wow loks like many bots visit your faucet 
Rather me than you guys. I will work on it and if I find a way to stop them I'll update you.
Topic: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet - page 4. (Read 18802 times)
Rather me than you guys. I will work on it and if I find a way to stop them I'll update you.
wow loks like many bots visit your faucet
Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not.
Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
oh you're not using faucetinabox. hmm it still is probably a directory issue. Just mess around with it until you get it right. If you need to go back a directors its like so ./libs if you need to go back 2, 3 4 times? its. /../libs, or /../../libs etc.Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
Hey, thanks for extra help. I have already added other antibot to my faucetinabox faucets, but in two other scripts where I would like to get extra protection is bigger problems. Other has captcha in root index, not in themes/index and other has already action in
So, maybe it is easier just to use only faucetinabox, because that is common and most addons and help are for that script. Dont know yet, but that is enough offtopic.
Well the maths question hasn't helped me at all! infact I'm a bit suspicious of it but I'm probably just paranoid. Since installing I've had a big bot problem!
Just today 14/01
3886 claims! at 1-2 satoshi! Who would bother, there is a message that says only rewarding 1-2 satoshi as well. Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not.
Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
oh you're not using faucetinabox. hmm it still is probably a directory issue. Just mess around with it until you get it right. If you need to go back a directors its like so ./libs if you need to go back 2, 3 4 times? its. /../libs, or /../../libs etc.Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
Hey, thanks for extra help. I have already added other antibot to my faucetinabox faucets, but in two other scripts where I would like to get extra protection is bigger problems. Other has captcha in root index, not in themes/index and other has already action in
So, maybe it is easier just to use only faucetinabox, because that is common and most addons and help are for that script. Dont know yet, but that is enough offtopic.
Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not.
Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
oh you're not using faucetinabox. hmm it still is probably a directory issue. Just mess around with it until you get it right. If you need to go back a directors its like so ./libs if you need to go back 2, 3 4 times? its. /../libs, or /../../libs etc. Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not.
Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX".
@AlexAce420
Just playing in my back up website... but the math questions does not load:
I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.)
Just playing in my back up website... but the math questions does not load:
I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.)
Got same error when tried this some time ago.
This would be great to get working, because looks like it could be added to any faucet without modifying faucet code.
I had the same problem but managed to fix it. It's a directory issue.
/libs/captcha/securimage_show.php - put that, the original code misses the libs section as shown below.
[ New Problem ]
@AlexAce420
Just playing in my back up website... but the math questions does not load:
I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.)
Just playing in my back up website... but the math questions does not load:
I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.)
Got same error when tried this some time ago.
This would be great to get working, because looks like it could be added to any faucet without modifying faucet code.
@AlexAce420
Just playing in my back up website... but the math questions does not load:
http://i67.tinypic.com/mh7ziq.png
I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.)
Just playing in my back up website... but the math questions does not load:
http://i67.tinypic.com/mh7ziq.png
I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.)
I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database.
Pretty serious stuff.
http://www.unixwiz.net/techtips/sql-injection.html
Please test it as much as you can and tell us the results
OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not.
Yes. Incorrect formatting of .htaccess rules can easily (and incorrectly) block access to your entire website.
The correct .htaccess rules for blocking proxies can be found in this 'legendary' blog (probably the source);
- https://perishablepress.com/block-tough-proxies/
Also, this message might actually be considered a bit more user friendly;
"Sorry. Proxy access is not allowed. If you are not using a proxy please contact EMAIL with your IP address"
I recommend using the Bad-Behavior script, which actually covers a lot of the rules in the G5 and G6 firewall from the above blog anyway. Most of the rules in BB actually became the Mod Security base. The modified script for BB I posted was 'cobbled' together from reviewing several (now outdated) .htaccess lists and comparing user agents with activity at http://botsvsbrowsers.com/ and https://udger.com/
- https://bitcointalksearch.org/topic/m.13184663
Good job OP for starting this thread!
This is helpful for me but I would like to be more soft for proxy users instead of banning them I'll show them a message that sorry proxy user can't claim free btc .The correct .htaccess rules for blocking proxies can be found in this 'legendary' blog (probably the source);
- https://perishablepress.com/block-tough-proxies/
Also, this message might actually be considered a bit more user friendly;
"Sorry. Proxy access is not allowed. If you are not using a proxy please contact EMAIL with your IP address"
I recommend using the Bad-Behavior script, which actually covers a lot of the rules in the G5 and G6 firewall from the above blog anyway. Most of the rules in BB actually became the Mod Security base. The modified script for BB I posted was 'cobbled' together from reviewing several (now outdated) .htaccess lists and comparing user agents with activity at http://botsvsbrowsers.com/ and https://udger.com/
- https://bitcointalksearch.org/topic/m.13184663
Good job OP for starting this thread!
They will see this message when they solve captcha and hit submit button so this way proxy /Google bots are allowed to visit site but a proxy user trying to claim will get nothing except above message.
Hi,
The faucetbox script has Security tab where we can add list of IP addresses or IP networks in CIDR notation to ban and List of hostnames to ban. Is it the same as using .htaccess file? Thanks
The faucetbox script has Security tab where we can add list of IP addresses or IP networks in CIDR notation to ban and List of hostnames to ban. Is it the same as using .htaccess file? Thanks
I think it's probably is the same.
thank for the great info
Hi,
The faucetbox script has Security tab where we can add list of IP addresses or IP networks in CIDR notation to ban and List of hostnames to ban. Is it the same as using .htaccess file? Thanks
The faucetbox script has Security tab where we can add list of IP addresses or IP networks in CIDR notation to ban and List of hostnames to ban. Is it the same as using .htaccess file? Thanks
I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database.
Pretty serious stuff.
http://www.unixwiz.net/techtips/sql-injection.html
Please test it as much as you can and tell us the results
OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not.
There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise.
https://stackoverflow.com/questions/6181513/setting-up-a-sql-injection-honeypot
I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database.
Pretty serious stuff.
http://www.unixwiz.net/techtips/sql-injection.html
Please test it as much as you can and tell us the results
OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not.
There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise.
https://stackoverflow.com/questions/6181513/setting-up-a-sql-injection-honeypot
can you show the code how you added the math question in a second frame 
can someone show me the code to open a frame in the same window to put there the math question ?
kind regrads
can someone show me the code to open a frame in the same window to put there the math question ?
I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database.
Pretty serious stuff.
http://www.unixwiz.net/techtips/sql-injection.html
Please test it as much as you can and tell us the results
OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not.
There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise.
I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database.
Pretty serious stuff.
http://www.unixwiz.net/techtips/sql-injection.html
Please test it as much as you can and tell us the results
OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not.
There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise.
I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
4 Proxy/VPN
168 Spammer
24 SQL Injections
I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt
No idea the truth
With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database.
Pretty serious stuff.
http://www.unixwiz.net/techtips/sql-injection.html
Please test it as much as you can and tell us the results
OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not.
Jump to: