Other than spam posts and reviewing ACP newest registrations, core has no other way to identify spam registrations?
Other than spam posts and reviewing ACP newest registrations, core has no other way to identify spam registrations?
The core doesn't have logs about what hits the honeypots which is why I was sad tenants didn't update the plugin back then. With Xenforo you don't see the hundreds of bits per hour or second it's keeping away.
This is also why the core should never have used honeypots, they've effectively made it a huge target which is far less affective (at least the core honeypots are anyway)
Surely it will always be a cat and mouse game? Better to have it in the core and working for a couple of years before needing to get a core upgrade to keep up with the bots.
It's fascinating reading about your work in this field, thanks for fighting the fight for us!
There was little point in updating it at that point, for just logs? The fbhp mechanisms has always been about blocking 100% of bots elegantly, if the core does it, then fbhp would have only been about logging.
Once the core copied many of fbhp mechanisms, it was obvious the classical honeypots were then a target, I just had to wait, watch and see how the bots were about to bypass it, just before they released, it was then worth striking again.
Ignoring the outliers, you can start to see the begging of a pattern
The average registration speed of bots is rising, these aren't going to suddenly drop (they are not peaks from 1 or 2 slow bots, but these bots are purposely bypassing the registration timer):
View attachment 148091
- I agree, stronglyYeah. When I started my anti spam bot addon for vB, I noticed they were passing that often. But the way I was using the honeypots, a bot never bypassed all of them, sometimes they missed some, but never did bots pass all of them due to the way I set them. Have to fool them as much as you can.
The other thing I did was not tell the bot they failed. Once they did fail, upon submitting the info, it would be stored, and the bot was served the successful registration page. They then would immediately start trying to post, but of course could not because they had no account. They would assume something is wrong with the sites registration process.
I make sure all the responses go back as if it was a real "password field" / "username" etc, bots look for responses, they often use them to verify the type of field
We use essential cookies to make this site work, and optional cookies to enhance your experience.