been getting registrations where the Address 1 was the same as the Address 2, I added this and it seems to work
Code: [Select]
if (vmGet($d,'address_1','Address 1' ) == vmGet($d,'address_2','Address 2' )) {
return False;
}
I'm a PHP newbie, can someone confirm that it is correct?

stinga

  • Contributing Developer
  • Sr. Member
  • *
  • Posts: 872
    • Squangle ltd
Re: [SOLVED] block SPAM registrations. . .
« Reply #35 on: August 25, 2011, 01:41:48 am »
G'day,
The check you put in for last name = first name was a good idea, I had the same.
But you have put the check in the bit that the user enters.
The spambots are not using the registration page they are sending data directly to the page that the gui page calls.
You need the check in there as well.
Where you have it to stop real users and in the back to stop the spambot.
I also took the IP address of the of the spambot and added it to my block list so they only get one shot and they are gone for ever.
Stinga.
614869 products in 747 categories with 15749 products in 1 category.
                                             Document Complete   Fully Loaded
                Load Time First Byte Start Render   Time      Requests      Time      Requests
First View     2.470s     0.635s     1.276s          2.470s       31            2.470s      31
Repeat View  1.064s     0.561s     1.100s          1.064s       4             1.221s       4

Bruce Morgan

  • Sr. Member
  • ****
  • Posts: 672
Re: [SOLVED] block SPAM registrations. . .
« Reply #36 on: August 25, 2011, 03:16:47 am »
Could you explain alittle more explicity where you have added the code?  The more exact you can be the more people it will help. 

Bruce

qme1ster

  • Full Member
  • ***
  • Posts: 276
Re: [SOLVED] block SPAM registrations. . .
« Reply #37 on: November 25, 2011, 23:04:02 pm »
I too would like to know a little more about the your solution Stinga - could you please explain ?

stinga

  • Contributing Developer
  • Sr. Member
  • *
  • Posts: 872
    • Squangle ltd
Re: [SOLVED] block SPAM registrations. . .
« Reply #38 on: December 01, 2011, 23:44:27 pm »
G'day all,

I got that wrong, the code suggested for testing first/last name being the same is in the correct place and will do what is required.

I output to a log file the following...
Code: [Select]
01-12-2011 22:40:55.490:/home/www/recovery-cd-disk.com/administrator/components/com_virtuemart/classes/ps_shopper.php:282:81.142.230.1:Spam registration caught!
I then use a program called sec that I have used for years that tails the log file looking for caught messages and then adds the ipaddress to iptables like...
Code: [Select]
iptables -A OUTPUT -p tcp -d <ipaddress>  -j DROP
This stops the sender from accessing my server for everything, I actually unblock the ipaddress after about 15 minutes, that just stops repeated attempts.
I use this method for everything, from voip to ssh attacks, has worked so far!
Stinga.
614869 products in 747 categories with 15749 products in 1 category.
                                             Document Complete   Fully Loaded
                Load Time First Byte Start Render   Time      Requests      Time      Requests
First View     2.470s     0.635s     1.276s          2.470s       31            2.470s      31
Repeat View  1.064s     0.561s     1.100s          1.064s       4             1.221s       4

cncmike

  • Beginner
  • *
  • Posts: 5
Re: [SOLVED] block SPAM registrations. . .
« Reply #39 on: February 19, 2012, 20:59:39 pm »
Thank you for this thread.

Implemented this today, appears to being functioning, will see if it works.

Mike in MN

harwejb

  • Beginner
  • *
  • Posts: 2
Re: [SOLVED] block SPAM registrations. . .
« Reply #40 on: July 04, 2012, 18:58:29 pm »
This seems to work.. I've been searching through the code for a couple of days trying to find the right section.  I had previously implemented the JavaScript check, but like everyone else, the bots were still getting through.

//Added By Dan Yager to prevent SPAM
                   // www.quickheads.com
      if (vmGet($d,'first_name','First Name' ) == vmGet($d,'last_name','Last Name' )) {
         return False;
      }      

Thanks Dan Yager

tritek

  • Beginner
  • *
  • Posts: 4
Re: [SOLVED] block SPAM registrations. . .
« Reply #41 on: September 06, 2012, 21:43:05 pm »
I have also used a similar fix that I found online somewhere:

Code: [Select]
echo 'if ( form.first_name.value == form.last_name.value ) {alert( \''. str_replace("'","\\'",$VM_LANG->_('REGWARN_BOT',false)) .'\');return false;}';
then just add the warning as the 'REGWARN_BOT' in /languages/common/english.php - in my case i put:

"For Security reasons, Your Firstname cannot be identical to your Lastname, Please change this."

But, I am now getting accounts set up with only one name. So the matching condition is moot. what can be added to this code to also block registration where only a first OR a last name is entered?

Thanks all!

ganzziani

  • Beginner
  • *
  • Posts: 11
    • gabotronics
Re: [SOLVED] block SPAM registrations. . .
« Reply #42 on: November 08, 2012, 06:01:37 am »
Some spambots are just filling random data in the fields, so the technique mentioned above is not working anymore.
I am thinking of using the Middle Name field as a bot checker, I will ask the user to leave it blank during the registration.
Also, the smapbots tipycally enter about 6 digits in the phone field, I also want to verify that they enter at least 7 numbers.
I've tried changing the ps_shopper.php file, but I'm not a PHP expert. Can someone help with the code?

stinga

  • Contributing Developer
  • Sr. Member
  • *
  • Posts: 872
    • Squangle ltd
Re: [SOLVED] block SPAM registrations. . .
« Reply #43 on: November 08, 2012, 13:00:47 pm »
If you want a way to block that will work forever....

A bit of backgound...
You are on the registration page filling is data, then you click 'Send registration' it calls a page that actually does the work.
Now, the spam registrations are not using the gui page they are posting the data directly into the shop.

So, if you where to hack the gui code and the add function in ps_shopper.php they you would top them all.
I.E.
Change the name="agreed" to name="agreedxxx" and then check to make sure agreedxxx is filled in, if not silently reject the registration. Don't all used agreedxxx though! :-)

or

You could check the referer, if not your site then reject as well. Not to sure about that one though.
Stinga.
614869 products in 747 categories with 15749 products in 1 category.
                                             Document Complete   Fully Loaded
                Load Time First Byte Start Render   Time      Requests      Time      Requests
First View     2.470s     0.635s     1.276s          2.470s       31            2.470s      31
Repeat View  1.064s     0.561s     1.100s          1.064s       4             1.221s       4

timbreese

  • Beginner
  • *
  • Posts: 30
Re: [SOLVED] block SPAM registrations. . .
« Reply #44 on: November 13, 2012, 04:24:20 am »
I have had the same problem and I don't have a forum on the site anymore.