Anonymous,

Please Login or Register
Download Nuke Evolution Xtreme today for a CMS you can enjoy using and sharing with your friends!
[ Download Now ]
Forum Index  ·  Search  ·  Usergroups  ·  Edit your profile  ·  Members  ·  Login, Check Messages
Arcade  ·  Ranks  ·  Staff  ·  Statistics  ·  Board Rules  ·  Forum FAQ  ·  Log in

Search for at
Evolution-Xtreme Advanced Search


+  
Latest Site News   Next 5 >>  
 Forum   Author   Replies   Last Post 
File Repository 1.0.0 Released Announcements! Lonestar 0 Tue Apr 26, 2016 6:44 am
Lonestar View latest post
Image Repository Released Announcements! Lonestar 1 Mon Oct 27, 2014 7:39 pm
Lonestar View latest post
So what happened to us? Announcements! SgtLegend 0 Tue May 06, 2014 12:32 am
SgtLegend View latest post
[PROGRESS] Nuke Evolution Xtreme 2.0.9e Announcements! SgtLegend 2 Sun May 27, 2012 6:25 pm
SgtLegend View latest post
European Cookie Law Announcements! SgtLegend 0 Sat May 26, 2012 7:33 am
SgtLegend View latest post
   
Recent Topics   Next 15 >>  
 Forum   Author   Replies   Last Post 
Evo staff looking for some volunteers. Community Announcements coRpSE 20 Thu Jul 02, 2015 9:19 am
Depresjon2 View latest post
Evo Xtreme 2.0.9D Updated for PHP 5.6 General Support coRpSE 115 Fri Jan 20, 2017 7:01 pm
coRpSE View latest post
[ MOD ] - Honeypot V2.2 AntiBot Module Security coRpSE 106 Tue Nov 22, 2016 11:30 am
coRpSE View latest post
Possible new Admin area layout Comments and Suggestions Lonestar 18 Wed Sep 14, 2016 11:37 am
Blackou View latest post
jQuery update General Support Lonestar 2 Wed May 11, 2016 4:49 pm
Charles64 View latest post
Deutsche Sprachdatei - german language files German DT50R 7 Thu Jan 28, 2016 7:04 am
DT50R View latest post
[FIX] Correct Cookie Settings (Invalid Session Error) Quick fixes killigan 110 Fri Mar 20, 2015 1:06 pm
Macdaddy View latest post
Arcade General Support Reaper2388 59 Sun Feb 26, 2017 7:13 pm
pholix View latest post
all blocks General Support Worfwarrior 6 Sat Feb 25, 2017 4:41 pm
coRpSE View latest post
[RESOLVED] Error in receiving Private Messages Quick fixes washbucket 1 Mon Feb 20, 2017 7:24 pm
washbucket View latest post
Shoutbox over forums, & Avitars in Shoutbox!!!!!! Quick fixes Ruphus 27 Sun Feb 19, 2017 7:16 am
airsteam View latest post
Error mysql Install airsteam 6 Wed Feb 15, 2017 12:26 pm
airsteam View latest post
Out of the box working Nuke Evolution Extreme Package? General Support scottham73 1 Tue Jan 31, 2017 12:16 pm
Lonestar View latest post
Question about head code General Support hercountrybuck 9 Mon Jan 30, 2017 5:43 pm
coRpSE View latest post
smilies error when writing a pm Quick fixes illusions 0 Sun Jan 29, 2017 8:53 pm
illusions View latest post

[ MOD ] - Honeypot V2.2 AntiBot Module
Goto page : 1, 2, 3, 4, 5, 6, 7, 8  Next
 
Post new topic    Reply to topic    printer-friendly view   Thank Post    Evolution-Xtreme Forum Index -> Security
View previous topic :: View next topic  
Author Message
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Sun Mar 31, 2013 8:36 pm Post subject: No icon [ MOD ] - Honeypot V2.2 AntiBot Module Reply with quote

 

 
 This  release  is  the  latest  release  of  the  Nuke  HoneyPot  for  Nuke  Evolution.  There  are  a  total  of  8  checks  this  system  performs  before  the  person  can  register  on  your  site.  This  system  is  designed  for  1  thing  and  1  thing  only,  and  that  is  to  keep  pesky  spam  bots  off  of  your  site  and  keep  our  sites  free  and  clear  from  the  bots.
 
