Pages:
Author

Topic: FaucetBOX.com Discussion - page 89. (Read 237020 times)

full member
Activity: 146
Merit: 100
December 10, 2015, 12:25:20 PM
now day different type scam available one of site satoshi4u.com

Its look like paying site but it is not ..How can we report this type of scammer so FaucetBOX.com  authority remove this type of scammer from faucetbox.com/en/list .. ..satoshi4u.com ..



It just paid me. But faucet owner may have cheated with code to show high but pay low

ha ha he also make u fool ..like me and rest of all ..

check your stats! in https://faucetbox.com/

and tell me how much he pay u zero ..
member
Activity: 120
Merit: 10
December 10, 2015, 11:49:20 AM
now day different type scam available one of site satoshi4u.com

Its look like paying site but it is not ..How can we report this type of scammer so FaucetBOX.com  authority remove this type of scammer from faucetbox.com/en/list .. ..satoshi4u.com ..



It just paid me. But faucet owner may have cheated with code to show high but pay low
full member
Activity: 146
Merit: 100
December 10, 2015, 11:38:08 AM
now day different type scam available one of site satoshi4u.com

Its look like paying site but it is not ..How can we report this type of scammer so FaucetBOX.com  authority remove this type of scammer from faucetbox.com/en/list .. ..satoshi4u.com ..

member
Activity: 120
Merit: 10
December 09, 2015, 10:50:46 PM
There is a bot that successfully claiming and draining my faucet.
It bypass the page content,and like accessing the form via API.
Fyi.

Use cloudflare Threat Control Security.

All bots will be fooled with cloudflare

Unfortunately CloudFlare lets through bots that are using real browsers as an engine, which includes all bots written with Selenium or iMacros. CloudFlare isn't a silver bullet, you have to use many ways to protect your site.

Kazuldur  Can you make some new code in php to restrict claiming to when Ads are displayed.

Also Cloudflare just  saved my day. It is not permanent solution but cloudflare can reduce the intensive attacks. My server was going to crash with bots attack but after cloudflare all things are cool now. Cloudflare also provide threat control to ban IP's. Also cloudflare check the browser every time to see the unusual behavior from IP. faucetbox security did not help me to avoid bot attack, cloudflare helped me
legendary
Activity: 971
Merit: 1000
December 09, 2015, 05:04:19 PM
There is a bot that successfully claiming and draining my faucet.
It bypass the page content,and like accessing the form via API.
Fyi.

Use cloudflare Threat Control Security.

All bots will be fooled with cloudflare

Unfortunately CloudFlare lets through bots that are using real browsers as an engine, which includes all bots written with Selenium or iMacros. CloudFlare isn't a silver bullet, you have to use many ways to protect your site.
member
Activity: 120
Merit: 10
December 09, 2015, 11:14:24 AM
There is a bot that successfully claiming and draining my faucet.
It bypass the page content,and like accessing the form via API.
Fyi.

Use cloudflare Threat Control Security.

All bots will be fooled with cloudflare
legendary
Activity: 1022
Merit: 1000
December 09, 2015, 01:23:05 AM
There is a bot that successfully claiming and draining my faucet.
It bypass the page content,and like accessing the form via API.
Fyi.
legendary
Activity: 2646
Merit: 1722
https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF
December 08, 2015, 01:06:53 PM
...


You have done great work keep it updated. Thanks

Thanks!

One other good thing regarding the 'Not an access provider or ISP' list is that you can actually use it to find really good cheap hosting for your new faucets too ! Some of them even accept Bitcoin payments, remember not all of the hosts listed are 'friendly' though.

Oh, and ...  http://humanstxt.org/   Wink
member
Activity: 120
Merit: 10
December 08, 2015, 12:45:38 PM
BitcoinFX you are right but I want my faucet to be used on Actual Browsers with humans and VPN Proxy is not hurting my faucet. Bots are some thing which destroy my web server. yesterday I got bots attack and I made payouts to 1 satoshi per claim. And I seen allot of IPs claiming with different addy for 1 satoshi and my Server CPU becoming hot. I check it with Google analytic Real time Traffic and those referrals were not there in analystic. So I just used Cloudflare to tackle with Actual Browser. So From that point all bots just stopped

Good that you stopped the bots by just using cloudflare then !

I completely understand wanting to allow as many 'human' visitors to your website as possible, even from proxies and VPN customers etc.,

However, the reality is that most of the visitors from proxies or VPN's are 'gaming' faucets and making multiple claims on mass.

Although, the 'Not an access provider or ISP' list I posted is (optional), after all !  Smiley

You have done great work keep it updated. Thanks
legendary
Activity: 2646
Merit: 1722
https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF
December 08, 2015, 12:38:56 PM
BitcoinFX you are right but I want my faucet to be used on Actual Browsers with humans and VPN Proxy is not hurting my faucet. Bots are some thing which destroy my web server. yesterday I got bots attack and I made payouts to 1 satoshi per claim. And I seen allot of IPs claiming with different addy for 1 satoshi and my Server CPU becoming hot. I check it with Google analytic Real time Traffic and those referrals were not there in analystic. So I just used Cloudflare to tackle with Actual Browser. So From that point all bots just stopped

Good that you stopped the bots by just using cloudflare then !

I completely understand wanting to allow as many 'human' visitors to your website as possible, even from proxies and VPN customers etc.,

However, the reality is that most of the visitors from proxies or VPN's are 'gaming' faucets and making multiple claims on mass.

Although, the 'Not an access provider or ISP' list I posted is (optional), after all !  Smiley
member
Activity: 120
Merit: 10
December 08, 2015, 12:15:35 PM
BitcoinFX you are right but I want my faucet to be used on Actual Browsers with humans and VPN Proxy is not hurting my faucet. Bots are some thing which destroy my web server. yesterday I got bots attack and I made payouts to 1 satoshi per claim. And I seen allot of IPs claiming with different addy for 1 satoshi and my Server CPU becoming hot. I check it with Google analytic Real time Traffic and those referrals were not there in analystic. So I just used Cloudflare to tackle with Actual Browser. So From that point all bots just stopped
legendary
Activity: 2646
Merit: 1722
https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF
December 08, 2015, 09:59:44 AM
Updated - 'Not an access provider or ISP' list: https://bitcointalksearch.org/topic/m.13125867

2nd list for Hosting / Virtual Servers / Dedicated / Cloud / VPS / Colocation etc.,

- Confirmed domains with currently Unconfirmed Reverse look-up addresses.

Now working on a Reverse look-up list for known VPS / Proxy / Cache providers.


Using the Bad-Behavior Anti-SPAM script (+ httpbl_key) and this list within the FaucetBox.com Script (NastyHosts.com enabled) and not seeing very many bots getting through. Probably less still once cloudflare is re-enabled, after some more testing.
 

Thank you very much for your help friend, but what is httpbl_key?


 i Think it is not permanent solution to bots. Cloudflare Browser checking before accessing website feature is far more better than any of above features. How many VPS and proxy IPs will you block. it is too much hard to block all bots IPs  

What I have posted is a multi-pronged solution, which is also fully compatible with cloudflare and the FaucetBOX.com script.

Faucet admins. can use the hostnames lists within the FaucetBOX.com script and the Bad-Behavior script and cloudflare, together in combination .

- https://bitcointalksearch.org/topic/m.13122044

As an example for just how effective this is for blocking VPN and proxy providers from a faucet we can look at zenmate.com (a known and popular VPN provider that also has a free browser plug-in). Some of their proxies have a reverse look-up as zenmate.com and they currently operate 4 free locations (with multiple IP ranges) in Hong Kong, Romania, USA and Germany - the Hong Kong location uses pacswitch.com , the Romania location uses voxility.net and the USA and Germany locations use leaseweb.com / leaseweb.net . Thus, by using this list in combination with FaucetBOX.com / NastyHosts.com (provided look-up service) we are already blocking access to the faucet from this VPN / proxy provider (without any IP blocking being necessary). Furthermore, blocking said 'Not an access provider or ISP' ranges also blocks thousands of other VPN and proxy users with accounts on these hosts.

Cloudflare simply does not block any or all known proxy and VPN accounts having clean traffic and only good User-Agents. They only block traffic known to be 'bad' and/or that which appears to be questionable (i.e. 'bad' User-Agent or originating from a Hijacked IP range or recently participating in a DDoS attack or being part of a botnet etc.) and even then, they are mostly only presenting these bots with captchas, which for advanced bots, being capable of completing captchas are actually often passable !

Using the Bad-Behavior Anti-SPAM (and the mod. script) will also help to block loads of other junk from a faucet website and when used in combination with cloudflare will provide very comprehensive web security, making 'gaming' your faucets that bit more difficult. The Bad-Behavior script actually improves cloudflare security - being a locally hosted, rule based firewall, compatible with the existing cloudflare solution.

Adding a free httpbl_key into Bad-Behavior from projecthoneypot.org will screen and block known 'bad' IP's listed in their database, having been seen across multiple sites and honeypots. The reality being that many Hijacked IP ranges and existing Botnets are capable of making claims from faucets on mass. Moreover, many Tor exit nodes have a current listing with projecthoneypot.org and so this method will effectively block Tor. Again, loads of Tor exit nodes are also hosted in the 'Not an access provider or ISP' list.

Using direct proxy detection / proxy blocking in your .htaccess is also an option as an extra layer of security.

- https://perishablepress.com/how-to-block-proxy-servers-via-htaccess/ and https://perishablepress.com/block-tough-proxies/

Trying to block by individual IP addresses is largely ineffective and way to time consuming.
legendary
Activity: 971
Merit: 1000
December 08, 2015, 02:10:30 AM
Kazuldur I am having this error sometimes, I don't know what it means, could tell me if I need to do something?

Code:
PHP Warning:  Error while sending QUERY packet. PID=696964 in /index.php on line 1410
PHP Fatal error:  Uncaught exception 'PDOException' with message 'SQLSTATE[HY000]: General error: 2006 MySQL server has gone away' in /index.php:1410
Stack trace:
#0 /index.php(1410): PDO->query('SELECT `value` ...')
#1 /index.php(2291): getIP()
#2 {main}
  thrown in /index.php on line 1410

Greetings thank you

It means that MySQL (database) closed the connection. Usually it means that your hosting isn't good enough for your traffic.
sr. member
Activity: 350
Merit: 250
December 08, 2015, 01:41:13 AM
Kazuldur I am having this error sometimes, I don't know what it means, could tell me if I need to do something?

Code:
PHP Warning:  Error while sending QUERY packet. PID=696964 in /index.php on line 1410
PHP Fatal error:  Uncaught exception 'PDOException' with message 'SQLSTATE[HY000]: General error: 2006 MySQL server has gone away' in /index.php:1410
Stack trace:
#0 /index.php(1410): PDO->query('SELECT `value` ...')
#1 /index.php(2291): getIP()
#2 {main}
  thrown in /index.php on line 1410

Greetings thank you
member
Activity: 120
Merit: 10
December 07, 2015, 10:31:35 PM
Updated - 'Not an access provider or ISP' list: https://bitcointalksearch.org/topic/m.13125867

2nd list for Hosting / Virtual Servers / Dedicated / Cloud / VPS / Colocation etc.,

- Confirmed domains with currently Unconfirmed Reverse look-up addresses.

Now working on a Reverse look-up list for known VPS / Proxy / Cache providers.


Using the Bad-Behavior Anti-SPAM script (+ httpbl_key) and this list within the FaucetBox.com Script (NastyHosts.com enabled) and not seeing very many bots getting through. Probably less still once cloudflare is re-enabled, after some more testing.
 

Thank you very much for your help friend, but what is httpbl_key?


 i Think it is not permanent solution to bots. Cloudflare Browser checking before accessing website feature is far more better than any of above features. How many VPS and proxy IPs will you block. it is too much hard to block all bots IPs  
sr. member
Activity: 350
Merit: 250
December 07, 2015, 10:29:01 PM

Thank you very much for your help friend, but what is httpbl_key?


It's a free API key from https://www.projecthoneypot.org/ which can be used with the Bad-Behavior Anti-SPAM script to block known 'bad' IP's.

- https://bitcointalksearch.org/topic/m.13122044


Thank you
legendary
Activity: 2646
Merit: 1722
https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF
December 07, 2015, 10:06:34 PM

Thank you very much for your help friend, but what is httpbl_key?


It's a free API key from https://www.projecthoneypot.org/ which can be used with the Bad-Behavior Anti-SPAM script to block known 'bad' IP's.

- https://bitcointalksearch.org/topic/m.13122044

sr. member
Activity: 350
Merit: 250
December 07, 2015, 09:36:54 PM
Updated - 'Not an access provider or ISP' list: https://bitcointalksearch.org/topic/m.13125867

2nd list for Hosting / Virtual Servers / Dedicated / Cloud / VPS / Colocation etc.,

- Confirmed domains with currently Unconfirmed Reverse look-up addresses.

Now working on a Reverse look-up list for known VPS / Proxy / Cache providers.


Using the Bad-Behavior Anti-SPAM script (+ httpbl_key) and this list within the FaucetBox.com Script (NastyHosts.com enabled) and not seeing very many bots getting through. Probably less still once cloudflare is re-enabled, after some more testing.
 

Thank you very much for your help friend, but what is httpbl_key?
legendary
Activity: 2646
Merit: 1722
https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF
December 07, 2015, 09:34:00 PM
What really needs to be locked down is incoming traffic sources for services such as, 2captcha .com , anti-captcha .com and others - that do have an API compatible with known faucet bots. They in fact decentralized the captcha look-ups to workers, although some checking, detection and blocking should be possible.
sr. member
Activity: 266
Merit: 250
December 07, 2015, 09:26:23 PM
ARe there any new Faucets giving more than 1k satoshi to you? That would be nice for now  Grin  Cheesy

There are simply to less faucets that are really gfiving good profits Wink


regards
lama-hunter
Pages:
Jump to: