Pages:
Author

Topic: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet - page 11. (Read 18881 times)

sr. member
Activity: 350
Merit: 250
Thus more complete

Code:
# Block Proxy
#5
RewriteCond %{HTTP:X_HTTP_BRAZIL_FORWARDED_FOR} !^$ [OR]
#5
RewriteCond %{HTTP:HTTP_X_BRAZIL_FORWARDED_FOR} !^$ [OR]
#4
RewriteCond %{HTTP:X_HTTP_FORWARDED_FOR}        !^$ [OR]
RewriteCond %{HTTP:X_HTTP_PROXY_CONNECTION}     !^$ [OR]
RewriteCond %{HTTP:X_HTTP_XPROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:X_HTTP_XROXY_CONNECTION}     !^$ [OR]
RewriteCond %{HTTP:X_HTTP_PROXY_ID}             !^$ [OR]
RewriteCond %{HTTP:X_HTTP_XPROXY_ID}            !^$ [OR]
RewriteCond %{HTTP:X_HTTP_XROXY_ID}             !^$ [OR]
#4
RewriteCond %{HTTP:FORWARDED_HTTP_FOR_IP}       !^$ [OR]
RewriteCond %{HTTP:HTTP_FORWARDED_FOR_IP}       !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR}         !^$ [OR]
RewriteCond %{HTTP:HTTP_X_FORWARDED_FOR}        !^$ [OR]
RewriteCond %{HTTP:HTTP_X_PROXY_CONNECTION}     !^$ [OR]
RewriteCond %{HTTP:HTTP_X_XPROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:HTTP_X_XROXY_CONNECTION}     !^$ [OR]
RewriteCond %{HTTP:HTTP_X_PROXY_ID}             !^$ [OR]
RewriteCond %{HTTP:HTTP_X_XPROXY_ID}            !^$ [OR]
RewriteCond %{HTTP:HTTP_X_XROXY_ID}             !^$ [OR]
#3
RewriteCond %{HTTP:X_FORWARDED_FOR}             !^$ [OR]
RewriteCond %{HTTP:X_HTTP_FORWARDED}            !^$ [OR]
RewriteCond %{HTTP:X_PROXY_CONNECTION}          !^$ [OR]
RewriteCond %{HTTP:X_PROXY_ID}                  !^$ [OR]
RewriteCond %{HTTP:X_USERAGENT_VIA}             !^$ [OR]
RewriteCond %{HTTP:X_XPROXY_CONNECTION}         !^$ [OR]
RewriteCond %{HTTP:X_XPROXY_ID}                 !^$ [OR]
RewriteCond %{HTTP:X_XROXY_CONNECTION}          !^$ [OR]
RewriteCond %{HTTP:X_XROXY_ID}                  !^$ [OR]
#3
RewriteCond %{HTTP:CLIENT_HTTP_IP}              !^$ [OR]
RewriteCond %{HTTP:FORWARDED_FOR_IP}            !^$ [OR]
RewriteCond %{HTTP:FORWARDED_HTTP_FOR}          !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}              !^$ [OR]
RewriteCond %{HTTP:HTTP_FORWARDED_FOR}          !^$ [OR]
RewriteCond %{HTTP:HTTP_PROXY_CONNECTION}       !^$ [OR]
RewriteCond %{HTTP:HTTP_PROXY_ID}               !^$ [OR]
RewriteCond %{HTTP:HTTP_USERAGENT_VIA}          !^$ [OR]
RewriteCond %{HTTP:HTTP_XPROXY_CONNECTION}      !^$ [OR]
RewriteCond %{HTTP:HTTP_XPROXY_ID}              !^$ [OR]
RewriteCond %{HTTP:HTTP_XROXY_CONNECTION}       !^$ [OR]
RewriteCond %{HTTP:HTTP_XROXY_ID}               !^$ [OR]
RewriteCond %{HTTP:HTTP_X_FORWARDED}            !^$ [OR]
RewriteCond %{HTTP:PC_REMOTE_ADDR}              !^$ [OR]
RewriteCond %{HTTP:PROXY_HTTP_CONNECTION}       !^$ [OR]
RewriteCond %{HTTP:USERAGENT_HTTP_VIA}          !^$ [OR]
RewriteCond %{HTTP:XPROXY_HTTP_CONNECTION}      !^$ [OR]
RewriteCond %{HTTP:XROXY_HTTP_CONNECTION}       !^$ [OR]
#2
RewriteCond %{HTTP:X_FORWARDED}                 !^$ [OR]
RewriteCond %{HTTP:X_PROXY}                     !^$ [OR]
RewriteCond %{HTTP:X_XPROXY}                    !^$ [OR]
RewriteCond %{HTTP:X_XROXY}                     !^$ [OR]
#2
RewriteCond %{HTTP:CLIENT_IP}                   !^$ [OR]
RewriteCond %{HTTP:FORWARDED_FOR}               !^$ [OR]
RewriteCond %{HTTP:HTTP_FORWARDED}              !^$ [OR]
RewriteCond %{HTTP:HTTP_PROXY}                  !^$ [OR]
RewriteCond %{HTTP:HTTP_VIA}                    !^$ [OR]
RewriteCond %{HTTP:HTTP_XPROXY}                 !^$ [OR]
RewriteCond %{HTTP:HTTP_XROXY}                  !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}            !^$ [OR]
RewriteCond %{HTTP:PROXY_ID}                    !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}               !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}           !^$ [OR]
RewriteCond %{HTTP:XPROXY_ID}                   !^$ [OR]
RewriteCond %{HTTP:XROXY_CONNECTION}            !^$ [OR]
RewriteCond %{HTTP:XROXY_ID}                    !^$ [OR]
#1
RewriteCond %{HTTP:FORWARDED}                   !^$ [OR]
RewriteCond %{HTTP:PROXY}                       !^$ [OR]
RewriteCond %{HTTP:USERAGENT}                   !^$ [OR]
RewriteCond %{HTTP:VIA}                         !^$ [OR]
RewriteCond %{HTTP:XPROXY}                      !^$ [OR]
RewriteCond %{HTTP:XROXY}                       !^$ [OR]
RewriteRule ^(.*)$ – [F]
member
Activity: 115
Merit: 10
how is going for u essence owner? 6700 ip`s banned o.O?
member
Activity: 155
Merit: 10

Yes, except yours didn't work very well, I was still getting ALOT of bots.
member
Activity: 155
Merit: 10
They're TOR ips and in my new .htaccess I've blocked Russia and China from accessing my faucet. It appears to have stopped them.
member
Activity: 115
Merit: 10
There are a lot of fuking ips mate! all are ips bots?

can i talk with u via skype?

best regards
member
Activity: 155
Merit: 10
Optional

I have google analytics on my faucet and I realized that, almost all the traffic was coming from Russia or China.... So I found out about this site called http://www.blockacountry.com, it allows you to block whole countries from accessing your website. This route is optional, but super effective. The only downside is it affects real people from accessing your faucet.
member
Activity: 155
Merit: 10
Everything in this tutorial is being used on my faucet. Check it out HERE to see it in action!



Step 1

In the root directory of your server, there should be a file called .htaccess, HERE'S WHAT MINE LOOKS LIKE Copy and paste it to yours.

This will block all the TOR relays/exit nodes from accessing your website. TOR is good to block because it's one of the main things people use to bypass your time limit. Just google "bypass faucet time limit" you will see that it's one of the ways people bypass your time limit.

To get an updated list of tor exit nodes visit https://www.dan.me.uk/torlist/

Here's a website to paste the IP's, it will generate the proper code for you. http://www.htaccesstools.com/block-ips/



Step Two

In your faucet template, ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php, place this code, anywhere in the tag.

Code:
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80$errstr$errno1))
die(
"It would apprear you're using a proxy, so please, go fuck yourself!");

function 
checkProxy($ip){
$contactEmail="EMAIL";
$timeout=3
$banOnProability=0.99;

$ch curl_init();
curl_setopt($chCURLOPT_RETURNTRANSFER1);
curl_setopt($chCURLOPT_TIMEOUT$timeout);
curl_setopt($chCURLOPT_URL"http://check.getipintel.net/check.php?ip=$ip");
$response=curl_exec($ch);

curl_close($ch);


if ($response $banOnProability) {
return true;
} else {
if ($response || strcmp($response"") == ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}
}
$ip=$_SERVER['REMOTE_ADDR'];
if (
checkProxy($ip)) {
echo "It would apprear you're using a proxy, so please, go fuck yourself! ";
}
?>


Here's a website to check if your faucet is still vulnerable. http://boomproxy.com/



Step Three

Log into funcaptcha, then click "site settings"


Scroll down and click on the little gear, underneath "setup".

Then scroll down to the "security" tab select "always enhanced". Click save, then wait 5-10 minutes. Your captcha will now be alot harder for bots to bypass.





Step Four

In step four we will be adding a simple math question displayed as an image as a second captcha. Faucet users cannot claim their satoshi until the math question is solved.

Download PHP captcha HERE extract it and add the "captcha" folder to your root directory. If you don't trust that download you can find the original HERE, it will require some configuring though.

Now open your template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) paste the following code at the very top line above :
Code:
(); ?>

Paste the following code where you would like the equation to appear
Code:

Now you need to create a PHP document. I use a program called Notepad++, however any text editor will work. Create a new document, then paste in the following code:
Code:

include_once $_SERVER['DOCUMENT_ROOT'] . '/captcha/securimage.php';

$securimage = new Securimage();

if ($securimage->check($_POST['captcha_code']) == false) {
  // the code was incorrect
  // you should handle the error so that the form processor doesn't continue

  // or you can use the following code if there is no validation or you do not know how
  echo "I'm sorry but you have to answer the math question correctly!.";
  echo "Please go back and use a caculator.";
  exit;
}

?>


Keep the document open. Open your faucet index page, it will most likely be index.php in your ROOTDIRECTORY. (Not the template index.php) Now press CTRL+A and select everything and copy it. Go back to the document you were just making and paste it on the very bottom, underneath the ?>  Now save the file as what ever you want, I called mine math.php.

Go back to your faucet template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) search for the following:

on that same line link your PHP file to it like so:
Code:


Now you should have a working math eqution that users have to answer correctly before using your faucet.



I hope this helps other faucet owners, as it's terrible how bots think they can steal our valuable satoshis :3 You try and be nice, by giving people free bitcoins and they feel the need to exploit it.
Pages:
Jump to: