[TAC] Fool Bot Honey Pot [Paid] 3.0.32

[nrep]

Thanks, I've dropped you a PM

I do notice a JS error on the registration page in the console, so perhaps that has something to do with it. It looks like every log entry has Javascript listed as disabled, so I think this may be where the problem is .

edit: When I disable DeferJS, the problem goes away - perhaps this is the problem. Do you know if there is a way around this?

Uncaught ReferenceError: $ is not defined
at (index):1089
(anonymous) @ (index):1089

$(document).ready(function() {
$('.xenForm').on("keypress", function (event) {eventschanged = 1;keypresscount_log++;});
$('.xenForm').on("keyup", function (event) {eventschanged = 1;keyupcount_log++;});
$('.xenForm').on("tap",function(event){eventschanged = 1;tapcount_log++;});
$('.xenForm').mousemove(function( event ) {eventschanged = 1;mousemovecount_log ++;});
$('.xenForm').click(function(event) {eventschanged = 1;clickcount_log++;});
});

 

[tenants]

yes, someone had this issue a long time ago with deferjs+fbhp, I think the solution was to avoid defer on the registration page, apparently there was a way of excluding certain urls from deferjs (it was a while back, so I'm not certain I'm remembering this accurately)

 

[Mouth]

A logged-on user is reporting that images within threads are not loading, instead giving him a message of

Your IP has been used by Spam Bots to attempt to register on this forum multiple times​

Could this come from FBHP?
Just trying to narrow down the source of the issue.

 

[nrep]

yes, someone had this issue a long time ago with deferjs+fbhp, I think the solution was to avoid defer on the registration page, apparently there was a way of excluding certain urls from deferjs (it was a while back, so I'm not certain I'm remembering this accurately)

Yep, it looks like this was the issue - I've excluded it from the registration page and it works much better now .

 

[tenants]

@Mouth, can you send me the IP address logged in fbhp, I suspect it's an issue with configuring cloudfalre/other and IP addresses.

I think thats a FBHP phrase, I'll need to check once I get home

 

[Mouth]

@Mouth, can you send me the IP address logged in fbhp, I suspect it's an issue with configuring cloudfalre/other and IP addresses.

I think thats a FBHP phrase, I'll need to check once I get home

IP sent.
I don't use Cloudflare for cache

 

[Sonnie]

A logged-on user is reporting that images within threads are not loading, instead giving him a message of
Your IP has been used by Spam Bots to attempt to register on this forum multiple times

Was this an issue with this add-on and if so, was it resolved?

 

[tenants]

We are still looking into it. The ip that is getting logged comes from the cdn, the cdn has hosting servers but says that this ip is dedicated to cdn. It's seen in the cash, but not seen in the fbhp logs. At this point we are seeing if it was pushed into the cash by dedos and why... fbhp deals with registration only, so still investigating. @Sonnie Why is this something you have also seen?

 

[Sonnie]

@Sonnie Why is this something you have also seen?

No... just thinking about using this and did not want our members to run into issues like this.

 

[tenants]

try the free pack first, its whats its there for: https://xenforo.com/community/resou...-spam-collection-anti-spam-free-version.1474/

 

[tenants]

@Mouth ..sent you a pm

I was looking at the code, the level of checking before it adds anything to the cache is quite extreem, and adding to the cache is only done on registration.

I was going to add an option to prevent listed IPs from ever getting added to the cache, however, there is already an option there that should solve this.

Untick the option "Apply Redirect To All Forum Areas", this should prevent it from applying redirects to your images... let me know how it goes

 

[Alpha1]

Yep, it looks like this was the issue - I've excluded it from the registration page and it works much better now .

Could you share how you excluded the registration page from defer js?
I have the same problem.

 

[nrep]

Could you share how you excluded the registration page from defer js?
I have the same problem.

Sure, I edited \library\Jrahmy\DeferJs\listener.php and added the following code at line 43:

        // disable for registration page
        if ($frontController->route()->getControllerName() ===
            'XenForo_ControllerPublic_Register'
        ) {
            return;
        }

 

[Dakotaa]

Hello,

I bought your addon tonight. I tried installing the addon tonight to my xenforo site, which was successful. When I have users attempt to create a website account, it blacklists their ip and gives them the error message "foolbothoneypot_sorry_youve_been_detected_as_an_automated_program secret ingredient 1"
I was wondering how to disable this option, I cannot seem to find it while searching in the admin panel. I am currently disabling the addon because it allows 0 of my users to make an account.

Thanks!

 

[tenants]

I sent you a pm, can you send me the url
I have a feeling this is due to script errors from something like deferjs

... it seems this has happened for a couple of forum owners, so I might look at putting the scripts externally
If it is defer js, see above posts

- you can remove those users from the cache which will allow them back in, but the main issue is that it detected them as a bot, which I have only ever seen when script errors occur (and they also use a pwmanager / autofill )

I havent changed fbhp in a while, the current version is stable (just an issue when users have script errors on the registration page)

 

[Alpha1]

Defer.js is exempting my registration page and the above issue happens every day. And has been for a long time. I am considering to uninstall fbhp because I do not see another solution.

Please allow us to turn off the special ingredient hidden fields.

 

[tenants]

I can add that option in, I've not seen this issue other than when deferjs is installed, so I'm still assuming there is a conflict with it somehow.

-> so, also making the script external should avoid this issue

-- the special ingredients are not a hidden fields, and sec1 & 2 should not get activated unless the user is not js disabled. If there is a script error on the reg page (which I've seen when using with defer js) there is no way to detect for js. I would rather not make fbhp weaker, but fix the underlying conflict... making the script external should make defer js happy (should???), but adding the on/off option to each of them of should make you happier

 

[tenants]

Oh, the option to turn off sec 1 is already there
just untick "Stop Non Browser Based Bots"

 

[tenants]

@Dakotaa I just tried to register on your forum and run into script errors
I've messaged you the errors, and how you can track them down (to find out which plugin they come from)

 

[nrep]

I've experienced an usual error today, where a real user tried to register (and was allowed), but he ran in to the following error:

Please correct the following errors:
Some fields contained unexpected data. Please try again or contact the administrator.

I had a look at the log and this is what I see:

Errors: a:1:{s:10:"field_hash";O:14:"XenForo_Phrase":4:{s:14:"*_phraseName";s:47:"some_fields_contained_unexpected_data_try_again";s:10:"*_params";a:0:{}s:23:"*_insertParamsEscaped";b:1;s:23:"*_phraseNameOnInvalid";b:1;}}

Do you know what that means?