 This  release  is  version  2.2.  I  started  a  new  thread  because  the  other  one  was  getting  a  bit  cluttered  and  I  figured  I  would  start  fresh  with  this  system.  The  key  features,  (checks),  of  this  module  is  as  follows:
 
 
  1. Hidden  Question  Check  -  This  is  a  hidden  check  using  JavaScript  to  hide  it  to  hopefully  trick  a  bot  to  answer  and  get  caught.
     
  2. Text  Removal  Check  -  This  has  a  form  field  with  the  text  of  "DELETE  THIS  TEXT"  and  the  new  user  needs  to  just  delete  that  text.
     
  3. Time  Submit  Check  -  If  they  click  submit  before  the  timer  is  finished,  it  marks  them  as  a  bot.  Default  is  15  seconds  which  is  about  the  amount  of  time  it  should  take  to  submit,  but  is  configurable.
     
  4. Custom  Question  Check  -  This  is  popular  with  the  phpbb  guys  as  it  allows  you  to  create  a  custom  question  and  answer  check.
     
  5. Local  Blacklist  -  If  the  person  fails  X  amount  of  times  and  that  X  is  greater  than  the  value  you  set,  it  wont  allow  them  to  register.
     
  6. SFS  API  -  Use  the  Stop  ForumSpam.com  API  to  check  email  or  IP.
     
  7. BotScout  API  -  Use  the  Stop  botscout  API  to  check  email  or  IP.
     
  8. FSpamlist  API  -  Use  the  Stop  FSpamlist  API  to  check  email  or  IP.
     

 
 With  this  latest  version,  we  also  introduce  a  new  statistics  page  to  display  what  system  is  working  more  efficient.  Also  added  is  now  country  flags  next  to  the  IP's  along  with  a  mouseover  that  allows  you  to  see  the  country  name.  Few  other  small  bugs  fixed  to  allow  the  system  to  work  more  efficient.
 
 Updated  flash.js  thanks  to  SgtLegend.
 9/10/2014

 
 Updated  the  way  the  system  checked  your  version  and  grabbed  the  change  log.  Changed  it  from  reading  two  .txt  files,  to  reading  a  single  XML  file.  I  also  re-wrote  the  CUrl  system  for  it  was  not  working  correctly,  so  went  through  and  revamped  that.
 10/12/2014

 
 rewrote  that  admin  side  a  bit,  removed  some  javascipt  and  replaced  with  CSS  and  jQuery.
 12/28/2014

 
 UPDATE  02/02/2015
 If  you  are  running  version  2.1  already  prior  to  today,  February  5,  2015,  then  download  the  version  2.1  from  here  and  upload  ONLY  the  public_html/admin/modules/honeypot.php  into  the  public_html/admin/modules/  folder.  That  is  it.
 
 UPDATE  10/22/2016
 Update  version  2.2  -  added  in  a  new  section,  displays  some  basic  statistics  of  the  Honeypot  and  what  section  is  doing  most  of  the  work.  Also  fixed  a  few  bugs  in  the  system  to  make  it  more  efficient.  

 
 Watch  this  video  for  more  info  on  how  the  Honeypot  works.  
 
                   
  [Watch  On  YouTube]
 

 
 Download  the  script  and  follow  the  readme.
 
 

 
 
Please,  if  you  like  this  project,  please  write  a  review.
 

