We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Get started
Google+

How can I stop fake accounts and boots | Forum

Topic location: Forum home » Support » General Questions
Pages: 1 2 »
Oxwall Türkiye
Oxwall Türkiye Oct 23 '16

America and the India country

There are continuous fake account setup boot

How do I get rid of this situation.

It consists of a large number of fake accounts

countries to limit and ban users have not said rope

Prohibition did not work names.

They trek from the verification history via e-mail

How can I fix this problem

#1
OW-Ghost
OW-Ghost Oct 23 '16
There was a very nice plugin oxwall store that did this and was very easy to use but for some reason they just suspend that plugin??? and ross told soon 1 year ago that that plugin will come back again to the store, but i never see that plugin comeback again. I have a copy but the bad thing when they suspend a plugin is that still that developer have the license to it and you can not remove the license because he still on this forum.


And here is the link to that plugin https://developers.oxwall.com/store/item/671

The Forum post is edited by OW-Ghost Oct 23 '16
#2
dave Leader
dave Oct 23 '16
IP blocking by country is not really the answer, first it uses tons of resources sifting through IP's and also they can use a proxy from a different country. 


The only sure way to take control of this is to approve all new members yourself, at least for a whiie.   Many of them will hit a new site and then move on.  


There are other techniques and some work better than others, but forced approval will help stop this.  The other thing you can use is recaptcha or a question captcha on registration. 

#3
Tecca
Tecca Oct 23 '16
I use recaptcha and have had zero spam bots since the site has been up (January this year). 


I also use the Trashmail blocker plugin, but according to its logs, it's never been needed so far to block any trash mail. 

#4
OW-Ghost
OW-Ghost Oct 23 '16
I did use one recaptcha but that one was integrated with google and was not good if you was use several language on you website. 


now i sue skadates recaptcha but i not sure that one is good

i do not know if daves recaptcha support many languages?


If you want stop fake accounts spammers then i suggest the fingerprint plugin in oxwall store, it will stop them for sign up for a new account. the plugin is in beta mode now and some bugs need too bee fixed


here is the link https://developers.oxwall.com/store/item/1344

The Forum post is edited by OW-Ghost Oct 23 '16
#5
dave Leader
dave Oct 23 '16
Yes my ultimate captcha supports all languages suppored by recaptcha, also i have updated it to change the recaptcha language if the user changes the language of the site as well.  The best thing is that you have 4 captchas in one plugin.  But any kind of special captcha will work as long as the user has to think about the answer and/or interact with the site meaning that they look at a page to get a clue then go back and answer the question. 
#6
ross Team
ross Oct 24 '16
https://developers.oxwall.com/forum/topic/11284
#7
dave Leader
dave Oct 24 '16
+1 ross, 


However be carefull with watchdog, the table is huge and i mean really huge. If you ever have to restore your site and the watchdog table you will need to restore it in sections with multiple queries because its so huge. If you try it with one query it will more than likely fail. 
Also it takes up alot of resources as well.   

#8
OW-Ghost
OW-Ghost Oct 24 '16
+1 dave 


Maybe i will try your ultimate captcha plugin, then it is first time i buy a plugin from you :))


But i would like know if i have 1 of this 4 captcha in my skadate website already and maybe that captcha is okey to use...i think only skalfa can answer that.


My skadate captcha look like this screen shot..


The Forum post is edited by OW-Ghost Oct 24 '16
Attachments:
  screen 1.png (11Kb)
#9
dave Leader
dave Oct 24 '16
that is the default captcha, same on oxwall. 
#10
OW-Ghost
OW-Ghost Oct 24 '16
is the default captcha no good dave? just asking because i see you put very much effort create 4 others in your plugin at the store.


I have one question more:


I have this watchdog plugin installed now and there is not history when it prevent someone from join you website only realtime you can see and who have time for look that everyday.


So my question is maybe little off topic what picture or page will they who this plugin prevent for join see when they are not able to sign up?



The Forum post is edited by OW-Ghost Oct 24 '16
#11
dave Leader
dave Oct 24 '16
I have never actually used watchdog sorry, my only experience with it was trying to help a customer and thats how i know that stuff, but i have never see it or used it. 


The default captcha style was beaten just after it was released in the industry, no its not that good, bots can get past it quite easily.  It is there as a "better than nothing" deal. 

#12
OW-Ghost
OW-Ghost Oct 24 '16
Ahaaa i understand now dave.


My question then must bee why have not skadate or oxwall update this deafult captcha to better one for 2 years? or is to longer?


Anyways then i will go ahead and try use your plugin if it is supports many languages as you was told


thanks dave

#13
dave Leader
dave Oct 24 '16
Your welcome, and i dont know why Oxwall or Skadate does not do this.  I assume that it is because just like other features are left to store plugins to accomplish. 
#14
Oxwall Türkiye
Oxwall Türkiye Oct 26 '16

This must be helpless as the website owner

I see that as a user Oxwall

Oxwall demonstrate their exploitation in a very simple issue

Can provide the solution by adding a very simple coding for such a system

dont no providing solutions that Oxwall

Now I see that provided a simple plug-in control Above all Oxwall

This control system can break, but this time could show instability

Not too late for that

Oxwall team needs to add an emergency must complete 2 missing

1 show user IP (Admin)

2 User IP warning (should you delete logged in 3 months following the entry into the system)


Oxwall base is maintained based on 2 peopleIf you click on the same page, which shows the results.Make sure people use Facebook to include ranking 3rdI-friend-a friend of a friend.Let me give an example of a group Group page is seen in all media queriesMy private group only got to look around me.Widgets last login feature in the foregroundemanation of real-known throughout the worldAll sites that are not scoring system shows the most recent entry-representation vote-rated.I think humor should make some changes in the residual OxwallCan not be limited as much a process with plug-ins.A lot of attention because it is in use Oxwall prfoyonel part of the country.non-professionals is very difficult to see in this case.not complex but difficult platform. Deficiencies should be remedied.

#15
dave Leader
dave Oct 26 '16
Oxwall Turkiye, you do realize there are social scripts out there that dont even have a basic captcha.  So even the basic captcha is good compared to that, it is better than nothing at all.  Oxwall is not exploiting anything or anyone, the script is well advertised what it comes with and that anything extra is done by plugins.  As far as the rest of your message im sorry but i dont understand it.  :)
#16
OW-Ghost
OW-Ghost Oct 27 '16
I have try recaptcha V2 and i think still bot pass it?i see bot sign up with email with underscore
The Forum post is edited by OW-Ghost Oct 27 '16
#17
dave Leader
dave Oct 27 '16
Then you will need to use a question captcha. Make sure in your questions that you do not ask anything that bots can learn online.  A good one is to ask stuff that they have to use reasoning to answer, or to use something they have to look on the site to see.  Such as asking about an image on the page or even a different page. 


Also try the slide captcha, its also a great choice.  Not the old one but the new one that i use in my plugin. The old one was already beaten, and use a numeric value or use the reverse slide.  If all of those fail then it means that you have a bug or a exploit or something going on where they can bypass the captcha.

The Forum post is edited by dave Oct 27 '16
#18
OW-Ghost
OW-Ghost Oct 27 '16
i think i have a exploit. but not sure how to find it?


what captcha do you use dave? can you make them in order best protection 1-4 

The Forum post is edited by OW-Ghost Oct 27 '16
#19
dave Leader
dave Oct 27 '16
You can ask your hosting company for help, maybe have them run a virus scan on your files or you can do it if you have the access to the virus checker in cpanel.  They may also be able to give you some hints as to what to try to narrow it down.   You might try registering yourself as a test to see if everything works as it should.  Also maybe replace the core files in case they have changed something.  There are lots of options and i dont know it all.  
#20
Pages: 1 2 »
Start | Demo | About | Policies & Licenses | Blog | Contact Us | Oxwall Foundation | Roadmap | Developer Central | Oxwall hosting | Contribute | Partners | Donation | Community software | Dating software
© Copyright Oxwall Software
Oxwall Community Software