1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

FoolBotHoneyPot [Paid] - Stop Spam Bots Elegantly With A Custom Registration Page & Honey Pots 2.4.05

Stop bots registering using elegant methods that do not bother humans

  1. Despair

    Despair Active Member

    Thanks for the Christmas update.

    It doesn't look like that option for the tabbing issue made it in. Any update for the progress of that? Originally you said within 5 days. :p I don't want to be pushy especially during the holiday season, but I would like to know that it will still be coming and hopefully not forgotten. :confused:
  2. Mouth

    Mouth Well-Known Member

    Thanks, I'll wait until an update has been released with this. Username checks for bot registrations is a waste of time for any service, and I don't understand why they bother
  3. HWS

    HWS Well-Known Member

    StopBotters is completely anonymous now. Their web site says basically nothing.

    If people should feel well with all the registration data submitted automatically to those guys, you should really say them who they are... Until then, at least I will disable that feature.
  4. tenants

    tenants Well-Known Member

    Not forgotten, I'll look at it now, I wanted to add this one if 1st ;)
  5. tenants

    tenants Well-Known Member

    I should probably mention, if you have StopBotters turned on using CustomImgCaptcha, you wont see many bots logged (they'll be stopped, but will never be logged...)

    So, I recommend, if you also have CustomImgCaptcha installed, only turn on StopBotters for FoolBotHoneyPot (got to the ACP for CustomImgCaptcha and and turn SB off)
  6. tenants

    tenants Well-Known Member

  7. tenants

    tenants Well-Known Member

  8. tenants

    tenants Well-Known Member

  9. tenants

    tenants Well-Known Member

    It's in now ;)
  10. Mouth

    Mouth Well-Known Member

  11. tenants

    tenants Well-Known Member

    Add-On.zip
    | Add-On.xml
    | upload​
    | js​
    | Add-On​
    | library​
    | Add-On​
    | styles​
    | Add-On​

    I see, missing the folder named "upload", FoolBotHoneyPot_v2_1_03c is now:

    FoolBotHoneyPot_v2_1_03c.zip
    | addon-FoolBotHoneyPot.xml
    | upload​
    | library​
    | FoolBotHoneyPot​
  12. Alfa1

    Alfa1 Well-Known Member

  13. tenants

    tenants Well-Known Member

    Unfortunately, just about every bot that spams forums (usually XRumer) fake their user Agent to look like a browser.
    I do detect user agent, and log them. If you have this installed, just look through your logs of all the user agents

    ... Detecting bots with user agent hasn't been a good method for blocking bots in years (it's very old school, even the most basic bot now fake this)

    Here are my last 10 detected bots:

    User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20100101 Firefox/17.0 AlexaToolbar/alxf-2.17
    User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.63 Safari/535.7
    User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5
    User Agent: Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.7.62 Version/11.00
    User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5
    User Agent: Opera/9.80 (Windows NT 6.1; WOW64; U; Edition Ukraine Local; ru) Presto/2.10.229 Version/11.64
    User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/535.12 (KHTML, like Gecko) Maxthon/3.0 Chrome/19.0.1084.52 Safari/535.12
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; WebMoney Advisor; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.30618; .NET CLR 3.5.30729)
    User Agent: Mozilla/5.0 (Windows NT 6.0; rv:12.0) Gecko/20100101 Firefox/12.0
    User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.1634 Safari/535.19 YI

    Using user agent to block bots is now very ineffective

    The honey pots aren't always relevant to forums... but they do pick up a few, usually because the bot user uses XRumer or other applications with the same pool of proxies against various CMS's

    Using multiple API to block bots in my opinion does not gain very much for anti-spam, but does slow things down

    An API that detects known bots / know behaviours can block a high percent (say 95-99%), but it will never block 100%
    If you have multiple APIs, you don't increase this very much (you still do not block 100%), but you might increase the percentage by a decimal point or two

    But each API you add, requires an additional request, you then make the user wait seconds longer than they should, and gain no real benefit in the number of bots you block
    If you use a list of APIs, it can take a long time to check each request, making the registration feel laggy, and the phrase "elegant methods that do not bother humans" becomes less appropriate

    No more APIs need to be used, no more APIs will be used with this plugin

    This plugin already blocks 100% of bots, No APIs are needed. The one API that is present is there for a time when this mechanism is eventually targeted (if it is ever targeted), and the API will carry on blocking bots while I release an update

    If you do want to use a list of APIs, then Stop Spam Here or XenUtiles might be what you are looking for

    I don't want to mislead you, no more APIs need to be added to this (they will only have negative impact on the users and gain no significant benefit, particularly since it already blocks all bots)
  14. Despair

    Despair Active Member

    Thank you. :) Happy holidays.
  15. Alfa1

    Alfa1 Well-Known Member

    I get 2.2 million unique users per month on my site and virtually no spam. Mainly because of bad behavior and stopforumspam. It is very effective.
    You may have missed the idea behind BB: the idea is to pick up on fake user agents.
    Here is the statistic of last 2 weeks:
    vB Bad Behavior Log Viewer (page 1/258) | There are 257,703 total log entries.

    How is that not effective?
    Real users generally are not bothered by BB.
  16. tenants

    tenants Well-Known Member

    The list above shows you that user_agents are almost always faked to look exactly like browser user agents (it's rare that an easily detectable "bot" user agent is used). For years now, bot users have been faking this (It's just a header value that is easy to spoof). Even if they weren't faking the header value, if any mechanism arises that is easy to bypass... if the mechanism is common, it will be bypassed.

    It's the honey pot that is doing most of the work for bad-behaviour on forums (unless it's targeting Russian Browsers, which wouldn't be good)

    The more API's you use in combination, the increase chance there is of introducing false positives.

    Almost all APIs (that are any good) will prevent bots so that there is virtually no spam, having 99.0% for 1 API, 99.1% for 2 APIs of 99.111111% for 20 APIs is not worth the additional API requests... no API is 100% affective, and no combination of APIs is 100% affective. They only cut down "known" bots, but do require additional requests. Mechanisms can be 100% affective, but they can also often be targeted.


    Combining mechanisms with a single API solves this issue (as long as the API can't easily be targeted), combining lists of APIs does not solve this issue

    Seriously, if you want a list of APIs then try the other two anti-spam Add-ons mentioned above.

    You may have noticed that StopForumSpam, although has been good in the past, is becoming slightly less affective recently, and it will become less affective as time goes by... it is being targeted. (XRumer users are using Xblack.txt to avoid known reporters, so are avoiding detection longer) . A good API will also be one that is not easily targeted.
  17. Alfa1

    Alfa1 Well-Known Member

    You should really look into Bad Behavior some deeper, before making statements on it.
    Many fake user agents are easily detectable or are simply not user agents that a human would use. These are also blocked by BB. BB does a lot more than just stopping spam bots. The approach of SFS and BB is significantly different and can therefore be used in tandem.
    The only issue with SFS that we find is that its down too often.
    For us our anti-spam measures work well, and include SFS, BB and functions that you have included.
  18. ZippySLC

    ZippySLC Member

    Like pretty much everyone else my forum is under attack from spammers. One of the first things I did was enable the spam forum database checks and that has kept things in check. Recently though I've seen new registrations drop off. The other day I got an email from someone who said that they couldn't register because their email/username was found in the StopForumSpam database. I checked and none of his info was in the database, so I figured there may have been an issue and I disabled the StopForumSpam database.

    Just today I got an email from someone who also tried to register and he was unable to because the site thought that his data was found in the BotScout database. Sure enough, he's not on there. I then tried to register a test account and got stopped with the same error.

    My only recent change to my forum was installing this plugin. If I disable the plugin I can register my test account. If it's enabled, I can't. I also just updated to the latest version of the plugin and still see the same behavior.

    Edit: I also updated the XenUtilities plugin that provides the spam database checking and still have the same issue. I've disabled the database checks for the time being, so we'll see how well the site fares. If someone has an idea what my issue might be, I'd appreciate a hand fixing it. :)
  19. tenants

    tenants Well-Known Member

    I don't believe XenUtils plays well with this (and without a change in XenUtils it wont), others have reported that it does, but I can't see why it would

    XenUtils will submit the hidden fields named "name, email" (Since it doesn't know that these are hidden fields)
    These will then be checked against the database

    If someone is using an old version of XenUtils, I believe it has an "auto" reporting method (This doesn't align with StopForumSpams current TOS)
    These hidden values may have got submitted by someone with an old version of XenUtils

    I don't believe this was a problem before, so it's possibly been submitted recently by a user with an old version of XenUtils

    ... so now when XenUtils checks the Databases with the hidden field data, it will find results that it it's self has submited
  20. ZippySLC

    ZippySLC Member

    Well, I feel more confident with the way your plugin works than having Xenutils check the spam databases. I'll roll with it like this for a while and see how it goes.

    Thanks!

Share This Page