 
 
 Download  below  or  download  from  my  site:
 http://www.headshotdomain.net/modules.php?name=File_Repository&action=view&did=15
 
 

 EDIT:
 It  was  reported  there  was  a  bug  that  was  reintroduced,  (whoops),  so  I  go  over  how  to  fix  it  if  you  installed  Version  2.2  prior  to  today,  Oct  30th,  2016.  
 http://evolution-xtreme.com/modules.php?name=Forums&file=viewtopic&p=45232#45232


Last edited by coRpSE on Sun Oct 30, 2016 1:45 pm; edited 38 times in total
Back to top
View user's profile Send private message Visit poster's website
SgtLegend
Site Admin
Site Admin
Lead Developer
Lead Developer
DFG Developer
DFG Developer



Gender: Gender:Male
Joined: Oct 11, 2008
Age: 25
Posts: 5169
Location: Australia
Reputation: 616.1
votes: 27
australia.png


Status: Offline
Web Control Panel: WHM
PostPosted: Mon Apr 01, 2013 12:25 am Post subject: No icon Re: Nuke Honeypot Reply with quote

 Nice  work  coRpSE,
 
 The  only  thing  that  I  could  see  that  could  be  improved  was  the  JavaScript,  in  your  code  you  have  a  self  executing  anonymous  function  wrapping  a  getElementById  statement  which  doesn't  need  to  be  there  since  the  element  exists  directly  before  the  code,  pretty  much  it  just  needs  to  be:
 
 
                                                 
Code:                
<script  type="text/javascript">
      var  e  =  document.getElementById('noninfo');
      e.parentNode.removeChild(e);
 </script>                

 
 The  other  thing  I  found  was  that  the  countdown  timer  was  a  bit  verbose  in  terms  of  how  it  accomplished  the  final  result  for  when  a  user  could  click  the  "Continue"  button,  see  the  below.
 
 
 
 Apart  from  that  I  think  its  quite  a  unique  way  of  determining  whether  the  visitor  is  a  BOT  or  not  and  another  move  in  the  direction  of  stopping  them  for  good.
Back to top
View user's profile Send private message Visit poster's website
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Mon Apr 01, 2013 3:14 am Post subject: No icon Re: Nuke Honeypot Reply with quote

 Thanks  for  the  input  on  the  JS,  its  still  somewhat  new  to  me.  I  did  make  the  changes  to  the  first  part,  but  as  the  countdown  time  changes,  I  tested  that  and  it  does  not  work.  
 
 I  just  been  really  been  getting  hit  on  my  site  lately  and  captcha's  and  the  emails  just  was  not  enough.  So  I  started  researching  on  what  other  ways  others  have  been  combating  bots  registering  on  their  sites  and  there  are  many  different  ways,  but  something  that  caught  my  eye  was  the  honeypot  that  people  have  been  doing  for  their  site.  My  big  issue  with  how  they  were  hiding  it  was  putting  in  hidden  for  the  type,  
 
 Example:  <input  type='hidden'
 
 which  I  have  found  that  allot  of  bots  are  now  being  a  bit  more  creative  and  being  able  to  avoid  that.  Then  I  thought  about  using  CSS  but  the  problem  with  that  is  I  did  not  want  to  include  any  files,  also  I  wanted  to  keep  it  with  as  little  edits  that  were  necessary.
Back to top
View user's profile Send private message Visit poster's website
Sponsor
phpstorm.jpg
SgtLegend
Site Admin
Site Admin
Lead Developer
Lead Developer
DFG Developer
DFG Developer



Gender: Gender:Male
Joined: Oct 11, 2008
Age: 25
Posts: 5169
Location: Australia
Reputation: 616.1
votes: 27
australia.png


Status: Offline
Web Control Panel: WHM
PostPosted: Mon Apr 01, 2013 7:30 am Post subject: No icon Re: Nuke Honeypot Reply with quote

 lol,  my  bad.  I  gave  the  function  the  same  name  as  the  variable  for  the  element,  should  be  fixed  now.
Back to top
View user's profile Send private message Visit poster's website
Malius



