MyBB Community Forums

Full Version: Bot seems like by passing Registration Security Question plugin
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
Spambots got a database with answers, make a question what you not can't find at Google.
i think they got some software to bypass the question. So, i decided to remove security question for now..
(2013-09-04, 08:28 AM)gamemaster Wrote: [ -> ]i think they got some software to bypass the question. So, i decided to remove security question for now..
You are right!

You can beter make a question about something on your site or something like this:
Enter the first and the last 2 letters:
goakavam -> goam

Must work. And Stopforumspam addons.
On minor quirk: I have to go directly to a mysql prompt and type in “select * from mybb_g33k_regsecureq_questions;” to see the exact count of how many incorrect and correct answers a given question has.

This is probably more a Stop Forum Spam issue, but also: I just verified, by using a Tor browser (yes, Tor exit nodes are marked as spammer IPs), that Stop Forum Spam does its check before g33k’s regsecureq verifies the answers are correct. It would probably be better to verify the answers are correct before doing the spammer IP check (let’s make the spammers work a little harder; every unsuccessful registration where they have to pay a human to figure out the answer to a question makes forum spamming just that much less economically viable).
Doesnt work for me. I still have hundreds of robots registering every day.
I know this is an old post but I just downloaded your updated resecureq files and installed them.
Hopefully it will work. If it does, I'll be back to your site http://www.geekplugins.com/ to make a donation.
Thanks!!
So this is still needed for MyBB 1.8.4?

Thanks!
^ No, now security questions is an internal feature of MyBB 1.8.x system
Hello,

I am still on MyBB 1.6 and found some bugs on this specific mod. Searching on google lead me to this thread.

I have taken another approach to cover this security hole, also did fix a bug with the "change security question button" where it did not work.

See attached txt for patchfile to apply with linux patch Wink
If you need the patched files send me a PM and I'll attach 'em here.

After patching. Deactivate & Activate to refresh plugin templates.
Pages: 1 2 3