Current time: 04-23-2014, 09:17 AM Hello There, Guest! (LoginRegister)


 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[F] Post doesn't check referrer
03-04-2007, 06:20 PM (This post was last modified: 03-04-2007 06:35 PM by D4rkDrago0n.)
Post: #11
RE: Post doesn't check referrer
I've blocked his domain in the Email-block field. and that should put him off because all registrations require activation.

I'm still confused as to how he managed to create 70+ accounts with the same email on the same IP.

mybb's maximum registrations per IP is 2 every 48 hours :/


and before you say it. I've got CAPTCHAs turned on

WiiLoaded
[Image: autodata.php]
Visit this user's website Find all posts by this user
03-04-2007, 07:09 PM (This post was last modified: 03-04-2007 07:19 PM by zaher1988.)
Post: #12
RE: Post doesn't check referrer
D4rkDrago0n Wrote:I've blocked his domain in the Email-block field. and that should put him off because all registrations require activation.

I'm still confused as to how he managed to create 70+ accounts with the same email on the same IP.

mybb's maximum registrations per IP is 2 every 48 hours :/


and before you say it. I've got CAPTCHAs turned on

Oh come on man, who reads your thread will believe that MyBB as a whole is a security crap!! are you sure all this is happening?

Please read about banning here

Visit this user's website Find all posts by this user
03-04-2007, 07:23 PM (This post was last modified: 03-04-2007 07:24 PM by D4rkDrago0n.)
Post: #13
RE: Post doesn't check referrer
yeah, this is why I'm posting here. I figured if there was something wrong, you guys would want to know. You're software Is probably one of the more secure boards I've used. I would like to make sure it stays that way.

And yes. I do know how to use the banning functions. Since I've banned his domain, He's not made any new accounts

WiiLoaded
[Image: autodata.php]
Visit this user's website Find all posts by this user
03-04-2007, 10:37 PM
Post: #14
RE: Post doesn't check referrer
Referrer checking is useless and can't be relied on - you can easily forge a referrer.
Visit this user's website Find all posts by this user
03-05-2007, 01:02 AM
Post: #15
RE: Post doesn't check referrer
that's a shame. that's the only bright idea I could come up with.

I hope you guys come up with something better ^_^

thanks in advance

WiiLoaded
[Image: autodata.php]
Visit this user's website Find all posts by this user
03-10-2007, 08:47 PM
Post: #16
RE: Post doesn't check referrer
Just wondering, was there 1 account for each post, or did the spammer use one account to post all of them?

Dennis Tsang
http://dennistt.net
Find all posts by this user
03-10-2007, 08:52 PM
Post: #17
RE: Post doesn't check referrer
he made about 70+ accounts but only 10 of them actually made posts

WiiLoaded
[Image: autodata.php]
Visit this user's website Find all posts by this user
03-10-2007, 09:13 PM
Post: #18
RE: Post doesn't check referrer
All from the same IP?

Dennis Tsang
http://dennistt.net
Find all posts by this user
03-10-2007, 09:19 PM
Post: #19
RE: Post doesn't check referrer
yeah, or so it appears.

It worked out quite handy as I could use phpMyAdmin to do an IP Search and delete all posts and users made from that IP

WiiLoaded
[Image: autodata.php]
Visit this user's website Find all posts by this user
03-11-2007, 08:57 AM
Post: #20
RE: Post doesn't check referrer
This user has been denied support. This user has been denied support.
Well some things you can try...

1. Add a custom required field.
2. Turn flood posting higher to 30 seconds.
3. Ban his email
4. Ban his IP
5. Contact his IP address provider and report it to abuse. Also post it here for us to help you investigate.
6. Change the captcha fonts.
7. Change in admincp the Time Between Registrations to 72 hours.
8. Change in admincp the Maximum Registrations Per IP Address to 1.
9. Change in admincp Registration Method to Administration Activation and manually activate accounts.
10. Use htaccess or server firewall to block his IPs.

Now you can do some or all of these. I suggest you start with #6, then #1 and go from there what you may not have already tried.
Visit this user's website Find all posts by this user


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | MyBB | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication