·
Added a discussion

On my website, several tons of spammers want to register new malicious accounts every day! I think everyone's website should be the same.

In the dolphin system, you can search the "join.php" in Apache's access_log, you will see a lot of logs... spammers want to register new account records...

In the UNA system, you can search the "page.php" in Apache's access_log,

cyq9bqtjnfqxnqbjkdbmrtjn6xjr9dlq.jpguun8afrew8fnapprqzqdth49ya2cjzai.jpg

How do we completely prevent, block and kill spammers?

observe the access_log record, you will see that all spammers will not browse your website, like your website, spammers just want to register a new account!

Well, You know, spammers will directly open the registration page and paste random registration information...

so we just add this code in front of join.php for Dolphin 7.4.2:

/**

 * Copyright (c) BoonEx Pty Limited - http://www.boonex.com/

 * CC-BY License - http://creativecommons.org/licenses/by/3.0/

 */

define('BX_JOIN_PAGE', 1);

require_once('check-url.php');


check-url.php :

if (!isset($_SERVER['HTTP_REFERER']) || substr($_SERVER['HTTP_REFERER'], 12, 7) != 'insoler') {

    echo '< html >

    < meta http-equiv="Content-Type" content="text/html; charset=UTF-8" / >

    < body >Hello World< /body > //You can put any welcome words

    < /html >';

    exit;

}


as long as spammers don't visit your website and directly open the registration page, they would only see a blank page with "Hello World" only!

This code will not affect the real "human" at all !

Why is 99.99% not 100% ?

Well, You know, even if spammers have hands, they can still use their hands to manually register a new account, post spam by manually...

My site is 100% no spammers for more than 8 years!

Need a demo?

Please go to my website :

https://www.insoler.com/

or  try this please :

https://www.insoler.com/join.php

  • 2358
Comments
    • interesting, so it checks referrer and only displays the join form if you have a valid one?  

      • So how do I change this to UNA?

        • Sorry, I forgot to write UNA.

          1. open this file:

          template/scripts/BxBaseServiceAccount.php

          2. Try to add this code:

              public function serviceCreateAccountForm ($aParams = array())

              {

                  if (isLogged() && 'create-account' == bx_get('i')){

                      header('Location: ' . BX_DOL_URL_ROOT);

                      exit;

                  }

                  

                  if (isset($_SERVER['HTTP_REFERER']) && 0 === mb_stripos($_SERVER['HTTP_REFERER'], BX_DOL_URL_ROOT)) { // remember referrer

                      

                      $sJoinReferrer = $_SERVER['HTTP_REFERER'];

                      $aNoRelocatePages = array('forgot-password', 'login', 'create-account', 'logout');

                      foreach ($aNoRelocatePages as $s) {

                          if (false !== mb_stripos($sJoinReferrer, $s)) {

                              $sJoinReferrer = '';

                              break;

                          }

                      }   

                      if ($sJoinReferrer)

                          BxDolSession::getInstance()->setValue('join-referrer', $sJoinReferrer);

                  }

                  elseif (!isset($_SERVER['HTTP_REFERER']) || substr($_SERVER['HTTP_REFERER'], 12, 7) != 'insoler') {

           {

              echo '< html >

              < meta http-equiv="Content-Type" content="text/html; charset=UTF-8" / >

              < body >Hello World< /body > //You can put any welcome words

              < /html >';

              exit;

                  }

          I have not tested "remember referrer" function by now...

          • Yes, because spammers will not browse any page of your website, even the homepage, they just want to register a new account on the registration page.

            • or u can use cloudflare and prevent it by captcha, ip etc. much easier 

              Login or Join to comment.