On my website, several tons of spammers want to register new malicious accounts every day! I think everyone's website should be the same.
In the dolphin system, you can search the "join.php" in Apache's access_log, you will see a lot of logs... spammers want to register new account records...
In the UNA system, you can search the "page.php" in Apache's access_log,
How do we completely prevent, block and kill spammers?
observe the access_log record, you will see that all spammers will not browse your website, like your website, spammers just want to register a new account!
Well, You know, spammers will directly open the registration page and paste random registration information...
so we just add this code in front of join.php for Dolphin 7.4.2:
/**
* Copyright (c) BoonEx Pty Limited - http://www.boonex.com/
* CC-BY License - http://creativecommons.org/licenses/by/3.0/
*/
define('BX_JOIN_PAGE', 1);
require_once('check-url.php');
check-url.php :
if (!isset($_SERVER['HTTP_REFERER']) || substr($_SERVER['HTTP_REFERER'], 12, 7) != 'insoler') {
echo '< html >
< meta http-equiv="Content-Type" content="text/html; charset=UTF-8" / >
< body >Hello World< /body > //You can put any welcome words
< /html >';
exit;
}
as long as spammers don't visit your website and directly open the registration page, they would only see a blank page with "Hello World" only!
This code will not affect the real "human" at all !
Why is 99.99% not 100% ?
Well, You know, even if spammers have hands, they can still use their hands to manually register a new account, post spam by manually...
My site is 100% no spammers for more than 8 years!
Need a demo?
Please go to my website :
or try this please :
interesting, so it checks referrer and only displays the join form if you have a valid one?
So how do I change this to UNA?
Sorry, I forgot to write UNA.
1. open this file:
template/scripts/BxBaseServiceAccount.php
2. Try to add this code:
public function serviceCreateAccountForm ($aParams = array())
{
if (isLogged() && 'create-account' == bx_get('i')){
header('Location: ' . BX_DOL_URL_ROOT);
exit;
}
if (isset($_SERVER['HTTP_REFERER']) && 0 === mb_stripos($_SERVER['HTTP_REFERER'], BX_DOL_URL_ROOT)) { // remember referrer
$sJoinReferrer = $_SERVER['HTTP_REFERER'];
$aNoRelocatePages = array('forgot-password', 'login', 'create-account', 'logout');
foreach ($aNoRelocatePages as $s) {
if (false !== mb_stripos($sJoinReferrer, $s)) {
$sJoinReferrer = '';
break;
}
}
if ($sJoinReferrer)
BxDolSession::getInstance()->setValue('join-referrer', $sJoinReferrer);
}
elseif (!isset($_SERVER['HTTP_REFERER']) || substr($_SERVER['HTTP_REFERER'], 12, 7) != 'insoler') {
{
echo '< html >
< meta http-equiv="Content-Type" content="text/html; charset=UTF-8" / >
< body >Hello World< /body > //You can put any welcome words
< /html >';
exit;
}
I have not tested "remember referrer" function by now...
Yes, because spammers will not browse any page of your website, even the homepage, they just want to register a new account on the registration page.
or u can use cloudflare and prevent it by captcha, ip etc. much easier