[TAC] Fool Bot Honey Pot

[TAC] Fool Bot Honey Pot [Paid] 3.0.32

No permission to buy ($29.00)
Overview Updates (79) Reviews (28) History Discussion
What country are you from, what's your country code?

You've fallen victim to the StopCountrySpam add-on, which I might have to turn off and only use the proxy filter from it (Since for add-on purposes, the forum should be open to all countries)
 
tenants said:
Unfortunately, just about every bot that spams forums (usually XRumer) fake their user Agent to look like a browser.
I do detect user agent, and log them. If you have this installed, just look through your logs of all the user agents

Using multiple API to block bots in my opinion does not gain very much for anti-spam, but does slow things down

An API that detects known bots / know behaviours can block a high percent (say 95-99%), but it will never block 100%
If you have multiple APIs, you don't increase this very much (you still do not block 100%), but you might increase the percentage by a decimal point or two

But each API you add, requires an additional request, you then make the user wait seconds longer than they should, and gain no real benefit in the number of bots you block
If you use a list of APIs, it can take a long time to check each request, making the registration feel laggy, and the phrase "elegant methods that do not bother humans" becomes less appropriate

No more APIs need to be used, no more APIs will be used with this plugin

This plugin already blocks 100% of bots, No APIs are needed. The one API that is present is there for a time when this mechanism is eventually targeted (if it is ever targeted), and the API will carry on blocking bots while I release an update

If you do want to use a list of APIs, then Stop Spam Here or XenUtiles might be what you are looking for

I don't want to mislead you, no more APIs need to be added to this (they will only have negative impact on the users and gain no significant benefit, particularly since it already blocks all bots)
Click to expand...

Personally I wish you would add support for using some of the APIs that exist out there. Why?

I would like your mod to stop the automated bots and the rising number of human bots. At the moment this mod can only stop automated bots and that is it. I have to install additional mods to cater for the human side of the vermin that plague the internet.

My ideal would be a single mod that targets automated and human spammers. Failing that, this plus a new one (coded by you) that solely checks APIs that, obviously, can be toggled etc. Would gladly pay for both or an increase.
 
Having enjoyed the peace that this add-on brings to all of my sites, I really like your idea Deebs - a bot and human spam killer all rolled into one .... count me in too. (y)
 
Clickfinity said:
Having enjoyed the peace that this add-on brings to all of my sites, I really like your idea Deebs - a bot and human spam killer all rolled into one .... count me in too. (y)
Click to expand...
I know, that is what I want, a mod/addon dedicated only to just spam, regardless of whether they are automated or human. Have paid for this but will not use it as it cannot coexist with Xenutiles and I want my human verification as well.
 
Human spam cannot be avoided 100%. Automated spam can currently and this is most important, because if you get 100s of new accounts activated within minutes, it is a real problem with XenForo (and it's 100% lack of mass admin features).

If you moderate the first post of all your new users, you can also prevent 100% human spam. In Europe it is also not allowed to forward IP, email and other data to third party providers without prior and proven consent of the user.
 
What Mouth said, there have been no registration problems so far or any compatibility issues between the latest version Foolbot and Xenutiles
 
Mouth said:
Coexists with Xenutiles spam protection perfectly for me.
Click to expand...
lwlol said:
What Mouth said, there have been no registration problems so far or any compatibility issues between the latest version Foolbot and Xenutiles
Click to expand...

After I said the above, the day after an update was released for XenUtils (v1.2.2). I found that this update 'broke' FBHP and no registrations were coming through to it at all, and I also started to get a number of real users sending emails saying they could not register. My real registrations per day also dropped by half over the couple of days since I upgraded XenUtiles. I have since disabled XenUtiles, and am considering removing it since other than it's spam checks I was only using 1 other function.
 
Any chance of getting some statistics and filtering ability for the logs?

A tickbox on /admin.php?stats/daily for blocked registration would be great.
I'd also like to be able search or filter the logs at /admin.php?foolbothoneypot/logs to be able to search for an IP address, username, reg attempts during date range and time, etc.


Thanks.
 
yes, this is what I was planing on working on next

*searching the logs is a good idea
* also a simple drop down filter for:
1) human registrations
2) Javascript Off
3) Javasctipt On
4) Time < (time defined)
5) Found on StopBotters

What I also want to do is some sort for charting, to show how effective each mechanism is
 
Seeing apparent duplicates on allowed registrations in the FBHP log ...


  1. No Bot Triggers Found
    FoolBotHoneyPot: Detected As Human - Registration Allowed

    53 minutes ago : 27.33.254.109:50560
    Username: Mig<redacted>62
    Email: mig<redacted>62@<redacted>.com
    User Agent: Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3
    Time taken to register: 170 (seconds)
    JavaScript Enabled Browser: TRUE
    Altered Hidden Field Count: 0
    Basic Proxy Detection: No Proxy Detected
    Browser Plugins Detected: quicktime=
    Bot Detected On StopBotters: FALSE
  2. Delete...

    No Bot Triggers Found
    FoolBotHoneyPot: Detected As Human - Registration Allowed

    54 minutes ago : 27.33.254.109:50554
    Username: Mig<redacted>62
    Email: mig<redacted>62@<redacted>.com
    User Agent: Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3
    Time taken to register: 139 (seconds)
    JavaScript Enabled Browser: TRUE
    Altered Hidden Field Count: 0
    Basic Proxy Detection: No Proxy Detected
    Browser Plugins Detected: quicktime=
    Bot Detected On StopBotters: FALSE
 
Click the row and check the registration errors... (notice the time differences, they are not duplicated)

I see this some times when a user does not complete the CAPTCHA properly and re-attempt, or they forget to fill the password. This is not a bug

FoolBotHoneyPot is simply telling you that it would allow them through (if they completed the form correctly ;) )
 
tenants said:
Click the row and check the registration errors... (notice the time differences, they are not duplicated)
I see this some times when a user does not complete the CAPTCHA properly and re-attempt, or they forget to fill the password. This is not a bug
FoolBotHoneyPot is simply telling you that it would allow them through (if they completed the form correctly ;) )
Click to expand...


Ahhh, I see. Yes ...

Registration Errors
password => please_enter_valid_password

Perhaps for the next version the log entry in such cases could be ...

No Bot Triggers Found
FoolBotHoneyPot: Detected As Human - Registration Allowed (but FAILED due to registration errors)

... just to make it most obvious?
 
You must log in or register to reply here.
Top Bottom