Author Topic: SMF Forum bot attacks - login_detector patch (Read 5108 times)

krick · « **on:** March 26, 2011, 03:12:31 pm »

Saint,

Have you noticed your SMF error log filling up with invalid password login attemtps?

There's a bot attack that's been happening since January, I think. They target all forums, but I think SMF was getting the worst of it. It was hitting my forums pretty hard. Not only does it eat up server resources, it also kicks your users out and causes them to have to log in again.

Anyway, you probably want to install the "login_detector" patch from here (I've also attached it to this post) which pretty much neutralizes the bots login attempts...

http://www.simplemachines.org/community/index.php?topic=416928.msg2960115#msg2960115

saint · « **Reply #1 on:** March 26, 2011, 04:29:31 pm »

Thanks Krick - I did. I disabled the forgotten password link because of it. I'll check out the patch, much appreciate d:)

krick · « **Reply #2 on:** March 26, 2011, 08:03:16 pm »

When the bot attacks initially started, I tried everything to stop them, including a giant .htaccess deny list.

Then Arantor posted his little patch, which worked like magic so I abandoned the deny list.

The only other anti-bot mod that I'm using at the moment is the Anti-Spam Verification Questions for SMF mod. This is to prevent automated account registration.

The only hard part is thinking up a tricky question that is easy for your users but hard for bots/spammers to guess.

BigJon · « **Reply #3 on:** April 08, 2011, 01:33:38 pm »

I'll have to consider these mods...I run an SMF forum as well and have been getting hit hard by spam bots. I installed "Bad Behavior" about 2 weeks ago and the attacks seem to be leveling off a bit.

krick · « **Reply #4 on:** April 08, 2011, 02:12:26 pm »

The login_detector patch is only a couple of lines of code and it works like a charm against the recent bot-net attacks.

Read the thread on the SMF community forum and you see lots of happy users.

As far as other mods go, I used to use reCAPTCHA and the Stop Forum Spam mods but they really didn't seem to be very effective so I removed them both.

The best I've found is the verification questions mod. If you come up with good questions, it stops spammers in their tracks. Incidentally, I think that verification questions are a standard feature in SMF 2.0 (currently RC5, I think).

krick · « **Reply #5 on:** April 27, 2011, 05:23:26 pm »

Quote from: saint on March 26, 2011, 04:29:31 pm

Thanks Krick - I did. I disabled the forgotten password link because of it. I'll check out the patch, much appreciate d:)

Did you end up ever installing the patch?

ark_ader · « **Reply #6 on:** June 04, 2011, 10:57:49 am »

I installed SMF for a college project, and I got spammed to death.

Thanks for the patch, I had to disable forum posts until I had a solution.

Funny thing is, I came in here hoping to solve this very same issue.

Thanks again!


Main	Restorations	Software	Audio/Jukebox/MP3	Everything Else	Buy/Sell/Trade
Project Announcements	Monitor/Video	GroovyMAME	Merit/JVL Touchscreen	Meet Up	Retail Vendors
Driving & Racing	Woodworking	Software Support Forums	Consoles	Project Arcade	Reviews
Automated Projects	Artwork	Frontend Support Forums	Pinball	Forum Discussion	Old Boards
Raspberry Pi & Dev Board	controls.dat	Linux	Miscellaneous Arcade	Wiki Discussion	Old Archives
Lightguns	Arcade1Up	Try the site in https mode		Site News


Unread posts \| New Replies \| Recent posts \| Rules \| Chatroom \| Wiki \| File Repository \| RSS \| Submit news

Author Topic: SMF Forum bot attacks - login_detector patch (Read 5108 times)

krick

SMF Forum bot attacks - login_detector patch

saint

Re: SMF Forum bot attacks - login_detector patch

krick

Re: SMF Forum bot attacks - login_detector patch

BigJon

Re: SMF Forum bot attacks - login_detector patch

krick

Re: SMF Forum bot attacks - login_detector patch

krick

Re: SMF Forum bot attacks - login_detector patch

ark_ader

Re: SMF Forum bot attacks - login_detector patch