Sabre permitting spam registrations
I find I’m getting several spam registrations every day. It could be these are from individuals who are filling out the registration info, but the amount of registrations uncaught is large & clearly spammy.
Any way of heightening security settings to catch these?
Also, any possibility of allowing user to add spam email addresses or IP addresses on black list which have previously tried to register?
The plugin author appears to have stopped posting here about 8 months ago. Does anyone know if he’s still maintaining the plugin & how to contact him? His own website doesn’t permit registration or commenting so there’s no way for me to contact him in that way.
I took the liberty of updating a few things in the plugin including what I think is causing this error. I’d be surprised if the plugin was actually doing anything for you previously, because it wasn’t able to create the necessary MySQL tables. Hopefully this updated version will allow you to stop spam dead.
I really wanted to use it and the developer seems to have disappeared. If he ever comes back, I’ll be happy to remove my link:
I’ve updated it a couple times for various things, so I just tacked another .2 onto the end of the version number.
I’ve fixed the MySQL table creation error by removing the deprecated TYPE option.
I’ve also fixed the DNS blacklist issues. The queries worked, but they would return false positives. I replaced zen.spamhaus.org with the two correct servers: sbl.spamhaus.org and xbl.spamhaus.org.
I also updated the gethostbyname logic to prevent false positives. It will only show the banned ip error if one of the proper DNS blacklist servers recognizes the IP address.
I don’t have much time to maintain a plugin, but I did fix what wasn’t working for me — and what most people are complaining about on here. I cannot guarantee that I’ll be able to fix any other issues as I seldom have time to visit the forums.
Thanks for clarifying that the plugin had stopped working. Too bad the author has abandoned it without letting anyone know.
I’m glad to know that the updated plugin might stop these spam registrations. I’ll upgrade and let you know how it goes. THanks for taking the time to do this & share it here.
It didn’t appear to work any differently for me. I uploaded the new version. But within hours I got another spam registration. So I’ve changed the setting so that I manually approve all registrations, which is a drag.
I also tried a different plugin that addresses the same issues, but it too wasn’t doing any better in stopping the spam registrations.
Thanks for trying.
There are scores of settings. Are there any in particular you want to know?
Here are the Captcha options:
Enable captcha test: Y
Use white background: N
String length: 6
Number of polygons: 3
Number of ellipses: 6
Number of lines: 2
Number of dots: 2
Min. thickness: 2
Max. thickness: 8
Min. radius: 5
Max. radius: 15
Object alpha: 70
Text captcha options
Sequence of tests
Particularly the stealth options. I haven’t had any spam registrations since I fixed this… ymmv.
Enable stealth test – checked
Session time out – 300
Speed limit – 3
Check DNS Blacklists: – checked
Those options are why I wanted this plugin to work in the first place – spam prevention without a user-required captcha.
Enable stealth test: On (Turn silent control on/off)
Session time out: 120
Speed limit: 8
Check DNS Blacklists: Y
Interesting. Can you verify that sabre table is installed in the mysql database?
Yes, I do see it under Phpmyadmin->SQL
There is a Sabre table listed.
Then that’s as far as I go, you must be getting more spam traffic than I am. Sorry.
Thanks for trying. If I might ask you a separate, but related question. This registration appears from what I can tell to be legit:
julius nehorai julius at nehorai.eu 22.214.171.124 2013-01-28 02:01:54 323
13839 julius nehorai julius at nehorai.eu 126.96.36.199 2013-01-28 01:58:44 323
But the same person also had 2 failures to register:
13840 julius nehorai julius at nehorai.eu 188.8.131.52 2013-01-28 01:59:15 Invalid code.
13838 julius nehorai julius at nehorai.eu 184.108.40.206 2013-01-28 01:58:05 Invalid code.
Would this be suspicious to you? And why is he failing to register twice & then succeeding in registering twice?
By forcing registration to be done manually am I losing another aspect of protection that I’d have if those registering needed to confirm registration themselves?
I’m not sure. Those look suspicious to me. If you enable user confirmation that can also reduce spam registrations at the expense of making real people click a link in their email. Some bots are smart enough to do that as well.
Enable confirmation – checked
Number of days – 1
Deny early sign-in – checked
Send mail when confirmed – only if you care
Suppress unregistered users – checked
I checked the ip on the DNS blacklists. It’s not on there, so it could just be someone getting paid two cents an hour to spam international pharmacy advertisements.
- The topic ‘Sabre permitting spam registrations’ is closed to new replies.