YaBB Community and Support Forum
YaBB Home About YaBB Download YaBB YaBB Support Customize Your Forum Development Contribute to the Project
  Welcome, Guest. Please Login or Register


 
Pages: 1 2 
Topic Tools
 
Unwanted Guests and Pre-registrations (Read 2,834 times)
 Mar 25th, 2012 at 8:35pm
There are no actions to perform.  

Normpo 
YaBB Newbie
*
Offline
Posts: 32


None
Unwanted Guests and Pre-registrations
I have a registration system (programmed by my daughter) that requires "Pre-Registration" (they fill out a registration form and must email it to us so we can verify email address, etc). The filter works fine and we have never had an "invasion" or an un-wanted registration.

BUT >>> in the last 6 months, we have been "bombarded" by malicious attempts to register >>> meaning about 30-75 pre-registrations appear and I normally would have to use the "Instant Reject" to get rid of them. Putting in many IP addresses in "Banned Members" doesn't seem to help because they are NOT members -- they are "bad-bots" or something. The Guardian once in a while informs me there was an attempt, but I'd like to block them from the get-go -- I can tell it is a "blind attempt" to get in -- the usernames are surel random generated as are the phoney emails that populate the field required and the "reason for joining" is always something lame and generic like "To contribute and make friends" -- Though I have found a way to daily delete from the members file all entries with the extension *.wait and *.pre, I'd still like to prevent them from even "getting in" as guest to register (we deny them access so they cannot even view the forums) -- but isn't there some way to block this?
I am currently on YaBB 2.2.1!


Thanks for your help in advance.

Norm
Site Name - Poemtrain.com

 
 
IP Logged  
 Reply #1 - Mar 25th, 2012 at 8:56pm
There are no actions to perform.  

Bill Myers 
God Member
Beta Testers
*****
Offline
Posts: 1,482
Los Angeles


YaBB 2.4
Re: Unwanted Guests and Pre-registrations
Norm, if you know how to install mods, installing anti-spam mods is the way to go.

However, if you're not familiar with the installation of mods, like me, then you can implement a pretty easy hack to your captcha that has been 100% effective for us.

- Click this link for details -

Good luck!  Wink
 
Morning, noon, or night, have a great one! ...
WWW BillHMyers  
IP Logged  
 Reply #2 - Mar 25th, 2012 at 9:03pm
There are no actions to perform.  

Bill Myers 
God Member
Beta Testers
*****
Offline
Posts: 1,482
Los Angeles


YaBB 2.4
Re: Unwanted Guests and Pre-registrations
Oops! I didn't know you hadn't implemented a validation image (captcha) for registering in your forum. That's my recommendation.

But even still, spam-bots will get to you eventually, so you'll still want to install an anti-spam mod or do as I've done for our forum.

So do the following in Admin Center:

1. Click Security Settings

2. Click Validation Image

3. After making your choices, click the Save icon.
 
Morning, noon, or night, have a great one! ...
WWW BillHMyers  
IP Logged  
 Reply #3 - Mar 27th, 2012 at 12:54am
There are no actions to perform.  

Normpo 
YaBB Newbie
*
Offline
Posts: 32


None
Re: Unwanted Guests and Pre-registrations
Bill,

Thanks -- especially for the second post -- I never knew that existed. I am going to try that step first to see if that resolves the issue --- I think I may not need the other suggestion (but I'll see). My daughter has programmed something in that may already stop them from beyond the initial "hit."  I'll let you knopw -- thanks again.

Norm
 
 
IP Logged  
 Reply #4 - Mar 27th, 2012 at 3:01am
There are no actions to perform.  

Normpo 
YaBB Newbie
*
Offline
Posts: 32


None
Re: Unwanted Guests and Pre-registrations
Bill,

Absolutely stopped it cold!!! Have not had a single "bot" since I modified those settings!!

Thank you so VERY much!!!

Norm
 
 
IP Logged  
 Reply #5 - Mar 27th, 2012 at 7:10am
There are no actions to perform.  

Bill Myers 
God Member
Beta Testers
*****
Offline
Posts: 1,482
Los Angeles


YaBB 2.4
Re: Unwanted Guests and Pre-registrations
I didn't actually see those changes in your forum, but in any case, these relatively easy to edit modifications definitely work to stop spammers cold.

I'm still keeping my fingers crossed that it continues to work.  Wink

As a clarification, however, credit for these edits to the "Verification Code" really belongs to ggn here in his post.

Additionally, credit for important instructions to complete these edits belongs to George in this post.

When YaBB's latest version is made available to the public, I'm hoping that we'll have various options to implement when it comes to stopping spammers cold, i.e., this edit that I mentioned with the ability to change details of it on the fly, and the anti-spam mods that have been written, which as I understand it, are pretty effective.

So to any if you who are helping to develop YaBB's next version, please include these anti-spam options in YaBB's Admin Center.

Thank you in advance!  Smiley
 
Morning, noon, or night, have a great one! ...
WWW BillHMyers  
IP Logged  
 Reply #6 - Mar 28th, 2012 at 12:17am
There are no actions to perform.  

Normpo 
YaBB Newbie
*
Offline
Posts: 32


None
Re: Unwanted Guests and Pre-registrations
Bill and others,

Great help --- this forum has helped me once before and I am amazed at the good will of everyone.  I think I shall visit here more often just to read up on what others are doing and experiencing.

I try to keep my poetry fourm site simple and we require ouir pre-registrants to fill out a form and email it to us so we can verify, among other things, legitimate email addresses.  I am not skilled enough to "play with" the various hacks --- when I need serious programming help, I rely on my daughter who works on security for the ESPN website ---but I don't like to bother her all the time.  ~smile~

Thanks again for the support.

Norm
 
 
IP Logged  
 Reply #7 - Mar 28th, 2012 at 12:45am
There are no actions to perform.  

Bill Myers 
God Member
Beta Testers
*****
Offline
Posts: 1,482
Los Angeles


YaBB 2.4
Re: Unwanted Guests and Pre-registrations
I was a long time reader myself until I needed some help.

Then I got it.

Then I became a long time reader again for many years because our YaBB forum continued to operate so smoothly.

I really only got involved again because I noticed this forum had shuttered itself for about 10 days, and I was concerned.

Thankfully, Project Leader Corey put the pieces of this forum back together again, and I'm still here ... at least for an indefinite period of time until I become a reader again.

Generally speaking, YaBB really does run that smoothly.  Smiley
 
Morning, noon, or night, have a great one! ...
WWW BillHMyers  
IP Logged  
 Reply #8 - Mar 28th, 2012 at 1:11am
There are no actions to perform.  

Normpo 
YaBB Newbie
*
Offline
Posts: 32


None
Re: Unwanted Guests and Pre-registrations
Bill,

Understood!

One more question -- what do these two items "do" when checked off in the Security Pref. Settings (and should I check them)?

1) Activate Referral Security Checking?
2) Use Stealth URL's in hyperlinks? (leave no referrer)
Subject to viewers browser configuation.

Thanks in advance,

Norm
 
 
IP Logged  
 Reply #9 - Mar 28th, 2012 at 6:08am
There are no actions to perform.  

Bill Myers 
God Member
Beta Testers
*****
Offline
Posts: 1,482
Los Angeles


YaBB 2.4
Re: Unwanted Guests and Pre-registrations
Normpo wrote on Mar 28th, 2012 at 1:11am:
Bill,

Understood!

One more question -- what do these two items "do" when checked off in the Security Pref. Settings (and should I check them)?

1) Activate Referral Security Checking?
2) Use Stealth URL's in hyperlinks? (leave no referrer)
Subject to viewers browser configuation.

Thanks in advance,

Norm

I don't have either one of those items checked. Maybe someone else here can give you more information about those two items.
 
Morning, noon, or night, have a great one! ...
WWW BillHMyers  
IP Logged  
 Reply #10 - Mar 28th, 2012 at 1:33pm
There are no actions to perform.  

Derek Barnstorm 
Support Team
YaBB Next Team
Development Team
Beta Testers
****
Offline
Posts: 1,269
United Kingdom


YaBB 2.5
Re: Unwanted Guests and Pre-registrations
The first one "Activate Referral Security Checking?" basically blocks people from viewing certain pages if they are being linked to from another website. For example, if someone was linking to a user profile page from another website, when they clicked on the link the page would be blocked and they would get this message:

Quote:
This action is not allowed from an outside domain!!
Action is: viewprofile
Your Domain: your-website.com
Referer Domain: referring-website.co.uk

The second one "Use Stealth URLs in hyperlinks? (leave no referrer)", means that if you are linking to another website from your forum, and someone clicks on the link, the other website won't be able to trace where that person came from (i.e. your forum).

I don't know if I explained that too well - hopefully you know what I mean.
 
 
IP Logged  
 Reply #11 - Mar 28th, 2012 at 2:31pm
There are no actions to perform.  

Normpo 
YaBB Newbie
*
Offline
Posts: 32


None
Re: Unwanted Guests and Pre-registrations
Thanks -- perfectly clear  ~smile~  I appreciate the help

Norm
 
 
IP Logged  
 Reply #12 - Mar 28th, 2012 at 4:37pm
There are no actions to perform.  

Derek Barnstorm 
Support Team
YaBB Next Team
Development Team
Beta Testers
****
Offline
Posts: 1,269
United Kingdom


YaBB 2.5
Re: Unwanted Guests and Pre-registrations
No worries. Smiley
 
 
IP Logged  
 Reply #13 - Mar 28th, 2012 at 5:47pm
There are no actions to perform.  

Bill Myers 
God Member
Beta Testers
*****
Offline
Posts: 1,482
Los Angeles


YaBB 2.4
Re: Unwanted Guests and Pre-registrations
Thanks for the explanations Derek. I often learn more about YaBB than I help with it, and you help a lot. Very much appreciated.

On the note of security, I think a lot of webmasters go against their own interests when they take action to do what they feel is protecting their forums, and for that matter, their websites as well.

This happens all the time in politics, too, which I try to find amusing.  Shocked

In any case, there are webmasters who lock up their websites so tightly that entry is not only discouraged, but it's also prevented. Then they wonder why it is that they can't build up their traffic.

I was surprised, for instance, to find that this forum evidently stops Google from allowing many outside links onto its pages. That's potentially a lot of traffic that is lost, and for an open source project?

If one is concerned about hotlinking, .htaccess can prevent that.

As an example, we have a domain that has many thousands of photo links into the site from Google, but bandwidth on our end is minimal because we have redirection that lands people on one of that domain's menu pages.

Additionally, with photos, Google gives people the option of directly accessing the site that hosts the thumbnails being displayed. I wish they'd do this with security features that webmasters like to employ, i.e., that an error page would link the website that's blocking access so surfers can have a choice to visit.

But I digress.  Roll Eyes

The main point I'm trying to make, which probably doesn't apply here because surely the security features employed are purposely done, is that many webmasters aren't aware that they're hurting their own interests by inadvertently diminishing the amount of traffic that would otherwise go to their sites.
 
Morning, noon, or night, have a great one! ...
WWW BillHMyers  
IP Logged  
 Reply #14 - Mar 29th, 2012 at 3:59am
There are no actions to perform.  

Derek Barnstorm 
Support Team
YaBB Next Team
Development Team
Beta Testers
****
Offline
Posts: 1,269
United Kingdom


YaBB 2.5
Re: Unwanted Guests and Pre-registrations
Bill Myers wrote on Mar 28th, 2012 at 5:47pm:
On the note of security, I think a lot of webmasters go against their own interests when they take action to do what they feel is protecting their forums, and for that matter, their websites as well.

This happens all the time in politics, too, which I try to find amusing.  

In any case, there are webmasters who lock up their websites so tightly that entry is not only discouraged, but it's also prevented. Then they wonder why it is that they can't build up their traffic.

I agree. Blocking IP addresses is a prime example. But it's pretty hard these days to find a comfy in-between - unless you're an experienced admin who knows how to 'fine tune' and are willing to spend a lot of time on it, then you can either block or not block. I guess it's just like leaving your front door open or ajar - there's not a lot of difference because people can still get in. Spam is a whole big subject which takes a fair amount of time to learn about - and something we shouldn't even have to think about in the first place. What a waste of life. Shocked
« Last Edit: Mar 29th, 2012 at 4:46am by Derek Barnstorm »  
 
IP Logged  
Pages: 1 2 
Topic Tools
 

Get Yet another Bulletin Board at SourceForge.net. Fast, secure and Free Open Source software downloads Support This Project BoardMod - YaBB features and templates YaBB Codex - support on installation and usage YaBB Toolbar for your browser

YaBB Facebook Group Page

Vulnerability Scanner

Valid RSS Valid XHTML Valid CSS Powered by Perl
YaBB Chat and Support Community » Powered by YaBB 3.0 Beta!
YaBB Forum Software © 2000-2011. All Rights Reserved.