Pages:

Author

Topic: [Updated 19/Jul/2016] Faucet Owners Against Scammers and Bots - page 19. (Read 36679 times)

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: Aratrok on October 18, 2015, 06:27:10 PM

@NeedIfFindIt

Hello dude, my faucet was removed from his rotator. I do not understand why.

I just write an email.

My faucet is: http://freebtsocean.com/

Sorry, yesterday I responded to over 120 messages.

For some reason the anti-proxy code blocks also non-proxies that have open ports.
http://getipintel.net/ actually tracks IPs with multiple open ports.
Just think about simple IM like Skype opens 2 ports (one of them is port 80) if you have 3 PCs at home = 4 open ports by Skype. If you add one or two torrent clients and a VNC = 8 open ports in total. And you are already in the 0.99+ club.

For now I would suggest using

Code:

$banOnProability=0.99999;

instead of

Code:

$banOnProability=0.99;

I tested with free proxy list and it still works for 95%+ of the addresses.

Also find a way to cache the IPs since getipintel.net allows up to 1000 requests/day.

Code:

//if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
//die("It would apprear you're using a proxy, so please, go f* yourself!");

function checkProxy($ip){
/*
                /// Uncomment to allow bit.makejar.com autochecker
		if ($ip=='188.166.12.134') {
                  return false;
                }
                //
*/
		$contactEmail="EMAIL";
		$timeout=3; 
		// $banOnProability=0.99;
                $banOnProability=0.99999;// <---------------------------------------------------
		
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 		curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
		curl_setopt($ch, CURLOPT_URL, "http://check.getipintel.net/check.php?ip=$ip");
		$response=curl_exec($ch);
		
		curl_close($ch);
		
		
		if ($response > $banOnProability) {
				return true;
		} else {
			if ($response < 0 || strcmp($response, "") == 0 ) {
				//The server returned an error, you might want to do something
				//like write to a log file or email yourself
				//This could be true due to an invalid input or you've exceeded
				//the number of allowed queries. Figure out why this is happening
				//because you aren't protected by the system anymore
				//Leaving this section blank is dangerous because you assume
				//that you're still protected, which is incorrect
				//and you might think GetIPIntel isn't accurate anymore
				//which is also incorrect.
				//failure to implement error handling is bad for the both of us
			}
				return false;
		}
}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
	echo "It would apprear you're using a proxy, so please, go f* yourself! ";
}
?>

Alric01

newbie

Activity: 1

Merit: 0

Hi its no more easy only blocked all ips from vps and dedicate server. beceause all scammer use vps and dedicated server???

akela11

newbie

Activity: 15

Merit: 0

Thanks a Lot @misterbit Code added.

Quote from: misterbit on October 18, 2015, 05:06:41 PM

Friend I think that you should raise the degree of difficulty of funcaptcha, and also cancel the enter this key.

Code:

change to

Code:

and put in the in the footer for example

Code:

Now tell me how many visitors does your website?
Thus you could calculate the amount of satoshi, for example 400 satoshi by 3000 would be 1200000 satoshi

Quote from: akela11 on October 18, 2015, 04:05:09 PM

Ii happen again

My faucet was dried in two times in two days, (.01 Btc each) and te earnings in adSense are too slow Sad

I'm not skiled in programming but i'm thinking how to reduce damage from that bots without blocking

I'think we can analize IP's and wallet adresses from the FoucetBox DB, and see all that you guys commented before and when some of those adresses came we can modify the amount of satoshis they get to 1 each time, same to referrals...

please tell me if this is a good idea.

thanls in advance,

Aratrok

newbie

Activity: 42

Merit: 0

@NeedIfFindIt

Hello dude, my faucet was removed from his rotator. I do not understand why.

I just write an email.

My faucet is: http://freebtsocean.com/

misterbit

sr. member

Activity: 350

Merit: 250

Friend I think that you should raise the degree of difficulty of funcaptcha, and also cancel the enter this key.

Code:

change to

Code:

and put in the in the footer for example

Code:

Now tell me how many visitors does your website?
Thus you could calculate the amount of satoshi, for example 400 satoshi by 3000 would be 1200000 satoshi

Quote from: akela11 on October 18, 2015, 04:05:09 PM

Ii happen again

My faucet was dried in two times in two days, (.01 Btc each) and te earnings in adSense are too slow Sad

I'm not skiled in programming but i'm thinking how to reduce damage from that bots without blocking

akela11

newbie

Activity: 15

Merit: 0

it happen again

My faucet was dried in two times in two days, (.01 Btc each) and te earnings in adSense are too low Sad

I'm not skiled in programming but i'm thinking how to reduce damage from that bots without blocking

lol3c

hero member

Activity: 518

Merit: 500

Quote from: NeedIfFindIt on October 18, 2015, 11:23:55 AM

Quote from: lol3c on October 18, 2015, 11:05:44 AM

Quote from: NeedIfFindIt on October 18, 2015, 10:55:16 AM

Quote from: lol3c on October 18, 2015, 10:07:55 AM

The order links have to be clicked should also be randomized

They are, but since they are only 3 sometimes it happens they are not.

This is good, did you applied it on a working faucet, with users?

Nope. Unfortunately I stopped doing faucets since a massive bot attack has killed my adsense account.

But I'm still in the community and happy to help with my 14 years experience in PHP LOL.

If every faucet owner do his own unique 100 word universes I assume the "someone" that makes the bots will just give-up.

If you rely on the 7 example ones ... they probably will be botted in a week or less ... unless I make new version that introduces "noise" in the image at the top. Then he will need to use OCR or (second) captcha solving service.

So better roll your own 100+ puzzles

It sad to hear you got your account banned not because your fault. I'll try to apply your suggestion. If you don't mind, can you add my faucet on your well-known site? The link is http://qoinmicro.com/ . I'm open to any critics about my site. Thanks again for your help in this growing community.

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: lol3c on October 18, 2015, 11:05:44 AM

Quote from: NeedIfFindIt on October 18, 2015, 10:55:16 AM

Quote from: lol3c on October 18, 2015, 10:07:55 AM

The order links have to be clicked should also be randomized

They are, but since they are only 3 sometimes it happens they are not.

This is good, did you applied it on a working faucet, with users?

lol3c

hero member

Activity: 518

Merit: 500

rkandrades

sr. member

Activity: 392

Merit: 251

Bitcoin Faucet & Blog

lol3c

hero member

Activity: 518

Merit: 500

Quote from: NeedIfFindIt on October 18, 2015, 10:55:16 AM

Quote from: lol3c on October 18, 2015, 10:07:55 AM

The order links have to be clicked should also be randomized

They are, but since they are only 3 sometimes it happens they are not.

This is good, did you applied it on a working faucet, with users?

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: lol3c on October 18, 2015, 10:07:55 AM

The order links have to be clicked should also be randomized

They are, but since they are only 3 sometimes it happens they are not.

lol3c

hero member

Activity: 518

Merit: 500

The order links have to be clicked should also be randomized

examplens

legendary

Activity: 3444

Merit: 3469

Crypto Swap Exchange

misterbit

sr. member

Activity: 350

Merit: 250

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: lol3c on October 18, 2015, 01:00:15 AM

I would also want the anti bot script developed by makejar's owner. I'm a faucet owner so you don't have to worry about that.

Since I got over 10 PMs and e-mails that will take ages to respond. I decided to make v2 that is easier to integrate + make it public.

Instructions how to install:
http://bit.makejar.com/labs/anti-bot-links-201/install.php

Code:

Download & unpack:
http://bit.makejar.com/labs/anti-bot-links-201/antibotlinks.zip


Files to add:
/libs/antibotlinks.php


Files to edit:
/index.php
/templates/*theme-name*/index.php


Ok, let's start.

First make a backup of your faucet (everything could go wrong, better safe than sorry).

Then

Copy:
antibotlinks.php

To:
/libs/antibotlinks.php


Now you will need to edit 2 files. I suggest using Notepad++ https://notepad-plus-plus.org/ to edit files but any good editor will do the job.
This is based on FB R60 but should work with newer/older versions.