Gender: Gender:Male
Joined: Nov 28, 2009
Posts: 320
Location: North Dakota
Reputation: 44
votes: 1
usa.png


Status: Offline
PostPosted: Mon Apr 01, 2013 12:19 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

 Should  we  make  these  edits?
Back to top
View user's profile Send private message Visit poster's website
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Mon Apr 01, 2013 7:57 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

 Thanks,  works  like  a  charm.  I  updated  the  readme  install  with  the  changes.  I  hope  with  these  changes  along  with  the  other  stuff  from  the  other  anti  spam  add-ons  I  was  able  to  incorporate,  and  utilize  the  features  of  ZBBlock  to  help  give  a  little  more  protection  from  bots  and  hackers.
Back to top
View user's profile Send private message Visit poster's website
Sponsor
phpstorm.jpg
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Tue Apr 02, 2013 6:40 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

                                                   
bbmalius  wrote  (View  Post):                
Should  we  make  these  edits?                

 
 you  can,  If  your  unsure  where  to  put  them,  then  download  the  latest  readme  for  I  put  in  the  new  edits  and  just  overwrite  the  old  edits.
Back to top
View user's profile Send private message Visit poster's website
Malius



Gender: Gender:Male
Joined: Nov 28, 2009
Posts: 320
Location: North Dakota
Reputation: 44
votes: 1
usa.png


Status: Offline
PostPosted: Tue Apr 02, 2013 9:25 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

 yeah  i  did  works  good,  thanks  for  the  effort  ....
Back to top
View user's profile Send private message Visit poster's website
Teo



Gender: Gender:Male
Joined: Jul 17, 2009
Age: 35
Posts: 491
Location: In your GF's bed!!
Reputation: 70.2
votes: 3
italy.png


Status: Offline
PostPosted: Wed Apr 03, 2013 12:44 am Post subject: No icon Re: Nuke Honeypot Reply with quote

 yes,  it's  perfect.  I  have  it  working  on  my  site.  nice  work  coRpSE.
Back to top
View user's profile Send private message Visit poster's website Visit member's Facebook: 232833186770739
Sponsor
phpstorm.jpg
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Sun Apr 14, 2013 9:07 am Post subject: No icon Re: Nuke Honeypot Reply with quote

                                                   
Teo  wrote  (View  Post):                
yes,  it's  perfect.  I  have  it  working  on  my  site.  nice  work  coRpSE.                

 
 Thanks,  SgtLegend  helped  clean  up  the  JS  for  me,  so  some  credit  needs  to  go  to  him.  All  I  did  was  research  what  others  were  doing  and  scripted  my  own  and  after  watching  a  video  on  youtube  on  how  fast  those  spammers  register  on  a  site  using  their  programs,  sparked  the  idea  of  putting  a  time  limit  in.
Back to top
View user's profile Send private message Visit poster's website
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Sun May 05, 2013 1:00 am Post subject: No icon Re: Nuke Honeypot Reply with quote

 Okay,  today,  I  had  added  a  new  feature.  I  also  have  cleaned  up  some  coding  issues  I  had  discovered  was  wrong  compared  to  RavenNuke.  Evo  uses  tables  and  RN  just  uses  Paragraphs.  So  I  fixed  that  within  the  coding.
 
 With  updating,  if  you  already  have  this,  then  I  recommend  just  overwriting  all  the  old  edits  with  the  new  edits.
 
 Now,  the  new  feature  Basically,  this  new  feature  I  did  will  add  a  new  step  for  new  users  to  prove  they  are  human.  It  is  very  simple  to  do.  Basically,  this  is  a  input  field  like  any  other  question,  but  it  has  one  difference.  That  difference  is  that  it  is  pre-filled  in  for  you  with  a  message,  "Delete  All  Of  This  Text!".  Off  to  the  left  of  the  input  is  the  word  "A  n  t  i  B  o  t:".  
 
 Well  here  is  how  the  scripts  work.  Mind  you  that  I  am  not  going  to  put  all  the  coding  because  well,  its  not  all  needed,  it  in  the  readme  for  you  to  test  and  put  on  your  site.
 
 In  the  new_user#.php,  the  #  means  what  ever  one  the  site  uses,  1,2,  or  3,  I  have  a  input  field  that  looks  like  this,  
 
 
                                                 
Code:                
echo  "<tr><td  bgcolor='$bgcolor2'><div  class=\"textbold\"  id=\"blink\"><font  color=\"FF0000\">A  n  t  i  B  o  t:  *</font></div></td><td  bgcolor='$bgcolor1'><input  name=\"company\"  type=\"text\"  size=\"23\"  value=\"Delete  All  Of  This  Text!\">&nbsp;<span  class='tiny'>"._REQUIRED."</span>                

 
 which  is  using  jquery  to  flash  the  "A  n  t  i  B  o  t",  but  that's  not  important,,  but  with  the  input,  you  can  see  that  I  gave  it  a  name  value  of  "company",  but  then  I  have  it  the  value  of  "Delete  All  Of  This  Text!".  so  basically,  it  automatically  put  in  the  words,  "Delete  All  Of  This  Text!"  for  you,  but  what  I  am  hoping  the  bot  will  see  is  that  it  has  the  name  for  "company"  and  possibly  try  filling  it  in  with  a  company  name,  If  it  doesn't,  no  biggie,  I  doubt  it  will  know  to  delete  the  message  that  has  been  automatically  entered  for  it.
 
 Well,  the  next  phase  of  this  bot  is  after  they  submit  it.  they  go  to  the  confirm#.php  file  and  like  the  others,  it  does  a  check.
 
 
                                                 
Code:                
        $botblock2  =  $_POST["company"];
         if  (!empty($botblock2))  {                

 
 With  that,  it  grabs  the  info  from  the  other  page,  "company",  and  it  checks  to  see  if  it  is  empty.  If  it  is  not  empty,  then  it  proceeds  to  the  error  message.
 
 By  using  !empty  instead  of  empty,  it  will  make  it  as  false,  its  not  empty  and  display  the  error  message.  Well,  I  had  a  few  people  take  a  look  at  it.  5STAR,  Noto  from  clan  themes,  and  Malius,  and  they  all  asked  the  same  question,  "What  if  they  forget  to  delete  the  message  or  input  there  own  answer.  Well  its  simple  actually.  It  will  display  a  error  message  that  looks  like  this,
 
 
                                                 
Code:                
echo  "<div  align=\"left\">You  failed  the  bot  test!<br  />You  should  have  deleted<br  /><div  id=\"blink\"><H2>$botblock2</H2></div><br  />  and  left  it  blank!  <br>Go  back  and  try  again.</div>";                
 
 
 so  if  they  did  not  delete  the  per-defined  message  that  I  gave  it,  "Delete  All  Of  This  Text!",  the  the  error  message  will  look  something  like  this,
 
 
                                                 
Quote:                

 You  failed  the  bot  test!
 You  should  have  deleted
 Delete  All  Of  This  Text!
 
 
 and  left  it  blank!  
 Go  back  and  try  again.
                 

 
 and  the  message  that  they  put  in  or  forgot  to  remove  will  be  flashing.  In  this  case  it  would  be  "Delete  All  Of  This  Text!".  Overall  after  many  threads,  post,  sites  and  what  not  that  are  about  blocking  bots.  I  have  not  found  anything  new.  So  I  was  thinking,  what  can  be  done  and  I  been  thinking  about  this  for  the  past  month  since  i  did  the  original  script.  Well,  this  came   to  me  when  i  was  on  my  site  and  I  just  happen  to  click  the  TS3  connect  button  on  my  site  and  I  saw  that  I  did  the  pre-defined  input  box  that  was  for  the  password  and  it  just  came  to  me.  To  me,  this  is  just  a  added  step  again  towards  stopping  bots  for  good,  well  till  someone  re-writes  them  on  these  new  techniques.  
 
 Let  me  know  what  you  think  and  if  you  want  to  see  it  in  action,  feel  free  to  go  to  my  test  site.  Link  is  in  the  first  post.  Enjoy...
Back to top
View user's profile Send private message Visit poster's website
Malius



Gender: Gender:Male
Joined: Nov 28, 2009
Posts: 320
Location: North Dakota
Reputation: 44
votes: 1
usa.png


Status: Offline
PostPosted: Sun May 05, 2013 12:12 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

 Nice  man  ill  do  this  this  weekend  ..  good  work  Corpse..
Back to top
View user's profile Send private message Visit poster's website
Sponsor
phpstorm.jpg
5STAR
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 31, 2008
Age: 51
Posts: 613
Location: Missouri
Reputation: 80.1
votes: 4
usa.png


Status: Offline
Web Control Panel: 11.50.0 (build 0)
PostPosted: Sun May 05, 2013 5:16 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

 Very  very  cleaver  Dread,  wondering  if  we  can  turn  off  the  activation  email  now?
 
 Of  all  the  sites  I  have  registered  over  the  yrs,  I  have  never  seen  this.  Could  be  a  great  breakthrough  for  combating  the  bots.
Back to top
View user's profile Send private message Visit poster's website Visit member's Facebook: 264037510283291
coRpSE
Xtreme Developer
Xtreme Developer
Site Admin
Site Admin
Support Team
Support Team



Gender: Gender:Male
Joined: Dec 24, 2008
Age: 36
Posts: 1332
Location: Back of your mind!!!
Reputation: 183.5
votes: 10
usa.png


Status: Offline
Web Control Panel: 11.42.0 (build 23)
PostPosted: Sun May 05, 2013 7:39 pm Post subject: No icon Re: Nuke Honeypot Reply with quote

 Thanks.  like  I  said  I  have  never  seen  this  technique  and  I  am  not  positive  if  it  will  work.  I  don't  believe  bots  are  designed  to  clear  out  pre-filled  info  as  far  as  I  have  seen.  Overall,  I  don't  recommend  turning  off  Email  confirmation  for  that  would  be  just  turning  off  a  added  security.
 
 For  those  that  are  just  reading  this  post  here:  take  a  look  at  my  last  post  above  and  you  will  see  what  they  are  talking  about  with  the  new  feature  of  the  Honeypot  that  I  have  developed.
 http://www.evolution-xtreme.com/modules.php?name=Forums&file=viewtopic&p=40448#40448
 
 As  for  the  Email  registration,  I  am  not  sure  if  there  are  any  plans  to  re-work  the  "Your_Account"  module  for  Xtreme  2.0.9E.  If  there  is  no  update,  maybe  I  will  start  trying  to  see  if  I  can  re-write  it  so  when  you  click  the  confirmation  link  in  the  email,  instead  of  bringing  you  to  the  page  that  you  have  to  finish  inputting  your  information  then  click  the  "Submit"  button  to  complete  the  registration  process,  (Which  seems  to  be  the  root  cause  of  allot  of  peoples  problems  with  new  users),  I  will  have  it  just  go  to  a  page  that  will  complete  their  registration  automatically  then  redirect  them  to  their  account  page  so  if  they  want  to,  they  can  fill  in  the  other  information.
 
 The  current  way  is  a  older  way  of  going  about  it  and  needs  a  upgrade,  plain  and  simple.  And  the  technique  I  just  talked  about  is  what  I  have  been  seeing  used  on  many  other  CMS  with  great  results  and  it  will  eliminate  that  whole  invalid  check  number  issue  when  people  mess  up  when  they  register  on  your  site  and  forget  to  complete  the  process.
 
 But  till  then,  I  highly  recommend  using  every  little  bit  of  security  to  help  protect  your  self  and  your  site.
Back to top
View user's profile Send private message Visit poster's website
SgtLegend
Site Admin
Site Admin
Lead Developer
Lead Developer
DFG Developer
DFG Developer



Gender: Gender:Male
Joined: Oct 11, 2008
Age: 25
Posts: 5169
Location: Australia
Reputation: 616.1
votes: 27
australia.png


Status: Offline
Web Control Panel: WHM
PostPosted: Mon May 06, 2013 8:42 am Post subject: No icon Re: Nuke Honeypot Reply with quote

 About  a  year  and  a  half  ago  I  started  on  something  called  Account  which  was  a  module  that  I  started  with  in  the  concept  phase  but  never  got  anywhere  with  it  due  to  other  priorities,  essentially  it  would  have  reduced  the  amount  of  spam  by  introducing  a  much  more  verbose  sign  up  system  which  would  have  included  Facebook  and  Twitter  integration  out  of  the  box  with  the  bonus  of  been  able  to  integrate  any  other  social  network  using  a  very  simple  abstract  API  layer.
 
 Since  then  I  have  moved  away  from  that  idea  to  a  much  better  one  which  would  integrate  the  user  auth  directly  into  a  self  contained  area  of  the  site  which  doesn't  use  a  module  at  all,  of  course  my  head  is  always  sparking  ideas  but  as  to  when  I  will  have  enough  time  to  code  anything  is  the  question  since  I  have  a  full  time  job  and  a  personal  life  in  between  personal  projects.
 
 For  the  minute  I  think  Xtreme  is  stable  and  works  but  of  course  spam  and  security  concerns  will  be  highlighted  until  a  more  dedicated  time  frame  can  be  set  to  reassure  the  community  of  such  concerns,  from  a  developer  perspective  I  feel  Xtreme  has  moved  the  community  forward  quite  a  number  of  steps  and  hopefully  we  will  continue  to  keep  it  alive  but  as  I  said  it  all  comes  down  to  a  matter  of  when  that  will  happen.
 
 The  best  piece  of  advice  I  can  offer  is  the  following:
 
 

     
  1. Always  use  email  authentication
     
  2. Always  check  up  on  new  users,  they  may  be  as  smart  as  a  human
     
  3. Change  your  server  cPanel  login  regularly  and  using  a  minimum  of  16  characters  with  symbols  and  numbers,  becomes  a  habit  after  a  while
     
  4. Pay  close  attention  to  your  hosting  provider,  they  should  alert  you  to  new  security  threats
     
  5. Finally  be  diligent,  don't  rely  on  your  gut  but  information  from  a  respected  resource
     
Back to top
View user's profile Send private message Visit poster's website
Sponsor
webstorm.jpg
Display posts from previous:
Post new topic  Reply to topic   printer-friendly view   Thank Post Evolution-Xtreme Forum Index ->  Security All times are UTC - 5 Hours
Goto page : 1, 2, 3, 4, 5, 6, 7, 8  Next
Page 1 of 8


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Related topics
 Topics   Replies   Author   Views   Last Post 
No new posts nuke evo basic to nuke evo xtreme 2.0.9 problem 1 Teo 2430 Fri Dec 02, 2011 5:37 am
Teo View latest post
No new posts Error Log - Module PDO already loaded 9 tsac 5519 Sat Jul 16, 2011 6:03 am
tsac View latest post
No new posts You might already use. 7 Soulkeeper 5112 Fri Apr 29, 2011 7:44 am
forgotz View latest post
No new posts Forums Header Already Sent Errors 2 ClanJC 3244 Mon Jan 17, 2011 4:12 pm
Wicked View latest post
No new posts Added multiple times to group 5 Ace1564 3299 Tue Sep 21, 2010 7:08 am
Ace1564 View latest post
 




Powered by phpBB © 2001, 2006 phpBB Group
EvoXtreme Theme by SgtLegend ©
Forums ©