[TAC] Fool Bot Honey Pot

[TAC] Fool Bot Honey Pot [Paid] 3.0.32

No permission to buy ($29.00)
Overview Updates (79) Reviews (28) History Discussion
tenants updated FoolBotHoneyPot Bot Killer: Spam Combat with a new update entry:

FoolBotHoneyPot - Getting Ready for XF 1.1.4

  • A minor change to the actionRegister in preparation for a 1.1.4 release. This now calls the parent actionRegister, I hadn't figured out a way to do this before, since all of the POST params are changed, and the standard params are fake honey pots. Now if the user passes all FBHP checks, I reset the POST variables to what the normal registration form expects, so can now call the parent actionRegister.
=> This might mean that this plugin does not need to be updated on a 1.1.4 release...
Click to expand...

Read the rest of this update entry...
 
After upgrading, in the fullbot log:

Code: 
Server Error
 
Invalid model 'Tac_AnyApi_Model_ApiSettings' specified
 
XenForo_Model::create() in XenForo/Controller.php at line 101
XenForo_Controller->getModelFromCache() in Tac/FoolBotHoneyPot/ControllerAdmin/Log.php at line 74
Tac_FoolBotHoneyPot_ControllerAdmin_Log->actionLogs() in XenForo/FrontController.php at line 310
XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 132
XenForo_FrontController->run() in /store1/www/it.immobilio.www/doc_root/admin.php at line 13
 
giorgino said:
After upgrading, in the fullbot log:

Code: 
Server Error
 
Invalid model 'Tac_AnyApi_Model_ApiSettings' specified
 
XenForo_Model::create() in XenForo/Controller.php at line 101
XenForo_Controller->getModelFromCache() in Tac/FoolBotHoneyPot/ControllerAdmin/Log.php at line 74
Tac_FoolBotHoneyPot_ControllerAdmin_Log->actionLogs() in XenForo/FrontController.php at line 310
XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 132
XenForo_FrontController->run() in /store1/www/it.immobilio.www/doc_root/admin.php at line 13
Click to expand...

1) Do you get this all of the time, or was it just once while upgrading
2) Do you have AnyApi installed, or are you using FoolBotHoneyPot without AnyApi


The reason I ask (1), is that if a bot tried to register while you are upgrading (and this is fairly likely considering the number of bots that attempt to register), it's possible that things haven't processed correctly... This is just XenForo plugins upgrading, there is not a huge amount that can be done about it. If you get this frequently, I'll look deeper into it, but I haven't seen this error
 
So, you've only seen this error once? In which case, it's just a genral plugin upgrade issue...
If a bot is registering, and you upgrade the plugin that uses part of the regstration path, things will go askew.

But if you see the error again, let me know
I haven't seen this issue with about 1000 bot attempts a day, and that area hasn't been changed for the current version (so it's unlikely to be anything other than a genral XF plugin upgrade issue)
 
No Mike, If I activate AnyApi, the log of foolbot show the error and no users can register at my sites! o_O
It's a great bug :)
Edit: My AnyApi version is 1.0.2
 
giorgino said:
Edit: My AnyApi version is 1.0.2
Click to expand...

That's possibly the issue

Since this error is incorrect:
Invalid model 'Tac_AnyApi_Model_ApiSettings' specified

That model does exists, but it only exists in AnyApi version 1.0.2c

(AnyApi 1.0.2b - 1.0.2c was about moving AnyApi to the Tac folder)

You can download the latest version of AnyApi here:
http://xenforo.com/community/resour...tion-anti-spam-anti-fraud-any-api-thing.1467/

They should all come together in the pack, so I'm confused where the older version of AnyApi came from
 
There might be something strange going on with 2.2.05, the StopForumSpam API isn't detecting any thing..

It's letting normal users through, and stopping bots... but not playing well with AnyApi (I've not sure why yet)


Edit: Actually, it seems fine, I had the option "Don't Check APIs if Bot is Detected via FBHP" so it's working as expected


Nope, can't see any issues with it. Have you tried updating your AnyApi yet?
 
tenants said:
A minor change to the actionRegister in preparation for a 1.1.4 release. This now calls the parent actionRegister, I hadn't figured out a way to do this before, since all of the POST params are changed, and the standard params are fake honey pots. Now if the user passes all FBHP checks, I reset the POST variables to what the normal registration form expects, so can now call the parent actionRegister.
Click to expand...
Heh, calling the parent action kind of sucked for me because I was disabling captcha on the register page only, but now it'll require me to do more work. :p

While playing around I noticed that with Q&A captcha, users would not be able to register even if they entered the answer correctly. Did anyone else have this issue? I would imagine it would be reported already... Not sure if I have something conflicting. Well I think this is because the Q&A generates a unique hash and is deleted when verified. Since you're verifying the captcha in this addon and once again in the parent, the hash in the xf_captcha_log table is already deleted when you call back the parent. When the parent tries to look for the hash and it cannot, it'll fail. I was thinking you could just insert the hash back into the db since you actually know it, but you don't know the question id, so it wouldn't work. Maybe you know a way to fix this, but in the meantime I think you need to forgo the captcha check and just leave it to the parent if they are using Q&A. Although now FBHP would report a registration as passed even if they failed that captcha.

If you skip the check, funny enough, this actually helps in my case since I can easily not use a captcha on the registration form again without having to touch the FBHP addon code. Originally I wanted to ask to skip the captcha check since you're now calling the parent, which would do the check itself again anyways. I figured it would be an inconvenience to others, but now I have a reason for it. :ROFLMAO:

Edit:
Weird, this seems to affect recaptcha as well, maybe they are doing something similar as well with a one time hash, haven't looked into it. I wonder if it's just me. :unsure:
 
I've actually just noticed that I've had no registrations since Wednesday on my site.

I use KeyCaptcha, and since the update, it's not actually displaying the KeyCaptcha any more.

Confirmed on both my live and test site
 
You might be right despair, I'll need to check

I'm going to upload the previous version again until I can look into this

Back to 2.2.04c (and I'll leave it up as a previous stable release)


I've not seen any issues with CustomImgCaptcha + FBHP2.2.05 (used on surrey forum / and a few others), but I'll need to test reCaptcha / QA captcha

For now, 2.2.04c works perfectly (I was just trying to prepare for the update)
 
Do we need to uninstall and re-install to downgrade?

The specified add-on is older than the install version. Downgrading is not possible.
 
It's only a file change, the only file that has changed is the Tac_FoolBotHoneyPot_ControllerPublic_Register
So you only need to replace the files (There are no template or database changes)


I'll possibly wait for 1.1.4 to be released before updating again. I would like to call the parent, but the nature of this plugin makes it tricky, I would also like to call the captcha (so it's possible to combine the captcha registration errrors, FBHP mechanism errors, and API errors).

But, right now its not possible to do both:
Call parent => more compatible with future versions and other plugins ... but, can't combine all the errors
Don't call parent => may not be as compatible, but more information in the logs about the bot (<= this is the route that's been used, but it means more work for me, updating as soon as possible when the next version is released)

I will look for a way to get the best of both worlds
 
You must log in or register to reply here.
Top Bottom