brentsu

Add new...
 
Added a discussion 

On my website, several tons of spammers want to register new malicious accounts every day! I think everyone's website should be the same.

In the dolphin system, you can search the "join.php" in Apache's access_log, you will see a lot of logs... spammers want to register new account records...

In the UNA system, you can search the "page.php" in Apache's access_log,

cyq9bqtjnfqxnqbjkdbmrtjn6xjr9dlq.jpguun8afrew8fnapprqzqdth49ya2cjzai.jpg

How do we completely prevent, block and kill spammers?

observe the access_log record, you will see that all spammers will not browse your website, like your website, spammers just want to register a new account!

Well, You know, spammers will directly open the registration page and paste random registration information...

so we just add this code in front of join.php for Dolphin 7.4.2:

/**

 * Copyright (c) BoonEx Pty Limited - http://www.boonex.com/

 * CC-BY License - http://creativecommons.org/licenses/by/3.0/

 */


define('BX_JOIN_PAGE', 1);

require_once('check-url.php');


check-url.php :


if (!isset($_SERVER['HTTP_REFERER']) || substr($_SERVER['HTTP_REFERER'], 12, 7) != 'insoler') {

    echo '< html >

    < meta http-equiv="Content-Type" content="text/html; charset=UTF-8" / >

    < body >Hello World< /body > //You can put any welcome words

    < /html >';

    exit;

}


as long as spammers don't visit your website and directly open the registration page, they would only see a blank page with "Hello World" only!

This code will not affect the real "human" at all !


Why is 99.99% not 100% ?

Well, You know, even if spammers have hands, they can still use their hands to manually register a new account, post spam by manually...

My site is 100% no spammers for more than 8 years!

Need a demo?

Please go to my website :

https://www.insoler.com/

or  try this please :

https://www.insoler.com/join.php

  • 818
    • Sorry, I forgot to write UNA.

      1. open this file:

      template/scripts/BxBaseServiceAccount.php

      2. Try to add this code:

          public function serviceCreateAccountForm ($aParams = array())

          {

              if (isLogged() && 'create-account' == bx_get('i')){

                  header('Location: ' . BX_DOL_URL_ROOT);

                  exit;

              }

              

              if (isset($_SERVER['HTTP_REFERER']) && 0 === mb_stripos($_SERVER['HTTP_REFERER'], BX_DOL_URL_ROOT)) { // remember referrer

                  

                  $sJoinReferrer = $_SERVER['HTTP_REFERER'];

                  $aNoRelocatePages = array('forgot-password', 'login', 'create-account', 'logout');

                  foreach ($aNoRelocatePages as $s) {

                      if (false !== mb_stripos($sJoinReferrer, $s)) {

                          $sJoinReferrer = '';

                          break;

                      }

                  }   

                  if ($sJoinReferrer)

                      BxDolSession::getInstance()->setValue('join-referrer', $sJoinReferrer);

              }

              elseif (!isset($_SERVER['HTTP_REFERER']) || substr($_SERVER['HTTP_REFERER'], 12, 7) != 'insoler') {

       {

          echo '< html >

          < meta http-equiv="Content-Type" content="text/html; charset=UTF-8" / >

          < body >Hello World< /body > //You can put any welcome words

          < /html >';

          exit;

              }


      I have not tested "remember referrer" function by now...

      💓0 😆0 😲0 😥0 😠0 0
      • Yes, because spammers will not browse any page of your website, even the homepage, they just want to register a new account on the registration page.

        💓0 😆0 😲0 😥0 😠0 0
        • or u can use cloudflare and prevent it by captcha, ip etc. much easier 

          💓0 😆0 😲0 😥0 😠0 0
          Not logged in users can't 'Comments Post'.
          Added a discussion 

          Finally I upgraded the entire website to all new version for ultimate Dolphin 7.4.2!

          📌 PHP 7.4.5

          yie2aswxmhtqetkq8cqxuqnsrwugsyhp.jpg

          📌 ffmpeg version 4.4.2

          4zvgjfcwldrudgzgkgxtthkqlhvq45e2.jpg

          📌 PHP 7.4.5 and Zend OPcache

          ymtrinwpx38xaus4npptbjrcbrq9rsyz.jpg

          📌 MySQL Community Server 8.0.20

          7kehrmzcafdjxbbpr2ptsjhcz6ynczez.jpg

          📌 Use InnoDB and utf8mb4_0900_ai_ci or utf8mb4_bin

          9mdtwj3mxwc7rwvei4xgfxdstjlvu2cn.jpg

          📌 TinyMCE 5.2.2

          zmp66ufmrewnmie4tmmhraifghbj6v7s.jpg

          In the next step of having the ultimate dolphin, I think I should switch to UNA. don't wait for me, I'm coming...

          • 2230
            • -you know, its funny.. i still run a joomla based site..  revitalizeyou.org
              -i have had iterations of phpBB and simple machines, they drive me crazy. :D
              -i've had wordpress and had it work for the first few years, before it became the spam magnet it is now and security nightmare unless you really work it...
              -i've written tons of personal pages by hand, and they always work. LOL
              -i still run an active IRC server.

              bro, why is your mySQL not using SSL?  thats a big no no..

              💓0 😆0 😲0 😥0 😠0 0
              • If you run a standard phpBB, Joomla, with no other third-party modules, there should be no upgrade problems. But, I turned Joomla into a third-party module for phpBB. My phpBB forum does not look like phpBB at all, so there will be upgrade problems! My phpBB looks like Joomla but still a phpBB forum...

                Thank you for pointing out the problem with MySQL SSL. I just upgraded from very old MySQL 5.6.41 to MySQL 8.0.20 now! Because MySQL 8.0.0 ~ 8.0.19 cannot be installed on macOS Catalina 10.15, only MySQL 8.0.20 can!

                I don't like WordPress, so I use Joomla. but WordPress has a lot of beautiful template (although Joomla does, it is still less than WordPress)...

                If UNA can directly install WordPress, Joomla, Drupal template, it would be great, because there are too few beautiful UNA template...

                therefore, I need some time to study MySQL SSL...

                thank you for your suggestion.

                💓0 😆0 😲0 😥0 😠0 0
                • Just upgraded to TinyMCE 5.3.0.😂

                  2jdwcnqexxzjdmvphphvhagstgpdv3du.jpg

                  💓0 😆0 😲0 😥0 😠0 0
                  Not logged in users can't 'Comments Post'.
                  Added a discussion 

                  I just upgrading to Dolphin 7.4.1. Next step I should start to study how to use dolphin_migration for migration dolphins to UNA.

                  But, on the UNA website, downloaded UNA 9 with only 4 modules. So I downloaded UNA on github:

                  https://github.com/unaio/una

                  UNA installer still forgot to detect http or https, If the site is already using https, we will see a messy page after the installation is complete.

                  • 941
                    • UNA installer detects if https by checking 'HTTPS' server variable, usually it's set when site is using https, if you have another way to properly detect https you are welcome to share it.

                      💓0 😆0 😲0 😥0 😠0 0
                      • Maybe in your or other server support $_SERVER['HTTPS'], but my server not support that.

                        So, when we install Dolphin or UNA, we will see the wrong URL. please see install01 and install02.

                        I writing this program to display the environment variables supported by my server:

                        < ? php
                        echo '<PRE>';
                        print_r($_SERVER);
                        echo '</PRE><br />';

                        please see install03 for Server A and install04 for Server B.

                        You can see that there is no $_SERVER['HTTPS'] in the server variable.

                        therefore I use $_SERVER['HTTP_X_FORWARDED_PROTO'] to rewrite this proto()

                            protected function proto()
                            {
                                if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']))
                                    return $_SERVER['HTTP_X_FORWARDED_PROTO'] . '://';
                                elseif ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) || getenv('UNA_HTTPS'))
                                    return 'https://';
                                else
                                    return 'http://';
                                //return (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) || getenv('UNA_HTTPS') ? 'https://' : 'http://';
                            }

                        OR

                            protected function proto()
                            {
                                if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']))
                                    return $_SERVER['HTTP_X_FORWARDED_PROTO'] . '://';
                                else
                                    return (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) || getenv('UNA_HTTPS') ? 'https://' : 'http://';
                            }
                        
                        

                        Please see install5 for the execution result of the installation.

                        This is the dolphin installer's index.php:

                        $confFirst['site_url']  = array(
                            'name'    => "Site URL",
                            'ex'      => "http://www.mydomain.com/path/",
                            'desc'    => "Your site URL (slash at the end is required)",
                            'def'     => "http://",
                            'def_exp' => function () {
                                    $str = $_SERVER['HTTP_X_FORWARDED_PROTO'].'://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
                                    return preg_replace("/install\/(index\.php$)/", "", $str);
                            },
                            'check'   => function ($arg0) { return strlen($arg0) >= 10 ? true : false; }
                        );

                        P.S. When I re-edited the article iin Dolphin  (of blog) and UNA, some words in PHP and HTML disappeared and could not be used! for example:

                        ' < PRE > ' ;

                        < ? php

                        But there is no such problem in the Dolphin Forum!

                        💓0 😆0 😲0 😥0 😠0 0
                        • Thank you for the explanation and sample code:

                          https://github.com/unaio/una/issues/2062

                          💓0 😆0 😲0 😥0 😠0 0
                          Not logged in users can't 'Comments Post'.
                          Added a discussion 

                          The https://d.una.io is development demo has been down for more than a week... 

                          it say...

                          Mysql error:
                          Unknown column 'bx_timeline_events.sticked' in 'order clause'

                          collation_connection:
                          utf8mb4_unicode_ci

                          so, this is the use MySQL Server 8.0.15??

                          • 913
                            • Oh [censored]

                              💓0 😆0 😲0 😥0 😠0 0
                              • Hello brentsu !

                                Thank you for your signal, the demo error was fixed.

                                💓0 😆0 😲0 😥0 😠0 0
                                Not logged in users can't 'Comments Post'.
                                Added a discussion 

                                If BOONEX wants Dolphin and UNA to be liked by many people, I recommend not trying to design a template for BOONEX Only ! Because the number of new templates is too few, even almost equal to zero...

                                BOONEX Should support the world's most popular template, Such as the WordPress template.

                                In this case, any website that uses UNA, there are countless more templates available today. Rather than going around to find a UNA-specific template that is hard to find.

                                • 960
                                  • You can have the illusion that it exists, but in this case it has the same name, the same aspect, but it is just an adaptation, it is not the same code and is not interchangeable with other cms .

                                    💓0 😆0 😲0 😥0 😠0 0
                                    • You can have the illusion that it exists??? Oh~ maybe I have...


                                      You think this is "Mission: Impossible"... maybe BOONEX is thinking about the same thing... this is "Mission: Impossible" !?

                                      Please guess what kind of PHP system is used on this website? and what template(style) is used on this website?

                                       

                                      www . bnw . com . tw / conference / index.php

                                       

                                      I know... You don't want to know. and you don't want to take the time to guessing...

                                      In fact, this site is using phpBB 3.1 forum system and the template of Joomla designed by yootheme. About 10 years ago, around 2008.

                                      I didn't change all the phpBB pages, so some pages will see the official style of phpBB, for example...

                                       

                                      www . bnw . com . tw / conference / ucp.php?mode=login

                                       

                                      so, this is just a difficult job, but not a "Mission: Impossible" task. If BoonEx don't want to do it, I'll do it again!

                                      We need is a Dolphin and WordPress or Joomla bridge...


                                      Community site that supports Digital Camera RAW photos : insoler . com

                                      💓0 😆0 😲0 😥0 😠0 0
                                      • Hello brentsu!

                                        Sorry, but without the template files, you can't be sure that both platforms use the same package. "A bridge" which was mentioned by you is exactly the same thing which Andrew and Baloo mean.

                                        💓0 😆0 😲0 😥0 😠0 0
                                        Not logged in users can't 'Comments Post'.
                                        Achievements

                                        Apprentice

                                        Total points: 33

                                        68.1 point(s) to reach
                                        Info
                                        Friends count:
                                        Followers count:
                                        Full Name:
                                        brentsu
                                        Membership
                                        Premium
                                        brentsu Discussions
                                        •  ·  818
                                        •  · 
                                        On my website, several tons of spammers want to register new malicious accounts every day! I think e…
                                        •  · 
                                        •  · 
                                        •  · or u can use cloudflare and prevent it by captcha, ip etc. much easier 
                                        •  ·  2230
                                        •  · 
                                        Finally I upgraded the entire website to all new version for ultimate Dolphin 7.4.2!📌 PHP 7.4.5📌 ffm…
                                        •  · 
                                        •  · 
                                        •  · Just upgraded to TinyMCE 5.3.0.😂
                                        •  ·  941
                                        •  · 
                                        •  · 
                                        I just upgrading to Dolphin 7.4.1. Next step I should start to study how to use dolphin_migration fo…
                                        •  · 
                                        •  · 
                                        •  · Thank you for the explanation and sample code:https://github.com/unaio/una/issues/2062
                                        •  ·  913
                                        •  · 
                                        The https://d.una.io is development demo has been down for more than a week... it say...Mysql error:…
                                        •  · 
                                        •  · 
                                        •  · Hello brentsu !Thank you for your signal, the demo error was fixed.
                                        •  ·  960
                                        •  · 
                                        If BOONEX wants Dolphin and UNA to be liked by many people, I recommend not trying to design a templ…
                                        •  · 
                                        •  · 
                                        •  · Hello brentsu!Sorry, but without the template files, you can't be sure that both platforms use the s…

                                        UNA - Network Infrastructure for Communities

                                        Close