Guys...
I'm thinking how could I redirect the Faucetbox blocked IPs, Domains and BC Address to an other URL.
I guess I shoul change some function into the index.php file. But I didn't found the exactily point to do this change.
Today, When a banned visitor try to claim, the faucet just reload/refresh the page. I think that redirecting I could do something smarter.
Could you help me?
Topic: [Updated 19/Jul/2016] Faucet Owners Against Scammers and Bots - page 27. (Read 36679 times)
snip
What do you suggest them? Forget the proxy serves and keep walking?Using code similar to this, which LosingAlpha posted could help significantly, though using strpos may not be the best as it can sometimes return false positives with similar hosts.
Code:
$remoteHostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
if(strpos($remoteHostname, 'amazonaws') !== false)die("No AWS, later jabroni!");
Following two more scam address:
1mf8XF6cM777vkGm47KVMsSRgkmaApt9f
1BgQKKqWLXHjUXq8k8858pr9UjLcdzMUMi
1mf8XF6cM777vkGm47KVMsSRgkmaApt9f
1BgQKKqWLXHjUXq8k8858pr9UjLcdzMUMi
i think that is better option to update your first post, not than to add in single separate post.
anyway thanks for sharing your info with us
Yes. I will do this.
This will kill 99% of proxy servers...put this in your htaccess file
snip
No, it won't. Anyone that is running a proxy server should know how to fake HTTP headers on requests, the things that this code is checking for. It will perhaps block about 1% of proxy owners that have no idea what they're doing.snip
Dont block AWS if you are using funcapthca because thats what they use
As said blocking AWS would have no problems with using FunCaptcha or anything else running on an AWS web server. By blocking AWS you would be (I hope) checking the incoming information of a visitor then checking if the IP resolves to an AWS address, then blocking if necessary. While using FunCaptcha, it never actually visits your site. The FunCaptcha code runs in the back end and communicates with your website, therefore not being affected by any AWS blocks.Also, I would just like to point out, trying to stop bots by blocking BTC addresses is futile; an attacker can just create a new Bitcoin address automatically and use that one in the case of the previous being blocked. It is likely more of an inconvenience to you blocking them than to the attacker.
What do you suggest them? Forget the proxy serves and keep walking?
This will kill 99% of proxy servers...put this in your htaccess file
snip
No, it won't. Anyone that is running a proxy server should know how to fake HTTP headers on requests, the things that this code is checking for. It will perhaps block about 1% of proxy owners that have no idea what they're doing.snip
Dont block AWS if you are using funcapthca because thats what they use
As said blocking AWS would have no problems with using FunCaptcha or anything else running on an AWS web server. By blocking AWS you would be (I hope) checking the incoming information of a visitor then checking if the IP resolves to an AWS address, then blocking if necessary. While using FunCaptcha, it never actually visits your site. The FunCaptcha code runs in the back end and communicates with your website, therefore not being affected by any AWS blocks.Also, I would just like to point out, trying to stop bots by blocking BTC addresses is futile; an attacker can just create a new Bitcoin address automatically and use that one in the case of the previous being blocked. It is likely more of an inconvenience to you blocking them than to the attacker.
Following two more scam address:
1mf8XF6cM777vkGm47KVMsSRgkmaApt9f
1BgQKKqWLXHjUXq8k8858pr9UjLcdzMUMi
1mf8XF6cM777vkGm47KVMsSRgkmaApt9f
1BgQKKqWLXHjUXq8k8858pr9UjLcdzMUMi
i think that is better option to update your first post, not than to add in single separate post.
anyway thanks for sharing your info with us
Dont block AWS if you are using funcapthca because thats what they use
Funcaptcha's not opening up your site to work, your script just needs to talk out to it.You can just target it by name (and add conditionals for whatever other networks are causing problems)
Code:
$remoteHostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
if(strpos($remoteHostname, 'amazonaws') !== false)die("No AWS, later jabroni!");
You'll also want to sort out nearby IPs, on faucetbox after $sql has been set up you can do something like this - I'm just matching IPs in the database to the visitor's IP minus the last digit here so it's not very sophisticated, but a lot of people with access to IP ranges are willing to chance their arm. You may get the odd false positive here and there, but it'll cut down on the abuse:
Code:
$partialIP = substr($_SERVER['REMOTE_ADDR'], 0, strlen($_SERVER['REMOTE_ADDR'])-1);
$matchedIPs = $sql->query("SELECT COUNT(*) FROM `Faucetinabox_IPs` WHERE `ip` LIKE '".$partialIP."%'")->fetch();
if($matchedIPs[0]>1)die("You look shady, sorry bro.");
Quote from: rkandrades
Guys... How are you blocking Proxy Servers?
I tried to block by PHP codes and htaccess. No success.
It's impossible without a list of their IP addresses so I just didn't bother. Rewrite rules or checking headers in PHP won't get you very far because you're relying on the proxy telling you it's a proxy, you can't rely on that.I tried to block by PHP codes and htaccess. No success.
But if I try to block a huge list of known proxy servers by IP in the htaccess? Won't it work?
I think this is a good alternative way.
Dont block AWS if you are using funcapthca because thats what they use
Funcaptcha's not opening up your site to work, your script just needs to talk out to it.You can just target it by name (and add conditionals for whatever other networks are causing problems)
Code:
$remoteHostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
if(strpos($remoteHostname, 'amazonaws') !== false)die("No AWS, later jabroni!");
You'll also want to sort out nearby IPs, on faucetbox after $sql has been set up you can do something like this - I'm just matching IPs in the database to the visitor's IP minus the last digit here so it's not very sophisticated, but a lot of people with access to IP ranges are willing to chance their arm. You may get the odd false positive here and there, but it'll cut down on the abuse:
Code:
$partialIP = substr($_SERVER['REMOTE_ADDR'], 0, strlen($_SERVER['REMOTE_ADDR'])-1);
$matchedIPs = $sql->query("SELECT COUNT(*) FROM `Faucetinabox_IPs` WHERE `ip` LIKE '".$partialIP."%'")->fetch();
if($matchedIPs[0]>1)die("You look shady, sorry bro.");
Quote from: rkandrades
Guys... How are you blocking Proxy Servers?
I tried to block by PHP codes and htaccess. No success.
It's impossible without a list of their IP addresses so I just didn't bother. Rewrite rules or checking headers in PHP won't get you very far because you're relying on the proxy telling you it's a proxy, you can't rely on that. I tried to block by PHP codes and htaccess. No success.
Guys... I'm paying a lot of referrals for these two address:
17dzhZ3JG5jfKMd45BowS1Pr1cH9FW8zzK
1CMam3ZHtFysv3jvLfzrDraXy4dNGDKQJv
How could I identify if they are bots/scammers or legit?
I doubt they are bots. Bots dont waste there time with refs...someone probably has your faucet on a list of there17dzhZ3JG5jfKMd45BowS1Pr1cH9FW8zzK
1CMam3ZHtFysv3jvLfzrDraXy4dNGDKQJv
How could I identify if they are bots/scammers or legit?
But none of their referrals really share my faucet. They o tricks...
In addintion to, they dont are shown as referrals on my Google Analytics. THey are shown as direct access. They sent me a lot of user and I cant se from where through the Analytics tool.
Doesn't seem weird for you?
take a look on their very huge super monster fucker referrals gains in FaucetBox.
Guys... I'm paying a lot of referrals for these two address:
17dzhZ3JG5jfKMd45BowS1Pr1cH9FW8zzK
1CMam3ZHtFysv3jvLfzrDraXy4dNGDKQJv
How could I identify if they are bots/scammers or legit?
I doubt they are bots. Bots dont waste there time with refs...someone probably has your faucet on a list of there 17dzhZ3JG5jfKMd45BowS1Pr1cH9FW8zzK
1CMam3ZHtFysv3jvLfzrDraXy4dNGDKQJv
How could I identify if they are bots/scammers or legit?
Guys... I'm paying a lot of referrals for these two address:
17dzhZ3JG5jfKMd45BowS1Pr1cH9FW8zzK
1CMam3ZHtFysv3jvLfzrDraXy4dNGDKQJv
How could I identify if they are bots/scammers or legit?
17dzhZ3JG5jfKMd45BowS1Pr1cH9FW8zzK
1CMam3ZHtFysv3jvLfzrDraXy4dNGDKQJv
How could I identify if they are bots/scammers or legit?
Following two more scam address:
1mf8XF6cM777vkGm47KVMsSRgkmaApt9f
1BgQKKqWLXHjUXq8k8858pr9UjLcdzMUMi
1mf8XF6cM777vkGm47KVMsSRgkmaApt9f
1BgQKKqWLXHjUXq8k8858pr9UjLcdzMUMi
My wallet id is blocked on Bitconker as is others, see for ref https://bitcointalksearch.org/topic/m.12218506
I do not know about bots nor do I scam any faucet, I use another wallet now on there and all is ok, but if I cannot use my old wallet as its still blocked.
I did send the owner email but he just ignored it, the only faucet Admin ever to not answer why.
I did have issues with other faucets once upon a time, as some of them had never heard of my browser (Maxthon) Once I got in touch with them, it all got resolved.
So I guess if I never, I would still be banned from those websites.
Can you be really sure that all those addys are bots and scammers? 100%
I do not know about bots nor do I scam any faucet, I use another wallet now on there and all is ok, but if I cannot use my old wallet as its still blocked.
I did send the owner email but he just ignored it, the only faucet Admin ever to not answer why.
I did have issues with other faucets once upon a time, as some of them had never heard of my browser (Maxthon) Once I got in touch with them, it all got resolved.
So I guess if I never, I would still be banned from those websites.
Can you be really sure that all those addys are bots and scammers? 100%
No. I'm not sure. But I'm getting good results acting this way.
I think some of them are just reseting their modem to get a new IP.
They are using different bitcoin address too...
Do you use some technique or tool to block TOR users?
If you're not protected against that kind of thing already, you'll be paying hundreds of thousands, possibly millions out to guys coming in from hosting providers. Amazon AWS is a common one they use.They are using different bitcoin address too...
Do you use some technique or tool to block TOR users?
But yeah to a lesser extent you'll be getting hit by people with access to IP ranges too. I can post code snippets to sort that stuff out when I'm on a PC in a few hours, but I'd also suggest you use google analytics or something similar to get visibility of the networks which are causing you problems.
TOR is blocked for my faucet now. I will keep the TOR IPs blacklist updated every week. This is the best I can do for now... :T
This will kill 99% of proxy servers...put this in your htaccess file
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]
source: https://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]
source: https://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/
Thank you. But I am already using this code.
The problem is that I tested my site with the 3 first proxies retrieved by Google and all of them accessed normally my faucet.
Are you having this problem too?
This will kill 99% of proxy servers...put this in your htaccess file
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]
source: https://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]
source: https://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/
Guys... How are you blocking Proxy Servers?
I tried to block by PHP codes and htaccess. No success.
I tried to block by PHP codes and htaccess. No success.
I think the address is not using anymore or the owner is generating new wallet address...
Maybe if our faucet could get the computer name as well if its possible
Faucets use btc address and ip's to make sure people are not scamming....what else can we use for this problem??
I think some of them are just reseting their modem to get a new IP.
They are using different bitcoin address too...
Do you use some technique or tool to block TOR users?
If you're not protected against that kind of thing already, you'll be paying hundreds of thousands, possibly millions out to guys coming in from hosting providers. Amazon AWS is a common one they use.They are using different bitcoin address too...
Do you use some technique or tool to block TOR users?
But yeah to a lesser extent you'll be getting hit by people with access to IP ranges too. I can post code snippets to sort that stuff out when I'm on a PC in a few hours, but I'd also suggest you use google analytics or something similar to get visibility of the networks which are causing you problems.
My wallet id is blocked on Bitconker as is others, see for ref https://bitcointalksearch.org/topic/m.12218506
I do not know about bots nor do I scam any faucet, I use another wallet now on there and all is ok, but if I cannot use my old wallet as its still blocked.
I did send the owner email but he just ignored it, the only faucet Admin ever to not answer why.
I did have issues with other faucets once upon a time, as some of them had never heard of my browser (Maxthon) Once I got in touch with them, it all got resolved.
So I guess if I never, I would still be banned from those websites.
Can you be really sure that all those addys are bots and scammers? 100%
I do not know about bots nor do I scam any faucet, I use another wallet now on there and all is ok, but if I cannot use my old wallet as its still blocked.
I did send the owner email but he just ignored it, the only faucet Admin ever to not answer why.
I did have issues with other faucets once upon a time, as some of them had never heard of my browser (Maxthon) Once I got in touch with them, it all got resolved.
So I guess if I never, I would still be banned from those websites.
Can you be really sure that all those addys are bots and scammers? 100%
I think some of them are just reseting their modem to get a new IP.
They are using different bitcoin address too...
Do you use some technique or tool to block TOR users?
If you're not protected against that kind of thing already, you'll be paying hundreds of thousands, possibly millions out to guys coming in from hosting providers. Amazon AWS is a common one they use.They are using different bitcoin address too...
Do you use some technique or tool to block TOR users?
But yeah to a lesser extent you'll be getting hit by people with access to IP ranges too. I can post code snippets to sort that stuff out when I'm on a PC in a few hours, but I'd also suggest you use google analytics or something similar to get visibility of the networks which are causing you problems.
Jump to: