Limiting GeoIP to a local region?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • xenigo
    Confirmed User
    • Jan 2001
    • 8067

    #1

    Limiting GeoIP to a local region?

    I have a forum dedicated to the homeowners of the condo complex I live in. The forum is PHPbb. Every day I get about 80 fake registration attempts. I set it to require manual approval but now all the requests are being sent to an email address that's blowing my ass up now.

    I just now configured reCAPTCHA... Should that be effective enough to avoid resorting to GeoIP filtering?
  • GrouchyAdmin
    Now choke yourself!
    • Apr 2006
    • 12085

    #2
    Your question doesn't really match the title.

    If it's all through a local network, you can obviously easily lock it down there. However, with G3/G4 access, etc, or an external server, you are going to want to use mod_geoip and a recent database, or similar. It may make sense to lock down to the state level in this case.

    reCAPTCHA will help with automated attacks, it may also make sense to use robots.txt to hide it from scrapers.

    Comment

    • CYF
      Coupon Guru
      • Mar 2009
      • 10973

      #3
      Easy to fix. Setup a registration question to answer, and have it be "what is the name of our association?"

      That cut down the bot registration on my forum to zero.
      Webmaster Coupons Coupons and discounts for hosting, domains, SSL Certs, and more!
      AmeriNOC Coupons | Certified Hosting Coupons | Hosting Coupons | Domain Name Coupons

      Comment

      • xenigo
        Confirmed User
        • Jan 2001
        • 8067

        #4
        Originally posted by GrouchyAdmin
        Your question doesn't really match the title.
        Yes, I realized that after I posted it. I wrote the post before I configured reCaptcha and then it kinda made my question regarding geo IP filtering less relevant.

        Originally posted by CYF
        Easy to fix. Setup a registration question to answer, and have it be "what is the name of our association?"

        That cut down the bot registration on my forum to zero.
        I'll try that first. Thanks.

        Comment

        • freecartoonporn
          Confirmed User
          • Jan 2012
          • 7683

          #5
          bot can solve recaptcha.,

          try what "CYF" said.,

          make questions and answers unique.
          SSD Cloud Server, VPS Server, Simple Cloud Hosting | DigitalOcean

          Comment

          • DBS.US
            Geo Cities
            • Aug 2003
            • 11843

            #6
            80 fake registration attempts a day? Where are these attempts coming from? 80 seems like a lot for a local complex forum?
            Have an unused domain? Make a Free Chaturbate White Label site and be making money tonight

            Comment

            • CyberHustler
              Masterbaiter
              • Feb 2006
              • 28735

              #7
              Originally posted by CYF
              Easy to fix. Setup a registration question to answer, and have it be "what is the name of our association?"

              That cut down the bot registration on my forum to zero.
              “If you can convince the lowest white man he’s better than the best colored man, he won’t notice you’re picking his pocket. Hell, give him somebody to look down on, and he’ll empty his pockets for you.”

              Comment

              • BradBreakfast
                Confirmed User
                • Feb 2008
                • 415

                #8
                HOA's are all about the drama.
                GetClicky - The World's Most Advanced Real Time Ajax-based Analytics

                Comment

                • rowan
                  Too lazy to set a custom title
                  • Mar 2002
                  • 17393

                  #9
                  Most of those fake registrations are probably coming from known spam IPs. Try something like this, your forum software may already support it... http://www.stopforumspam.com/

                  I made a simple mod to the vbulletin PHP code for mine, disallowing a registration if the form was submitted within less than 5 seconds of it being loaded. Only bots can fill out a form that fast. That small change alone blocks about 20-30 attempts per day.

                  Comment

                  • Stephen
                    Consigliere
                    • Feb 2003
                    • 1771

                    #10
                    I have a local concern that is limited to two counties in Norcal

                    Geo-IP and manual approvals work, but I like this question idea / image turing as well

                    Comment

                    • SplatterMaster
                      Confirmed User
                      • Jan 2012
                      • 790

                      #11
                      This works pretty good at blocking the registration, Not sure if the plugin is up to date for your version of the board you use or not. Works pretty good on my SMF forum

                      http://www.stopforumspam.com/contributions

                      EDIT: I see someone beat me to it
                      Last edited by SplatterMaster; 10-16-2012, 06:32 PM.

                      Comment

                      • xenigo
                        Confirmed User
                        • Jan 2001
                        • 8067

                        #12
                        It seems the reCaptcha is stopping it effectively. The silence of my phone not buzzing with the approval request is quite relaxing.

                        Comment

                        • xenigo
                          Confirmed User
                          • Jan 2001
                          • 8067

                          #13
                          Originally posted by BradBreakfast
                          HOA's are all about the drama.
                          You'd think, but this one is occupied almost entirely by old ladies. The only drama that I've been involves a half-way house full of mentally challenged people... our unit overlooks their driveway. This "paratransit" bus driver that comes and picks them up every morning is a lazy asshole and honks his horn 3-5 times at 8am, and 11am every day Monday through Friday. The idiots that the half-way house employ also take part in the horn honking every time they have new groceries and want someone to come help bring them in.

                          I wrote a letter to their executive director and after a short argument about the obnoxious nature of the situation, the honking finally ended.

                          Now I'm trying to figure out how to contact the HOA of an entirely different building that is visible from the back of our unit where some small child wakes up at around 8am and screams in an extremely high-pitched manner that doesn't stop until 7pm. The inconsiderate parents leave their windows open for everyone to share in the fun. The phone at their HOA goes unanswered... and I'm considering walking over there and knocking on the door for a face to face chat...
                          Last edited by xenigo; 10-16-2012, 06:59 PM.

                          Comment

                          • xenigo
                            Confirmed User
                            • Jan 2001
                            • 8067

                            #14
                            Originally posted by xenigo
                            It seems the reCaptcha is stopping it effectively. The silence of my phone not buzzing with the approval request is quite relaxing.
                            Alright... about 26 hours after I implemented reCaptcha, one fake registration has slipped through. I wonder if they figured out a way around it?

                            Comment

                            • TheSquealer
                              Mayor of Thneedville
                              • Oct 2004
                              • 26174

                              #15
                              Originally posted by xenigo
                              Alright... about 26 hours after I implemented reCaptcha, one fake registration has slipped through. I wonder if they figured out a way around it?
                              xrumer will solve them while registering. it will crack every captcha there is. also there are services to crack them
                              .
                              Yes, fewer illegal immigrants working equates to more job opportunities for American citizens.

                              Rochard

                              Comment

                              • xenigo
                                Confirmed User
                                • Jan 2001
                                • 8067

                                #16
                                Originally posted by TheSquealer
                                xrumer will solve them while registering. it will crack every captcha there is. also there are services to crack them
                                Oh shat. That's interesting. If that's what they're using, it doesn't seem like it's working too fantastic...

                                Comment

                                • TheSquealer
                                  Mayor of Thneedville
                                  • Oct 2004
                                  • 26174

                                  #17
                                  Originally posted by xenigo
                                  Oh shat. That's interesting. If that's what they're using, it doesn't seem like it's working too fantastic...
                                  Usually people using tools like that are going after the low hanging fruit because its about quantity, not quality. You can set it to retry X times etc and then move on.

                                  Also, you should set registrations to have to be approved by mods and whatever other spam features there are... then you won't have to worry about spam posts... just registrations.

                                  Just because you slowed one guy down, doesn't mean others aren't going to follow

                                  As was mentioned before, you should also search "vbulletin footprints" or whatever software you are using, edit the templates and remove as much as possible. Use robots.txt to block useless pages like registration pages or other pages and do what you can to hide it from search engines. If you do not want it in search engines at all, just use robots.txt to block google/yahoo/bing - thats how they are typically finding forums to begin with. I think you can use google webmaster tools and have it or some pages removed from search results. Basically, software is just searching for things like :

                                  ' "powered by vbulletin" condos '

                                  to find lists of vbulletin forums for those keywords. So you can search "vbulletin footprints" and try to eliminate what you can from templates and block other pages from showing up. But if you don't need it in search results, it would be best to block it from being crawled.

                                  if you can modify the php, simple things like "what animal is the middle pic" would stop them. Captchas aren't really effective because eventually you'll just run into people using services like deathbycaptcha etc and they won't be slowed down by them.
                                  .
                                  Yes, fewer illegal immigrants working equates to more job opportunities for American citizens.

                                  Rochard

                                  Comment

                                  • CyberHustler
                                    Masterbaiter
                                    • Feb 2006
                                    • 28735

                                    #18
                                    Originally posted by xenigo
                                    Oh shat. That's interesting. If that's what they're using, it doesn't seem like it's working too fantastic...
                                    targeted question & answer on registration = zero spam on phpbb... no mods needed, or captcha...
                                    “If you can convince the lowest white man he’s better than the best colored man, he won’t notice you’re picking his pocket. Hell, give him somebody to look down on, and he’ll empty his pockets for you.”

                                    Comment

                                    Working...