Open:
/index.php

Find:
        $data['captcha_info'] = $captcha;

add after:
        # AntiBotLinks
        require_once('libs/antibotlinks.php');
        $antibotlinks = new antibotlinks(true);// true if GD is on on the server, false is less secure
        if (array_key_exists('address', $_POST)) {
          if (!$antibotlinks->check()) {
            $antibotlinks->generate(5, true);// number of links once they fail to solve min 3 - max 5, the second param MUST BE true
          }
        } else {
          $antibotlinks->generate(3);// initial number of links min 3 - max 5
        }


Find:
           $data['captcha_valid'] && 

add after:

           # AntiBotLinks
           $antibotlinks->is_valid() &&
           

Open:
/templates/*theme-name*/index.php

Find:


Add before:
# AntiBotLinks START
?>

# AntiBotLinks END
?>


Find:
                            if(!$data["captcha_valid"]): ?>
                            Invalid captcha code!

                            endif; ?>


Add after (the input field must be between  and ):

# AntiBotLinks START
?>
                            
                            if(!$antibotlinks->is_valid()): ?>
                            Invalid AntiBot verification!

                            endif; ?>
# AntiBotLinks END
?>

After the next:

Add:

# AntiBotLinks START
?>
echo $antibotlinks->show_info(); ?>
# AntiBotLinks END
?>

Somewhere between add (you need to do it 5 times, this is where the links will appear):

# AntiBotLinks START
?>
echo $antibotlinks->show_link(); ?>
# AntiBotLinks END
?>

And finally remove the default CLAIM button :)

What's the idea behind?

The idea is to make each faucet unique. It is easy for a faucet owner to add new unique logical puzzles by editing antibotlinks.php (line 32-38). Just watch the lines above and try to make yours.

Live demo:
http://bit.makejar.com/labs/anti-bot-links-201/

If anybody has difficulties installing please contact me.

f4t4l

full member

Activity: 200

Merit: 100

Presale Starting May 1st

i have 67 user from this address: 1HRPmtBciWXp9rJT5aJPkXeWekCFJmkmpk
i blocked this address from faucetbox admin panel. but his/her referrals can steal my bitcoins? how i can block this ip?how i can found this ip from this bitcoin address? all users are from russia.:

nawaraj

full member

Activity: 168

Merit: 100

Quote from: rkandrades on October 18, 2015, 02:19:18 AM

Quote from: nawaraj on October 17, 2015, 10:40:14 PM

Quote from: NeedIfFindIt on October 17, 2015, 04:09:24 PM

Quote from: grosminer on October 16, 2015, 10:04:15 AM

Thanks for the infos..

Here's some addresses i found in my DB and their associated ips:

1EcRkqy9TkpQLiiUdzzVxsr9Ayso1upK8R 178.150.176.16
1CSWyFQc38H449os3T46tmhPT5mbSQSjS6 5.77.2.67
14no7rcE2UU9h9HUankEmcAN3zuBLD8j73 46.151.107.238
13zNpv9sMV6PmfqFCtvNQwum3J4b2Ybh1s 31.180.239.112
1CB6QHMiNmhsDFupnhmAEiZ9Fxm1FZrRZy 70.39.187.242
1Po9cWPPqfykFG1Zdrba7bkEcnkbq98BVD 89.106.108.217
1EaHa6BCV7twxnPJuyPYaKi4fb5ZuGWUHp 189.253.92.202

Dunno if it can help but that's what i found..

Please could you explain why you don't like my address 1Po9cWPPqfykFG1Zdrba7bkEcnkbq98BVD 89.106.108.217

Just yesterday you wanted me to include your faucet in our list?

I'm definitely not a bot, nor a scammer. http://bit.makejar.com/ has just turned 1 year, the addresses we use for ref are at the bottom of the page. We try to stay open and clear with both faucet users and faucet owners. If you don't like being on our website just send us a message and we will remove you from our list but please don't report us as scammers because WE ARE NOT!

Actually I'm currently working on a new anti-bot add-on. If someone want to try it shoot me a message. Demo: http://bit.makejar.com/labs/fbab/ I'm not going to share it in public because I don't want bot users to get the source but I would be happy to share for free with any faucet owner that is fine to be on our list.

Yes, I agree with you, this address is not a bot. By this thing (rkandrades), you prove that your technique is not so good to catch bot. Your technique effect some real user who help to bring traffic to our faucet.

First... I didn't listed that address. It was an other person. Read the topics again.

I'm very carefully in listing these address. But of course it is impossible to get 100% of accuracy. I'm just trying to make the things better to us.

I am sorry for that.

FaucetRank.com

hero member

Activity: 868

Merit: 500