Author

Topic: FaucetBOX.com Discussion - page 142. (Read 237020 times)

newbie
Activity: 11
Merit: 0
August 04, 2015, 04:12:36 PM
Hello,
I have suggestion for you.

How about banning from hostname? not IP address or IP range.

Example
This is hostname VPS list:
XXXXX.XXXXXX.compute.amazonaws.com
XXXXXX[Suspicious link removed]ltr.com
XXXXXXX.static.cloud-ips.com
XXXXXXX.members.linode.com
XXXXXXX.softlayer.com
etc

I don't care they are bots or real. Because advertiser not counting visitors from VPS IP.
member
Activity: 99
Merit: 10
August 04, 2015, 10:27:34 AM
legendary
Activity: 2352
Merit: 1268
In Memory of Zepher
August 04, 2015, 07:56:50 AM
EDIT: we'll also try experimenting with minteye.com captcha, but for now I can't even register on it (it timeouts)...
Minteye has shutdown I believe, according to a person in my faucet guide either way. Besides, I have heard reports from faucet owners that Minteye was very easy to bot, so I doubt it would have helped much.
legendary
Activity: 971
Merit: 1000
August 04, 2015, 07:27:19 AM
Does any of the affected faucets use Are you a Human captcha? Looks like Rucaptcha doesn't support it.

EDIT: we'll also try experimenting with minteye.com captcha, but for now I can't even register on it (it timeouts)...
legendary
Activity: 2352
Merit: 1268
In Memory of Zepher
August 04, 2015, 07:15:08 AM
Perhaps using a random timer (1-5 seconds), and only displaying the captcha and form once the timer has been completed could help. Granted, it could probably be bypassed by changing the Javascript or HTML DOM but it could possibly put things in their tracks for a short while. I would try to see how the API works and if there is a way around it, but I do not know Russian and all translation services fail to translate it.
legendary
Activity: 971
Merit: 1000
August 04, 2015, 06:48:41 AM
We've released a new release of Faucet in a BOX script: http://faucetinabox.com/static/download/v1/faucetinabox-r52.zip . It makes name of the address field random, which will break simple bots. It's just a minor change, changing a bot to detect that won't take more than 10 minutes, but it's something Smiley
legendary
Activity: 971
Merit: 1000
August 04, 2015, 04:07:40 AM
We're getting reports about iMacro scripts for abusing faucets (all kinds, not just Faucet in a Box, but also Microwallet's Microfaucet and Elbandi's Minifaucet). Does anyone have any details about that?

I can provide you with the full list of sites affected...

Thanks for the PDF you've sent us through email with FAQ of the bot. So the problem is that https://rucaptcha.com/ became cheap enough to use to abuse faucets. With about $0.50 per 1000 solves it means that it's profitable for the abusers if a single normal payout + referral payout is more than ~170 satoshi (if I done the math right).

We're brainstorming about solutions right now, but it'll be tough to solve, especially if we don't want to hit legitimate users. The reasons are:

1. we can't block IP addresses, because they're using on-demand VPS services, which means that they can get a new IP address in 30 seconds. It also means that simply blocking by country won't work. What's more, FaucetBOX.com API doesn't know users' IP addresses (by design), so that would have to be done on faucet end.
2. we can't block bitcoin addresses, as creating a new one would take one second.
3. we can't try to identify whether a real browser is used or not, because this bot is using a real browser.
4. we don't want to require a registration and verification from users (which would make banning them possible). It was and is our main feature that faucet users don't have to visit FaucetBOX.com or even know about it to receive their coins. It's what allowed FaucetBOX.com and faucets based on it to grow.
5. there's nothing else we can use to identify users.

So things I can recommend to you right now if you're concerned about this issue is:

1. make your faucet as unique as possible (not just graphically, but for example by making a minigames). It's easy to abuse faucets if every one of them works almost the same way. No one will bother to write a bot just for your unique faucet.
2. lower your rewards, so that a single average reward + referral percent is lower than ~150 satoshi. You can offset that by lowering your timer too. That way abusers will pay more for solving the captcha then they're getting from you.
3. use unpopular captchas. I think that Rucaptcha works for reCaptcha and Solve Media, but I'm yet to confirm that.
sr. member
Activity: 714
Merit: 250
Defend Bitcoin and its PoW: bitcoincleanup.com
August 04, 2015, 02:45:00 AM
We're getting reports about iMacro scripts for abusing faucets (all kinds, not just Faucet in a Box, but also Microwallet's Microfaucet and Elbandi's Minifaucet). Does anyone have any details about that?

I can provide you with the full list of sites affected...

legendary
Activity: 971
Merit: 1000
August 03, 2015, 04:19:57 PM
We're getting reports about iMacro scripts for abusing faucets (all kinds, not just Faucet in a Box, but also Microwallet's Microfaucet and Elbandi's Minifaucet). Does anyone have any details about that?
member
Activity: 99
Merit: 10
August 03, 2015, 09:22:50 AM

Can you check it now? If you still don't see it, please send me transaction id.
it seems that everything is good now, thanks Smiley
legendary
Activity: 971
Merit: 1000
August 03, 2015, 09:17:59 AM
i think its a problem with deposits,because just I deposited some satoshi but do not appear transaction and in blockchain have more than 4 confirmations

Can you check it now? If you still don't see it, please send me transaction id.
member
Activity: 99
Merit: 10
August 03, 2015, 09:08:17 AM
i think its a problem with deposits,because just I deposited some satoshi but do not appear transaction and in blockchain have more than 4 confirmations
legendary
Activity: 1778
Merit: 1026
Free WSPU2 Token or real dollars
August 03, 2015, 09:03:31 AM
it seems ok now...
thanks for your prompt work.
legendary
Activity: 971
Merit: 1000
August 03, 2015, 08:46:53 AM
we have "unknow problem" message after faucet claim.

Other faucets seem to work correctly. Can you upload this to your server and send me a link to it: http://pastebin.com/raw.php?i=JzMjX3AX ? It will tell something more I hope.
legendary
Activity: 1778
Merit: 1026
Free WSPU2 Token or real dollars
August 03, 2015, 08:40:01 AM
we have "unknow problem" message after faucet claim.
legendary
Activity: 971
Merit: 1000
August 03, 2015, 08:37:46 AM
I've worked around the problem so it should work for now, but it can stop working again for a couple minutes later today.
legendary
Activity: 971
Merit: 1000
August 03, 2015, 08:34:54 AM

Looks like routing problems at our datacenter. Too early to say for sure.

is it going to be a long maintenance or short one? thanks

No idea.
sr. member
Activity: 280
Merit: 250
August 03, 2015, 08:24:43 AM
is it going to be a long maintenance or short one? thanks
member
Activity: 99
Merit: 10
legendary
Activity: 971
Merit: 1000
August 03, 2015, 08:14:18 AM
website is offline
Working on it already.
Jump to: