[Updated 19/Jul/2016] Faucet Owners Against Scammers and Bots - page 3.

5ub_zer0

full member

Activity: 238

Merit: 100

Quote from: dibon on October 19, 2016, 02:12:15 AM

I have antibotlinks implemented and still bots are drying my faucet....
Changing universe everyday, inventing new arrays but it does nothing!

Antibotlinks is not the only thing to prevent bots - you have a very high referral comission so thats very attract for bots.

I dont know which script you are using and what entrys you have in your .htaccess but you should disallow TOR/VPN connections. Also if you have the chance to ban ASN's there is a good list in this thread.

dibon

member

Activity: 64

Merit: 10

I have antibotlinks implemented and still bots are drying my faucet....
Changing universe everyday, inventing new arrays but it does nothing!

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: viperzero on September 17, 2016, 07:30:37 PM

Quote from: sabotag3x on September 10, 2016, 03:01:58 PM

Quote from: felicita on September 10, 2016, 01:26:51 PM

Quote from: NeedIfFindIt on September 09, 2016, 04:39:47 PM

Quote from: catcatcatcaty on September 09, 2016, 03:51:11 PM

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users Sad

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!

kind regards

I thinked in your system too felicita, and other day I saw this topic https://bitcointalksearch.org/topic/freemium-script-of-bitcoin-faucet-antibot-captcha-proxytor-detection-1599533, is your alt account?

Well, a lot of people trying to bring security for faucet owners, that's great!

I upgraded today to faucetbox R65 and NeeditFindit's antiBotlinks 5.01 is not working anymore. I posted a message to him and hopefully this will be sorted out soon. So don't upgrade yet if you have antibotlinks in use and plan to continue to use it. I made a small donation and hope everybody else makes the same so we can have an update to antibotlinks. Keep up the good work fighting against bots!

Thanks for the donation!

The new version is here:
http://bit.makejar.com/labs/anti-bot-links-550/
http://bit.makejar.com/labs/anti-bot-links-550/install.php

The only difference is in line:

Code:

if (array_key_exists('address', $_POST) && $data['enabled'] && $data['eligible']) {

MONKEYJUNK

sr. member

Activity: 434

Merit: 250

Quote from: Butord on September 18, 2016, 06:44:53 AM

Hi, everyone.
I know that faucetbox script has btc address block function but what the code for it? For ex. if I want to use the code to block some certain btc address on other faucet script could smn write what the code it can be?

Maybe it's this part of the code

Code:

$security_settings = array();
    $q = $sql->query("SELECT `name`, `value` FROM `Faucetinabox_Settings` WHERE `name` in ('ip_check_server', 'ip_ban_list', 'hostname_ban_list', 'address_ban_list')");
    while($row = $q->fetch()) {
        if(stripos($row["name"], "_list") !== false) {
            $security_settings[$row["name"]] = array();
            if(preg_match_all("/[^,;\s]+/", $row["value"], $matches)) {
                foreach($matches[0] as $m) {
                    $security_settings[$row["name"]][] = $m;
                }
            }
        } else {
            $security_settings[$row["name"]] = $row["value"];
        }
    }

    if(!empty($_POST["mmc"])) {
        $_SESSION["mouse_movement_detected"] = true;
        die();
    }

    if($_SERVER["REQUEST_METHOD"] == "POST") {
        if($security_settings["ip_check_server"]) {
            if(!preg_match("#/$#", $security_settings["ip_check_server"])) {
                $security_settings["ip_check_server"] .= "/";
            }
        }

And you will have to add the address to this table on sql 'address_ban_list'

Butord

member

Activity: 95

Merit: 10

Hi, everyone.
I know that faucetbox script has btc address block function but what the code for it? For ex. if I want to use the code to block some certain btc address on other faucet script could smn write what the code it can be?

viperzero

member

Activity: 301

Merit: 10

Quote from: sabotag3x on September 10, 2016, 03:01:58 PM

Quote from: felicita on September 10, 2016, 01:26:51 PM

Quote from: NeedIfFindIt on September 09, 2016, 04:39:47 PM

Quote from: catcatcatcaty on September 09, 2016, 03:51:11 PM

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users Sad

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!

kind regards

I thinked in your system too felicita, and other day I saw this topic https://bitcointalksearch.org/topic/freemium-script-of-bitcoin-faucet-antibot-captcha-proxytor-detection-1599533, is your alt account?

Well, a lot of people trying to bring security for faucet owners, that's great!

I upgraded today to faucetbox R65 and NeeditFindit's antiBotlinks 5.01 is not working anymore. I posted a message to him and hopefully this will be sorted out soon. So don't upgrade yet if you have antibotlinks in use and plan to continue to use it. I made a small donation and hope everybody else makes the same so we can have an update to antibotlinks. Keep up the good work fighting against bots!

FaucetRank.com

hero member

Activity: 868

Merit: 500

Quote from: alfaboy23 on August 28, 2016, 05:57:57 AM

I just want to add this for a little security to Xapo faucet script:

First, find this in your /index.php on your root directory:

Code: (php)

if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_POST["new_password"])) {

  $view['main']['result_html']  = '';
  $view['main']['waiting_time'] = 0;
  $success                      = "false";
  $ip                           = get_ip();

Just after that, place this:

Code: (php)

$disallowedWords = array(
  'yandex.',
  'inbox.',
  'mail.',
  'ukr.net',
  'bigmir.net',
  'meta.ua'
);
// Search for disallowed words.
foreach ($disallowedWords as $xword) {
  if (strpos($_POST['username'], $xword) !== false) {
    $view['main']['result_html'] = 'The e-mail you are using is not allowed!
';
    $message                     = "Forbidden";
    goto error;
  }
}

It will not allow the e-mail addresses with that specified word. You can also specify whole e-mail addresses.

I hope it will help even just a little.

This is very useful code because recently I got bot attack from these domains email but now they gone forever because of this code.
thanks for sharing this with us.

CroSany

full member

Activity: 196

Merit: 100

I suggest you guys update your script or add some sort of email verification for users. I have reduced my botting almost completely since I implemented this change - in fact, I predict that most large faucets will need to implement such features if they are to survive.

The Faucetbox script as standard suits small-medium faucets, anyone offering more than 500 satoshi per hour is at risk.

You need to surgically remove bots and not delete large referral trees.

sabotag3x

legendary

Activity: 2688

Merit: 2297

Quote from: felicita on September 10, 2016, 01:26:51 PM

Quote from: NeedIfFindIt on September 09, 2016, 04:39:47 PM

Quote from: catcatcatcaty on September 09, 2016, 03:51:11 PM

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users Sad

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!

kind regards

I thinked in your system too felicita, and other day I saw this topic https://bitcointalksearch.org/topic/freemium-script-of-bitcoin-faucet-antibot-captcha-proxytor-detection-1599533, is your alt account?

Well, a lot of people trying to bring security for faucet owners, that's great!

felicita

legendary

Activity: 1582

Merit: 1031

Quote from: NeedIfFindIt on September 09, 2016, 04:39:47 PM

Quote from: catcatcatcaty on September 09, 2016, 03:51:11 PM

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users Sad

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!

kind regards

sabotag3x

legendary

Activity: 2688

Merit: 2297

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

Same here, my faucet is dry(2-3 days) and still have ~1500 visits from bots..

I think they have a faucetlist and keep trying to enter/claim in everyone Cheesy

I was using a big blacklist, well it ban real user too, however it can stop a lot of bots..

I'm waiting your defense system be ready to everyone!

NeedIfFindIt

full member

Activity: 500

Merit: 100

Quote from: catcatcatcaty on September 09, 2016, 03:51:11 PM

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users Sad

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

catcatcatcaty

full member

Activity: 152

Merit: 100

Quote from: NeedIfFindIt on September 09, 2016, 03:30:25 PM

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

NeedIfFindIt

full member

Activity: 500

Merit: 100

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all Huh

He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

FaucetSystem.com

member

Activity: 127

Merit: 10

If you pay user before proxy detection it makes no sense, you lost your money. In my faucet script at the beginning we try detect a proxy and after pay; plus non standart captcha (http://faucetsystem.com/img/screens/fullsize/8.png).

FaucetRank.com

hero member

Activity: 868

Merit: 500

I'm again saying blocking proxy is not solution for bots you have to be tricky to flight with them I also tired many ip blocking tricks but did not get the success because bot may come from any country and you can't block all countries just to keep your faucet live, you also have to earn money from your traffic.

BitBustah

hero member

Activity: 1218

Merit: 534

Quote from: felicita on August 18, 2016, 11:48:10 AM

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!

kind regards

"nothing to look here !"

Is that good or bad?

alfaboy23

hero member

Activity: 546

Merit: 500

I just want to add this for a little security to Xapo faucet script:

First, find this in your /index.php on your root directory:

Code: (php)

if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_POST["new_password"])) {

  $view['main']['result_html']  = '';
  $view['main']['waiting_time'] = 0;
  $success                      = "false";
  $ip                           = get_ip();

Just after that, place this:

Code: (php)

$disallowedWords = array(
  'yandex.',
  'inbox.',
  'mail.',
  'ukr.net',
  'bigmir.net',
  'meta.ua'
);
// Search for disallowed words.
foreach ($disallowedWords as $xword) {
  if (strpos($_POST['username'], $xword) !== false) {
    $view['main']['result_html'] = 'The e-mail you are using is not allowed!
';
    $message                     = "Forbidden";
    goto error;
  }
}

It will not allow the e-mail addresses with that specified word. You can also specify whole e-mail addresses.

I hope it will help even just a little.

alfaboy23

hero member

Activity: 546

Merit: 500

Quote from: felicita on August 19, 2016, 08:51:54 AM

Quote from: alfaboy23 on August 18, 2016, 07:08:41 PM

Quote from: felicita on August 18, 2016, 11:48:10 AM

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!

kind regards

I'm using a proxy, but still says "good isp". I think you missed the ISP named Hurricane Electric.

thanks for this great infromation . Added this to the blocklist .
Can you name the proxy u used ?

kind regards

It's a Windows application called Freegate by Dynaweb. It uses the Hurricane Electric as ISP.

felicita

legendary

Activity: 1582

Merit: 1031

Quote from: alfaboy23 on August 18, 2016, 07:08:41 PM

Quote from: felicita on August 18, 2016, 11:48:10 AM

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!

kind regards

I'm using a proxy, but still says "good isp". I think you missed the ISP named Hurricane Electric.

thanks for this great infromation . Added this to the blocklist .
Can you name the proxy u used ?

kind regards

Topic: [Updated 19/Jul/2016] Faucet Owners Against Scammers and Bots - page 3. (Read 36685 times)