I got a false positive right now when I tried to register at your site. Maybe because I use Lastpass password manager to auto generate a password for the registration. When I tried again the registration said everything was ok. Strange?
A more robust way of avoiding password manager detection. The honeypots for password/username are not only reset on page load now, but also form submit (since it seems some password managers were setting password after page load, and after reset)
thanks @tenants i got 5+ pages of stopped spammers. who am i going to delete now!!
I've re-added 'AUTOCOMPLETE = "off"' back to the registration form (using template modifications) to avoid password managers (some how this was missed when converting to template modifications)
@woei
Can you try registering using your password manager again
(Don't worry about duplicate accounts, just see if you can trigger the bot detection with your password manager)
What I now do, is not only reset the passwords/usernames on page load (to avoid password manager issues), but also on form submit (since it looks like this is when it got set by your password manager.. strange, I thought they always set them on page load)
So now, on clicking form->submit, even if your password manager tries to "set" the hidden password, it shouldn't do anything
This wont affect bots (they will still correctly be detected)
Installation:
(note, if the forum tells you that it is closed from registering, it is likely I have prevented your country from registering with StopCountrySpam, let me know if this is the case via PM/Conversation)
- First, join surrey forum: http://www.surreyforum.co.uk/forums/xenforo-plugins/
When you account upgrade at SurreyForum the plugin is immediately available to download (as an attachment in the first post), this is automated.
- Then purchase the plug-in here: http://www.surreyforum.co.uk/account/upgrades
- Download the latest version here: http://www.surreyforum.co.uk/threads/foolbothoneypot.1621/
You should now have the following folder structure:
- Unzip the file
- Upload this folder into the library folder of your XenForo root
http:// www. yourforum.com/library/Tac/FoolBotHoneyPot
Upgrade:
- Go to ACP -> Add-ons -> Install Add-on -> Install from file on server
- Install from file on server: " library/FoolBotHoneyPot/addon-FoolBotHoneyPot.xml"
- Set options in the administration control panel ACP>>Home>>Options>>FoolBotHoneyPot
1. Unzip the following zip file, and copy over the original files with the new versions (just copy over the entire FoolBotHoneyPot Folder)
2. From within the Admin Control Panel: yourforum/admin.php?add-ons/
find the FoolBotHoneyPot, and select the options
Control >> Upgrade
3. Upgrade from file on server: library/Tac/FoolBotHoneyPot/addon-FoolBotHoneyPot.xml
Since we have some very good methods to detect bots without a shadow of a doubt, I've added the option to cache the known bot IP addresses locally (This is optional, and can be turned off by setting to 0)
Known bot IPs are only cached if they have modified multiple hidden fields, have no javascript detected and have attempted to register very quickly.
Using cached Known bot IP addresses, we can then use a 0 query method to 401 unauthorised, or redirect them to a page of your choice.
We can therefore stop bots that try to brute force the registration page (after detection, they will not be able to resend another attempt for 48 hours by default), we do this with a 0 query method and should reduce server impact that bots usually have when brute forcing the registration page.
If you want, you can redirect these bots to a page on your site telling them that their IP has been stored for x hours as it has been detected as a bot.
However, if you redirect them to a forum page, bare in mind, brute force bots will hit this page over an over, I recommend leaving the default 401 unauthorised page
.
- Cache known bot IPs of x hours
- Prevent re-attempts for x hours (optionally redirect bots / 401)
We use essential cookies to make this site work, and optional cookies to enhance your experience.