[TAC] Fool Bot Honey Pot

[TAC] Fool Bot Honey Pot [Paid] 3.0.32

No permission to buy ($29.00)
Overview Updates (79) Reviews (28) History Discussion
Wulfspider said:
Tested without a captcha, and so far only 1 bot has made it by out of the ~4k attempts that were blocked.
Click to expand...
Just wondering, was the one that made it through actually a bot (spammy username/email) or was it a human spammer? I was also thinking of using this addon without captcha or any other spam prevention addon, but looks like you'd need additional methods to reach that 100%?
 
Despair said:
Just wondering, was the one that made it through actually a bot (spammy username/email) or was it a human spammer? I was also thinking of using this addon without captcha or any other spam prevention addon, but looks like you'd need additional methods to reach that 100%?
Click to expand...
I'm unsure. It's the same spam we've been getting for over a month, about kitchens and such. The IP address was from Indonesia, but not registered in any bot DBs that I could see.
 
Hi

I have purchased one licence already. How can I purchase a second licence for another XF Forum? There is no option in the userprofile to add another licence of the same plugin.
 
1 bot, are you sure it was a bot and not a manual spammer?

Although XRumer is not the only bot, there is no way at the moment to configure XRumer to dynamically pick out the correct fields names (you need to set the field names in a text file, a =name, b = email.. tect) so to dynamically create these and poppulate them with the correct uuids is currently not possible, ... but bot user do come back and look at why things fail (they sometime manually register to see if they can find a way to pass it)
 
tenants said:
1 bot, are you sure it was a bot and not a manual spammer?

Although XRumer is not the only bot, there is no way at the moment to configure XRumer to dynamically pick out the correct fields names, ... but bot user do come back and look at why things fail (they sometime manually register to see if they can find a way to pass it)
Click to expand...
Nope, not sure at all. I'm assuming it was manual, but no way to tell otherwise.
 
1stly, check they registration date of that user. Make sure it wasn't already registered (some sit around for a while before posting)

2ndly, have a look at how it registered. If it came via the registration page, it is highly unlikely it would have been a bot that registered. However, if it came via FaceBook registration (or Google/Twitter Auth), then you have a small leak in your system, and it might be worth considering using an antibot mechanism for these registration areas (see facebookregcaptcha )
(you need to check your server access logs for that IP address)

3rdly, what was the IP address they registered with (and what location was it associated with). I've noticed it's fairly rare that manual spammers use proxies, but bots almost always use proxies. For this reason, I use StopCountrySpam to stop human spammers (since in my case I can block certain countries), and FoolBotHoneyPot for bots. If the user used an IP address that is associated with a country that "spams lots", it's fairly likely they are human spammers.
 
tenants said:
1stly, check they registration date of that user. Make sure it wasn't already registered (some sit around for a while before posting)

2ndly, have a look at how it registered. If it came via the registration page, it is highly unlikely it would have been a bot that registered. However, if it came via FaceBook registration (or Google/Twitter Auth), then you have a small leak in your system, and it might be worth considering using an antibot mechanism for these registration areas (see facebookregcaptcha )
(you need to check your server access logs for that IP address)

3rdly, what was the IP address they registered with (and what location was it associated with). I've noticed it's fairly rare that manual spammers use proxies, but bots almost always use proxies. For this reason, I use StopCountrySpam to stop human spammers (since in my case I can block certain countries), and FoolBotHoneyPot for bots. If the user used an IP address that is associated with a country that "spams lots", it's fairly likely they are human spammers.
Click to expand...
It was newly created, and I removed the content it created within a few seconds of registration. Location I had in my previous post (Indonesia).
 
I hate saying this, but that is one of the coutries I block for manual spam, and possibly one of the most common (I'm not suggesting anyone else should block this coutry, I can block it since my forum is not relavant to that country). If they were botting, they almost always use proxies and they seem to often (but not always) look like they come from the USA / EU

Bot users are almost always proxy savy

Just check your last 10 bots in your logs, my last 5:
http://whatismyipaddress.com/ip/193.105.210.123 (Ukrain, bad example)
http://whatismyipaddress.com/ip/192.210.62.162 (California)
http://whatismyipaddress.com/ip/5.39.69.13 (France)
http://whatismyipaddress.com/ip/113.212.69.98 (USA)
http://whatismyipaddress.com/ip/192.74.255.1 (California)
 
tenants said:
I hate saying this, but that is one of the coutries I block for manual spam, and possibly one of the most common (I'm not suggesting anyone else should block this coutry, I can block it since my forum is not relavant to that country). If they were botting, they almost always use proxies (and they seem to often look like they come from the USA / EU )
Click to expand...
Yeah, just don't really want to block entire countries.

Plugin is working great though. :)
 
I'm using the built in Q&A captcha as well as this. Does this mod record if the bot failed the captcha? Can't see it anywhere but I might be looking in the wrong place.
 
yes, go into the log section (Admin CP >> Tools >> FoolBotHoneyPot Logs)

Then for each bot, click the row. You will get something like this:

captchafail.webp
If the CAPTCHA fail is not present in the registration errors, then the bots are getting through your CAPTCHA
 
If you have lots of CAPTCHA, then you will need to go through a few of these. You could take images of your text and use that with customImgCaptcha (but if you are going to take images, you may as well use something unique that is not text)

I use CustomImgCaptcha with custom images, foolbothoneypot then tells me for each CAPTCHA how many times humans have passed/failed it and how many times bots have passed/failed it:

botvscustomcaptcha.webp

(I then know when I need to change my CAPTCHA)
 
Does this also work on the contact and lost-password forms?

I'm thinking of turning off captcha, but cannot if it would leave the above unprotected.
 
FoolBotHoneyPot nope, currently registration only...
(CustomImgCaptcha works everywhere the standard CAPTCHA works)

Those forms (contact / lost-password) don't have as many areas where you can trip bots up
(for instance, you don't have to put your timezone/dob/password/password confirm).

It could be extended to cover those areas (but it would take a bit of work, and I have a few other things I'm doing with this 1st)


I think some body mentioned that you can turn CAPTCHA off for certain areas ( I can't confirm this, since I haven't done it my self). I'm not sure if you can turn CAPTCHA off for registration but leave it on for contact/lost-passwords
 
HWS said:
We use it with XenUtiles without problems.
Click to expand...

If you have XenUtiles installed also, which add-on is actioned first when the registration form is submitted? Does it run through FPHP or XU first? I'd like to know which should thus catch the most spam?
 
tenants said:
It could be extended to cover those areas (but it would take a bit of work, and I have a few other things I'm doing with this 1st)

I think some body mentioned that you can turn CAPTCHA off for certain areas ( I can't confirm this, since I haven't done it my self). I'm not sure if you can turn CAPTCHA off for registration but leave it on for contact/lost-passwords
Click to expand...
I don't think this is possible without an addon/modification. I only took a quick look though so I'm not certain. Maybe for now you could add a simple option that allows you to disable captcha on the register_form template? I think I read that this addon uses its own register_form template. I'd assume it'd be as easy as not including the captcha helper and then forgoing the check in the register action if the admin chooses to set the option to disabled?
 
tenants updated FoolBotHoneyPot Bot Killer: Spam Combat with a new update entry:

FoolBotHoneyPot v2.0.07 - Fixed a bug for IE7 (and possibly IE8)

Fixed an infrequent and hard to detect bug. In IE7 (and possibly IE8). If a user has non default settings and turns on Auto Complete on for forms and passwords, 'sometimes?' it seems setting [AUTOCOMPLETE = "off"] is not abided to by the browser. I've now set these values after the page has loaded bypassing the IE auto complete

Thankfully, the explicit logging details made the identification of this bug much easier
Click to expand...

Read the rest of this update entry...
 
Despair said:
Heh, for a second I thought you added my suggestion really quickly. I take it you're not interested in adding that option?
Click to expand...

I'll take a look, but it might not be a simple as just turning it off for registration, I don't want to add bugs where they dont need to exist, but if I can do this without complications, I'll add your suggestion as an ACP option

I'll add it to the "to-do list" and will take a look when I get a chance

I have a couple more things that I want to add to this 1st (which might take a few days)
 
You must log in or register to reply here.

Similar threads

Yugensoft
Add-on Offer: Sale of IP Rights of All Addons
Replies
10
Views
2K
ssj2_ssbm
ssj2_ssbm
Brent W
  • Suggestion Suggestion
Implemented Spam Suggestion Feature
Replies
10
Views
2K
Jeremy
Jeremy
Brent W
  • Suggestion Suggestion
Duplicate Stop Bot Spam Via Altering Registration Fields
Replies
2
Views
2K
tenants
tenants
tenants
Add-on Free Bot Registration Prevention
Replies
0
Views
1K
tenants
tenants
Mouth
  • Question Question
XF 1.1 Column xf_user.is_staff missing - upgrading 1.1 to 1.2
Replies
3
Views
2K
Chris D
Chris D
Top Bottom