Build Your Own Arcade Controls Forum

Main => Forum/Website Discussion => Topic started by: krick on March 26, 2011, 03:12:31 pm

Title: SMF Forum bot attacks - login_detector patch
Post by: krick on March 26, 2011, 03:12:31 pm

Saint,

Have you noticed your SMF error log filling up with invalid password login attemtps?

There's a bot attack that's been happening since January, I think.   They target all forums, but I think SMF was getting the worst of it.  It was hitting my forums pretty hard.   Not only does it eat up server resources, it also kicks your users out and causes them to have to log in again.

Anyway, you probably want to install the "login_detector" patch from here (I've also attached it to this post) which pretty much neutralizes the bots login attempts...

http://www.simplemachines.org/community/index.php?topic=416928.msg2960115#msg2960115 (http://www.simplemachines.org/community/index.php?topic=416928.msg2960115#msg2960115)

Title: Re: SMF Forum bot attacks - login_detector patch
Post by: saint on March 26, 2011, 04:29:31 pm

Thanks Krick - I did. I disabled the forgotten password link because of it. I'll check out the patch, much appreciate d:)

Title: Re: SMF Forum bot attacks - login_detector patch
Post by: krick on March 26, 2011, 08:03:16 pm

When the bot attacks initially started, I tried everything to stop them, including a giant .htaccess deny list.

Then Arantor posted his little patch, which worked like magic so I abandoned the deny list.

The only other anti-bot mod that I'm using at the moment is the Anti-Spam Verification Questions for SMF (http://custom.simplemachines.org/mods/index.php?mod=1516) mod.  This is to prevent automated account registration.

The only hard part is thinking up a tricky question that is easy for your users but hard for bots/spammers to guess.

Title: Re: SMF Forum bot attacks - login_detector patch
Post by: BigJon on April 08, 2011, 01:33:38 pm

I'll have to consider these mods...I run an SMF forum as well and have been getting hit hard by spam bots.  I installed "Bad Behavior" about 2 weeks ago and the attacks seem to be leveling off a bit.

Title: Re: SMF Forum bot attacks - login_detector patch
Post by: krick on April 08, 2011, 02:12:26 pm

The login_detector patch is only a couple of lines of code and it works like a charm against the recent bot-net attacks.

Read the thread on the SMF community forum and you see lots of happy users.

As far as other mods go, I used to use reCAPTCHA (http://custom.simplemachines.org/mods/index.php?mod=1044) and the Stop Forum Spam (http://custom.simplemachines.org/mods/index.php?mod=1519) mods but they really didn't seem to be very effective so I removed them both.

The best I've found is the verification questions mod.  If you come up with good questions, it stops spammers in their tracks.  Incidentally, I think that verification questions are a standard feature in SMF 2.0 (currently RC5, I think).

Title: Re: SMF Forum bot attacks - login_detector patch
Post by: krick on April 27, 2011, 05:23:26 pm

Quote from: saint on March 26, 2011, 04:29:31 pm

Thanks Krick - I did. I disabled the forgotten password link because of it. I'll check out the patch, much appreciate d:)

Did you end up ever installing the patch?

Title: Re: SMF Forum bot attacks - login_detector patch
Post by: ark_ader on June 04, 2011, 10:57:49 am

I installed SMF for a college project, and I got spammed to death.

Thanks for the patch, I had to disable forum posts until I had a solution.

Funny thing is, I came in here hoping to solve this very same issue.

Thanks again!  :applaud: