Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
Dove
New Member
New Member


Joined: Jun 29, 2004
Posts: 11
Location: USA

PostPosted: Sun Mar 19, 2006 1:22 pm Reply with quote

This is something that has come up with PhpBB (Standalone version)in where they claim bots are registering and preparing for a possible attack. Some of the PhpBB sites I visit have these bots registered on them.

My question is how to go about adding/modding PHP-Nuke to add visual confirmation when new people register? Is this something we should do?
and/or
How do they determine which user is a bot vs a regular user?


Only registered users can see links on this board! Get registered or login!

Only registered users can see links on this board! Get registered or login! site where people are reporting it.
Only registered users can see links on this board! Get registered or login!

Thanks!!
Any help/ideas appreciated.
 
View user's profile Send private message
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Sun Mar 19, 2006 2:59 pm Reply with quote

Make sure your security code is enabled.
Ensure registration uses the activation email link.

The user info block should show recent registrations but I always check new user registrations with the IP Tracking Module (add-on) or Nuke Sentinel IP tracking facility to see what pages a new user visits - that should give you some kind of indication if they are human or not.

If a new user registers on my site and I see no tracking after a few days, I usually email them. After all, if they went to the trouble of registering, it is usually for a purpose.
 
View user's profile Send private message Send e-mail
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Mar 19, 2006 4:35 pm Reply with quote

Personally, I disable the login/logout and registration feature of phpBB and point things to the Your_Account module with its security code.

And any robots that hit login.php or profile.php get banned.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Guardian2003
PostPosted: Sun Apr 09, 2006 3:21 am Reply with quote

evaders - wouldn't this mean that registered users are not able to complete their forum profile?
Or is the ban purely on those files IF they are anonymous?
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©