Hi,
Thanks for your support and help
Can anyone help me how to implement this code in Wordpress site?
Thanks
Topic: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet (Read 18793 times)
Is there a method to block certain btc address if I'm not using faucetbox script? Yjahnks
Which script are you using 1st tell me. If you' are using xapo than I can help you easily. It's very easy to block email add or btc address.
…………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹……………
Is there a method to block certain btc address if I'm not using faucetbox script? Yjahnks
Which script are you using 1st tell me. If you' are using xapo than I can help you easily. It's very easy to block email add or btc address.
…………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹……………
Is there a method to block certain btc address if I'm not using faucetbox script? Yjahnks
There is always a fix... 
Open your Template index.php
Replace:
with:
That's it!
Open your Template index.php
Replace:
Code:
echo $data["reflink"]; ?>with:
Code:
echo str_replace("math.php","",$data["reflink"]); ?>That's it!
use a
and closing
...
And there is a Problem!
After using this math script, the referral link become:
-- http://yoursite.com/faucet/math.php?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN
Instead of:
-- http://yoursite.com/faucet/?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN
How to fix it?
And there is a Problem!
After using this math script, the referral link become:
-- http://yoursite.com/faucet/math.php?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN
Instead of:
-- http://yoursite.com/faucet/?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN
How to fix it?
I've asked that a long time ago
I use the math captcha but there is a slight problem,
The referral becomes http://xfaucet.digi-eye.xyz/math.php/?r=address instead of the original http://xfaucet.digi-eye.xyz/?r=address
Notice the math.php appended on the original ref link? Is there a way to fix that?
The referral becomes http://xfaucet.digi-eye.xyz/math.php/?r=address instead of the original http://xfaucet.digi-eye.xyz/?r=address
Notice the math.php appended on the original ref link? Is there a way to fix that?
But, still no answer, it seems that there is no fix for this.
Everything in this tutorial is being used on my faucet. Check it out HERE to see it in action!
Step Four
In step four we will be adding a simple math question displayed as an image as a second captcha. Faucet users cannot claim their satoshi until the math question is solved.
Download PHP captcha HERE extract it and add the "captcha" folder to your root directory. If you don't trust that download you can find the original HERE, it will require some configuring though.
Now open your template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) paste the following code at the very top line above :
Code:
(); ?>
Paste the following code where you would like the equation to appear
Code:
Now you need to create a PHP document. I use a program called Notepad++, however any text editor will work. Create a new document, then paste in the following code:
Code:
include_once $_SERVER['DOCUMENT_ROOT'] . '/captcha/securimage.php';
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
// the code was incorrect
// you should handle the error so that the form processor doesn't continue
// or you can use the following code if there is no validation or you do not know how
echo "I'm sorry but you have to answer the math question correctly!.
echo "Please go back and use a caculator.";
exit;
}
?>
Keep the document open. Open your faucet index page, it will most likely be index.php in your ROOTDIRECTORY. (Not the template index.php) Now press CTRL+A and select everything and copy it. Go back to the document you were just making and paste it on the very bottom, underneath the ?> Now save the file as what ever you want, I called mine math.php.
Go back to your faucet template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) search for the following:
on that same line link your PHP file to it like so:
Code:
About the Step 4... Why don't you just use:
Code:
include_once $_SERVER['DOCUMENT_ROOT'] . '/faucet/index.php';
Instead of select everything, copy it, go back to the document you were just making and paste it on the very bottom?
And there is a Problem!
After using this math script, the referral link become:
-- http://yoursite.com/faucet/math.php?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN
Instead of:
-- http://yoursite.com/faucet/?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN
How to fix it?
Quote
include_once $_SERVER['DOCUMENT_ROOT'] . '/captcha/securimage.php';
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
// the code was incorrect
// you should handle the error so that the form processor doesn't continue
// or you can use the following code if there is no validation or you do not know how
echo "I'm sorry but you have to answer the math question correctly!.
";
echo "Please go back and use a caculator.";
exit;
}
?>
how about i change this script
echo "Please go back and use a caculator.";
to this
echo "Please go back and use a caculator.";
its ok?
if i use script above i got eror but if i change the link its work
I was wondering what gifted's index.php script did.
The new index.php script added this code at lines 1575 - 1614:Code:
//We do not allow proxy here
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It would apprear you're using a proxy, so please, go fuck yourself!");
function checkProxy($ip){
$contactEmail="[email protected]";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http://check.getipintel.net/check.php?ip=$ip");
$response=curl_exec($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//There's a lot of comment here that I removed, look it up on the index.php file if you're interested in what it says
}
return false;
}
}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It would apprear you're using a proxy, so please, go fuck yourself!
}
?>Basically, here is what it does:
Code:
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It would apprear you're using a proxy, so please, go fuck yourself!");
...
This would likely work somewhat, however would throw some false-positives for anyone with Port 80 on their network open (E.G running a web server, using a public WiFi network and other things all may have Port 80 open), not to mention this port can simply be remapped if needed meaning attackers can bypass this anyway. You can even check if it is open on your network here, if it is this script will block you....
OpenVPN automatically uses Port 80, however this can be remapped to a different Port as the page describes allowing it to pass. My AWS VPS currently has Port 80 closed, meaning this script would let me pass using it.
Code:
function checkProxy($ip){
$contactEmail="[email protected]";
$timeout=3;
$banOnProability=0.99;
- Some random e-mail address, not too sure what that is for (as it is not used anywhere else in the script).
- The amount of seconds for PHP to try to access the URL. If the URL can't be found in this amount of seconds (3) then the connection will die.
- If the URL returns higher than this number, then the user is banned - This should be explained more in the next few chunks of code. (It should also be spelled probability)
Code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http://check.getipintel.net/check.php?ip=$ip");
$response=curl_exec($ch);
curl_close($ch);
Code:
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//snip
}
return false;
}
The if ($response < 0 || strcmp($response, "") == 0 ) { is used to find if the response was empty and if the server is having any problems, though the code doesn't do anything in this so it is somewhat useless (unless you want to edit it yourself).
Code:
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It would apprear you're using a proxy, so please, go fuck yourself!
";
}
This is a more reliable method of detecting bots and other attackers than seeing if a port is open, however (unless you're winning to pay) it is only functional for 500 users per day.
There are no other changes to the original code as far as I can see, feel free to check it yourself using a difference checking tool. It should also be noted that this script only works with FaucetInABox version r63, as r64 changes the code in index.php significantly I believe.
I was wondering what gifted's index.php script did.
Probably steals your coins
I was wondering what gifted's index.php script did.
What does that script do exactly?
Which script do you mean? The first one in the thread?How do bot get past the captchas exactly?
They use an API which sends the captcha's image to a server (for a small fee) where another person then solves it for a reward.
How do bot get past the captchas exactly?
What does that script do exactly?
best thing to do is use Step Four
yes i did that step and step 2 also both work great
but it would be great if all proxy users can access main page but not get reward
i think this better for CPM ads ?
best thing to do is use Step Four
yes i did that step and step 2 also both work great
but it would be great if all proxy users can access main page but not get reward
i think this better for CPM ads ?
so yes i have figured out how to do that for you using an xapo faucet... i will check it with faucetbox
Alfaboy you might want to use this
Alfaboy you might want to use this
Code:
//Checks that the username is not empty
if (!isset($_POST['username'])||$_POST['username']=="") {
$view['main']['result_html'] = '';Missing email address!
$message = "Missing email address";
goto error;
}
$username = $_POST['username'];
//Checks if the user has written something in the captcha box
$captchaChallange = $_POST['adcopy_challenge'];
$captchaResponse = $_POST['adcopy_response'];
if (empty($captchaChallange) || empty($captchaResponse)) {
$view['main']['result_html'] = '';Missing captcha, try again!
$message = "Missing captcha";
goto error;
}
$response = @file('http://verify.solvemedia.com/papi/verify?privatekey=' . $settings['solvemedia_verification_key'] . '&challenge=' . rawurlencode($captchaChallange) . '&response=' . rawurlencode($captchaResponse) . '&remoteip=' . $ip);
if (!isset($response[0]) || trim($response[0]) === 'false'){
$view['main']['result_html'] = '';Wrong captcha!
$message = "Wrong captcha";
}
//We do not allow proxy here
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It would apprear you're using a proxy, so please, go fuck yourself!");
function checkProxy($ip){
$contactEmail="EMAIL";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http://check.getipintel.net/check.php?ip=$ip");
$response=curl_exec($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}
}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It would apprear you're using a proxy, so please, go fuck yourself!
";
}
//timer check
best thing to do is use Step Four
yes i did that step and step 2 also both work great
but it would be great if all proxy users can access main page but not get reward
i think this better for CPM ads ?
best thing to do is use Step Four
yes i did that step and step 2 also both work great
but it would be great if all proxy users can access main page but not get reward
i think this better for CPM ads ?
Jump to: