Title: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 17, 2015, 03:01:53 PM Everything in this tutorial is being used on my faucet. Check it out HERE (http://www.bit-essence.com) to see it in action! Step 1 In the root directory of your server, there should be a file called .htaccess, HERE'S WHAT MINE LOOKS LIKE (http://pastebin.com/KAZ8RAQ8) Copy and paste it to yours. This will block all the TOR relays/exit nodes from accessing your website. TOR is good to block because it's one of the main things people use to bypass your time limit. Just google "bypass faucet time limit" you will see that it's one of the ways people bypass your time limit. To get an updated list of tor exit nodes visit https://www.dan.me.uk/torlist/ (https://www.dan.me.uk/torlist/) Here's a website to paste the IP's, it will generate the proper code for you. http://www.htaccesstools.com/block-ips/ (http://www.htaccesstools.com/block-ips/) Step Two In your faucet template, ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php, place this code, anywhere in the <head> tag. Code: <?php Here's a website to check if your faucet is still vulnerable. http://boomproxy.com/ (http://boomproxy.com/) Step Three Log into funcaptcha, then click "site settings" http://i51.photobucket.com/albums/f353/Ace_Of_Fades/1_zpsypczdi6n.png Scroll down and click on the little gear, underneath "setup". http://i51.photobucket.com/albums/f353/Ace_Of_Fades/2_zps8gwwinkn.png Then scroll down to the "security" tab select "always enhanced". Click save, then wait 5-10 minutes. Your captcha will now be alot harder for bots to bypass. http://i51.photobucket.com/albums/f353/Ace_Of_Fades/Untitled_zpselvhvhqt.png Step Four In step four we will be adding a simple math question displayed as an image as a second captcha. Faucet users cannot claim their satoshi until the math question is solved. Download PHP captcha HERE (https://www.mediafire.com/?tx0swq9o0w04t74) extract it and add the "captcha" folder to your root directory. If you don't trust that download you can find the original HERE (https://www.phpcaptcha.org/), it will require some configuring though. Now open your template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) paste the following code at the very top line above <!DOCTYPE html>: Code: <?php session_start(); ?> Paste the following code where you would like the equation to appear Code: <img id="captcha" src="/captcha/securimage_show.php" alt="CAPTCHA Image" /> Now you need to create a PHP document. I use a program called Notepad++, however any text editor will work. Create a new document, then paste in the following code: Code: <?php> Keep the document open. Open your faucet index page, it will most likely be index.php in your ROOTDIRECTORY. (Not the template index.php) Now press CTRL+A and select everything and copy it. Go back to the document you were just making and paste it on the very bottom, underneath the ?> Now save the file as what ever you want, I called mine math.php. Go back to your faucet template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) search for the following: <form method="POST" class="form-horizontal" role="form"> on that same line link your PHP file to it like so: Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> Now you should have a working math eqution that users have to answer correctly before using your faucet. I hope this helps other faucet owners, as it's terrible how bots think they can steal our valuable satoshis :3 You try and be nice, by giving people free bitcoins and they feel the need to exploit it. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 17, 2015, 03:52:28 PM Optional
I have google analytics on my faucet and I realized that, almost all the traffic was coming from Russia or China.... So I found out about this site called http://www.blockacountry.com (http://www.blockacountry.com), it allows you to block whole countries from accessing your website. This route is optional, but super effective. The only downside is it affects real people from accessing your faucet. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: nijkamp on October 17, 2015, 03:53:55 PM There are a lot of fuking ips mate! all are ips bots?
can i talk with u via skype? best regards Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 17, 2015, 04:11:07 PM They're TOR ips and in my new .htaccess I've blocked Russia and China from accessing my faucet. It appears to have stopped them.
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 17, 2015, 04:48:16 PM But if this is a copy of which I did. ¿?
https://bitcointalk.org/index.php?topic=1210279.0 Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 17, 2015, 04:50:19 PM But if this is a copy of which I did. ¿? https://bitcointalk.org/index.php?topic=1210279.0 Yes, except yours didn't work very well, I was still getting ALOT of bots. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: nijkamp on October 17, 2015, 04:52:04 PM how is going for u essence owner? 6700 ip`s banned o.O?
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 17, 2015, 04:54:35 PM OK, pass your website here to see ;)
https://www.vpnbook.com/webproxy https://www.sumrando.com/proxy.aspx But if this is a copy of which I did. ¿? https://bitcointalk.org/index.php?topic=1210279.0 Yes, except yours didn't work very well, I was still getting ALOT of bots. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 17, 2015, 05:01:27 PM Thus more complete
Code: # Block Proxy Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 17, 2015, 05:03:45 PM how is going for u essence owner? 6700 ip`s banned o.O? They're TOR relays and IP's that I don't want accessing my faucet, It's going very well since I've banned them, my faucet is doing ALOT better. :) OK, pass your website here to see ;) https://www.vpnbook.com/webproxy https://www.sumrando.com/proxy.aspx But if this is a copy of which I did. ¿? https://bitcointalk.org/index.php?topic=1210279.0 Yes, except yours didn't work very well, I was still getting ALOT of bots. Well played, it would be impossible to stop every VPN though. So I'm satisfied. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: nijkamp on October 17, 2015, 05:04:14 PM what is that misterbit? can u explain a bit please :)?
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 17, 2015, 05:08:38 PM Hello, it is a rule that I found on the net to block proxies
what is that misterbit? can u explain a bit please :)? Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 17, 2015, 05:10:12 PM great dude, but I believe that I did it I is almost the same as that.
how is going for u essence owner? 6700 ip`s banned o.O? They're TOR relays and IP's that I don't want accessing my faucet, It's going very well since I've banned them, my faucet is doing ALOT better. :) OK, pass your website here to see ;) https://www.vpnbook.com/webproxy https://www.sumrando.com/proxy.aspx But if this is a copy of which I did. ¿? https://bitcointalk.org/index.php?topic=1210279.0 Yes, except yours didn't work very well, I was still getting ALOT of bots. Well played, it would be impossible to stop every VPN though. So I'm satisfied. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 17, 2015, 05:16:45 PM Thus more complete Code: # Block Proxy THANK YOU! Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 17, 2015, 05:18:27 PM Friend beside, if you put the email as I did by passing the limit of requests would you email like this that I got to my.
Code: Hi there, That means having a bumper and passing it the anti proxy system does not serve unfortunately for us. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: nijkamp on October 17, 2015, 05:31:36 PM Then we need to copy and paste that to unable proxyes in our web? did i understand well?
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: lol3c on October 17, 2015, 05:42:27 PM Thanks for this information, we are in really need of this topics. I also applied some of them.
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: mari88 on October 18, 2015, 12:53:37 PM really big thanks will test your code on my Faucet ;)
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on October 22, 2015, 01:17:08 PM Thus more complete where to put this ? in .htaccess file ?Code: # Block Proxy Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 22, 2015, 01:44:43 PM Friend beside, if you put the email as I did by passing the limit of requests would you email like this that I got to my. Code: Hi there, That means having a bumper and passing it the anti proxy system does not serve unfortunately for us. I'm thinking to develop a way to send just the authorizated amount of request to avoid exceed the limits. In addition to I will log the non requested issues to have an idea of how many request I would need for my site... The IpGetIntel owner sells daily packages of queries also... When I finish this script I will share with you. Thus more complete where to put this ? in .htaccess file ?Code: # Block Proxy Yes. This is a code to be inserted into .htaccess file. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on October 22, 2015, 02:19:51 PM I'm having problem after putting above code in my htaccess file :(
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: FaucetWorld on October 22, 2015, 03:33:02 PM They're TOR ips and in my new .htaccess I've blocked Russia and China from accessing my faucet. It appears to have stopped them. Blocking Russia, China or other country will not help you! Only blocking proxies can help with this fight! Thank you guys for great job! Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: mari88 on October 23, 2015, 11:11:22 AM i have added your code to my template and nothing happens i can visit faucet with boomproxy.com
and i have added your .htaccess to my root ??? kind regrads Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on October 23, 2015, 12:29:48 PM i have added your code to my template and nothing happens i can visit faucet with boomproxy.com and i have added your .htaccess to my root ??? kind regrads Probably you did something wrong Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: altcoinhosting on October 23, 2015, 12:32:44 PM Nice function... :)
For the sake of completeness, it would be nice if you would also filter out tor exit nodes... I saw a post yesterday with a guy having problems with a bot over tor, and a fucntion like yours (but with tor filtering) would have been his sollution. Thanks for contributing to the community :) EDIT: for the sake of honesty, i haven't tested out your script, so i'm not sure if it doesn't already do this ;) Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: mari88 on October 23, 2015, 12:43:35 PM i have added your code to my template and nothing happens i can visit faucet with boomproxy.com and i have added your .htaccess to my root ??? kind regrads Probably you did something wrong whooooow what a helping user you spamer :D i know that something is wrong :D hat these spamers ...... i have fixxed the problem with CTRL+F5 :D Script now working thanks. kind regrads Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 23, 2015, 01:41:03 PM Guys... I just developed a very effective proxy server barrier!
My solution has 4 layers of protection. 1st layer: Custom IPs blacklist and cache. Supported by the layers above and customizable if your personal IPs blacklist. 2nd layer: TOR users protection. Almost 100% effective. 3rd layer: Popular and Known Proxy Servers blocked. 4th layer: Unknown proxies blocked by intelligent algorithms. It works for any site running PHP. If you are interested in a deal, send me a PM. You can test the service first. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 23, 2015, 01:52:44 PM Morning everyone, I have just updated my original post and I am having great luck in the fight against bots! :D
Nice function... :) For the sake of completeness, it would be nice if you would also filter out tor exit nodes... I saw a post yesterday with a guy having problems with a bot over tor, and a fucntion like yours (but with tor filtering) would have been his sollution. Thanks for contributing to the community :) EDIT: for the sake of honesty, i haven't tested out your script, so i'm not sure if it doesn't already do this ;) Check out step one on my original post, it explains how to block tor exit nodes. :) Guys... I just developed a very effective proxy server barrier! My solution has 4 layers of protection. 1st layer: Custom IPs blacklist and cache. Supported by the layers above and customizable if your personal IPs blacklist. 2nd layer: TOR users protection. Almost 100% effective. 3rd layer: Popular and Known Proxy Servers blocked. 4th layer: Unknown proxies blocked by intelligent algorithms. It works for any site running PHP. I challenge you to try some proxies on my site: http://bitcoin-catcher.com/faucet (only works on the faucet page). If you are interested in a deal, send me a PM. https://www.vpnbook.com/webproxy http://bitcoin-catcher.com/faucet Yours isn't flawless, quit trying to "make a deal"/advertise your faucet on my thread. My thread is intended for free public knowledge, so please leave. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 23, 2015, 01:58:17 PM Morning everyone, I have just updated my original post and I am having great luck in the fight against bots! :D Guys... I just developed a very effective proxy server barrier! My solution has 4 layers of protection. 1st layer: Custom IPs blacklist and cache. Supported by the layers above and customizable if your personal IPs blacklist. 2nd layer: TOR users protection. Almost 100% effective. 3rd layer: Popular and Known Proxy Servers blocked. 4th layer: Unknown proxies blocked by intelligent algorithms. It works for any site running PHP. I challenge you to try some proxies on my site: http://bitcoin-catcher.com/faucet (only works on the faucet page). If you are interested in a deal, send me a PM. https://www.vpnbook.com/webproxy http://bitcoin-catcher.com/faucet Yours isn't flawless, quit trying to "make a deal"/advertise your faucet on my thread. My thread is intended for free public knowledge, so please leave. No problem, friend. I just edited my post and removed the link. Anyways, I'm just trying to trade knowledge. Do not forget that I am helping faucet owners about security questions for free about weeks in this forum... >>> https://bitcointalk.org/index.php?topic=1200700.0 Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 23, 2015, 02:05:17 PM No problem, friend. I just edited my post and removed the link. Anyways, I'm just trying to trade knowledge. Do not forget that I am helping faucet owners about security questions for free about weeks in this forum... >>> https://bitcointalk.org/index.php?topic=1200700.0 I totally didn't realize that was you! I'm sorry if I sounded rude, I just think that this knowledge should be freely available to the public. If I buy it from you, can I post it on this thread? Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 23, 2015, 02:24:41 PM No problem, friend. I just edited my post and removed the link. Anyways, I'm just trying to trade knowledge. Do not forget that I am helping faucet owners about security questions for free about weeks in this forum... >>> https://bitcointalk.org/index.php?topic=1200700.0 I totally didn't realize that was you! I'm sorry if I sounded rude, I just think that this knowledge should be freely available to the public. If I buy it from you, can I post it on this thread? No problem. Just one observation, that proxy tou tested on my site failed. My barrier is redirecting it to an other site. About the deal, I'm trying to do trades because I spent a lot of efforts and hours without sleep to create this barrier. Of course if you buy this knowledge you could share it. I would not do this because this way we are revealing our defenses to tje scammers too. They will break the barrier easily. Then I decided that I won't share this for free. To protect my work and make its effective for a long time. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 23, 2015, 02:36:44 PM No problem, friend. I just edited my post and removed the link. Anyways, I'm just trying to trade knowledge. Do not forget that I am helping faucet owners about security questions for free about weeks in this forum... >>> https://bitcointalk.org/index.php?topic=1200700.0 I totally didn't realize that was you! I'm sorry if I sounded rude, I just think that this knowledge should be freely available to the public. If I buy it from you, can I post it on this thread? No problem. Just one observation, that proxy tou tested on my site failed. My barrier is redirecting it to an other site. About the deal, I'm trying to do trades because I spent a lot of efforts and hours without sleep to create this barrier. Of course if you buy this knowledge you could share it. I would not do this because this way we are revealing our defenses to tje scammers too. They will break the barrier easily. Then I decided that I won't share this for free. To protect my work and make its effective for a long time. Ah... One more thing. My barrier is producing good stats and logs. In some days I will share the most identified proxies IP list with everyone for free. Give me two or three days. :) Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 24, 2015, 02:32:47 PM No problem, friend. I just edited my post and removed the link. Anyways, I'm just trying to trade knowledge. Do not forget that I am helping faucet owners about security questions for free about weeks in this forum... >>> https://bitcointalk.org/index.php?topic=1200700.0 I totally didn't realize that was you! I'm sorry if I sounded rude, I just think that this knowledge should be freely available to the public. If I buy it from you, can I post it on this thread? No problem. Just one observation, that proxy tou tested on my site failed. My barrier is redirecting it to an other site. About the deal, I'm trying to do trades because I spent a lot of efforts and hours without sleep to create this barrier. Of course if you buy this knowledge you could share it. I would not do this because this way we are revealing our defenses to tje scammers too. They will break the barrier easily. Then I decided that I won't share this for free. To protect my work and make its effective for a long time. Ah... One more thing. My barrier is producing good stats and logs. In some days I will share the most identified proxies IP list with everyone for free. Give me two or three days. :) Guys... These are the proxy servers and scam IPs that my barrier blocked yesterday. Use for your safe and for free. Code: 162.254.149.195 I will update this list weekly at this topic: https://bitcointalk.org/index.php?topic=1200700.0 Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on October 25, 2015, 01:09:06 PM Hi, just found this awesome thread.
So just to make things clear (since I'm not very technical) - is the information on the OP good enough or do I need to add any of the other scripts you've put in here? Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: FaucetWorld on October 25, 2015, 01:23:53 PM Hi, just found this awesome thread. So just to make things clear (since I'm not very technical) - is the information on the OP good enough or do I need to add any of the other scripts you've put in here? Probably this what you see in this thread is not enough to protect your faucet good enough, but for sure will help a lot. New features are now tested and soon will be published update. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 25, 2015, 02:14:08 PM Hi, just found this awesome thread. So just to make things clear (since I'm not very technical) - is the information on the OP good enough or do I need to add any of the other scripts you've put in here? Probably this what you see in this thread is not enough to protect your faucet good enough, but for sure will help a lot. New features are now tested and soon will be published update. Exactly. All in this topic will help you so much. But it isn't enough. We are posting new techniques and security solutions here everyday. Stay visiting this topic to learn more and develop your own solutions too. Do you now how to do simple changes in a PHP code? Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on October 25, 2015, 02:16:18 PM Hi, just found this awesome thread. So just to make things clear (since I'm not very technical) - is the information on the OP good enough or do I need to add any of the other scripts you've put in here? Probably this what you see in this thread is not enough to protect your faucet good enough, but for sure will help a lot. New features are now tested and soon will be published update. Exactly. All in this topic will help you so much. But it isn't enough. We are posting new techniques and security solutions here everyday. Stay visiting this topic to learn more and develop your own solutions too. Do you now how to do simple changes in a PHP code? Yes I do and I already implemented what's in here. Hope this helps. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on October 26, 2015, 07:54:41 AM I can't seem to find the FunCaptcha security options you talk about in the OP. I just get a very basic webpage where I can retrieve my keys.
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: Gifted on October 26, 2015, 07:15:54 PM Alright, so my faucet www.bit-essence.com (http://www.bit-essence.com) was getting raped by bots. Here are two pictures, one showing how bad it was, the other showing how much better I made it. just so you know this site says im on a proxy and im not . So this is deferring real people too .Before I go and take credit for this, I got some information from MASETRBIT in this thread:https://bitcointalk.org/index.php?topic=1210279.0 (https://bitcointalk.org/index.php?topic=1210279.0) Before http://i51.photobucket.com/albums/f353/Ace_Of_Fades/before_zpsltxaqfka.png After http://i51.photobucket.com/albums/f353/Ace_Of_Fades/after_zps8a1isqwm.png As you can see, from the time the payouts were made, I have made a huge dent in bots accessing my faucet. Here's how: First In the root directory of your server, there should be a file called .htaccess, HERE'S WHAT MINE LOOK LIKE (http://pastebin.com/KAZ8RAQ8) Copy and paste it to yours. This will block all the TOR relays/exit nodes from accessing your website. TOR is good to block because it's one of the main things people use to bypass your time limit. Just google "bypass faucet time limit" you will see that it's one of the ways people bypass your time limit. To get an updated list of tor exit nodes visit https://www.dan.me.uk/torlist/ (https://www.dan.me.uk/torlist/) Here's a website to paste the IP's, it will generate the proper code for you. http://www.htaccesstools.com/block-ips/ (http://www.htaccesstools.com/block-ips/) Second In your faucet template, ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php, place this code, above <!DOCTYPE html> Code: <?php Here's a website to check if your faucet is still vulnerable. http://boomproxy.com/ (http://boomproxy.com/) Second On funcaptcha's website edit you captcha, on the "security" tab select "always enhanced". Click save, then wait 5-10 minutes. Your captcha will now be alot harder for bots to bypass. http://i51.photobucket.com/albums/f353/Ace_Of_Fades/Untitled_zpselvhvhqt.png I hope this helps other faucet owners, as it's terrible how bots think they can steal our valuable satoshis :3 You try and be nice, by giving people free bitcoins and they feel the need to exploit it. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: thefaucetrunner on October 27, 2015, 04:55:22 AM GetIPIntel won't work for high traffic faucets, too many requests will spit our 404/403 errors. I spoke with the admin recently and tested it.
Not sure about the rest. Proxies are an issue but adding features to limit claims from more than X amount of IP addresses is a step in the right direction. For MiniFaucet based faucets, it helps to have a limit on large cashouts. Botters are keeping up with things, that's for sure. I don't quite understand how. Some of the best devs out there haven't been able to do much. Catching repeat offenders and blacklisting IPs helps, but you'll have to pay a few bots before you get that knowledge. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 27, 2015, 12:32:03 PM GetIPIntel won't work for high traffic faucets, too many requests will spit our 404/403 errors. I spoke with the admin recently and tested it. Not sure about the rest. Proxies are an issue but adding features to limit claims from more than X amount of IP addresses is a step in the right direction. For MiniFaucet based faucets, it helps to have a limit on large cashouts. Botters are keeping up with things, that's for sure. I don't quite understand how. Some of the best devs out there haven't been able to do much. Catching repeat offenders and blacklisting IPs helps, but you'll have to pay a few bots before you get that knowledge. As you said the best way to work with getIpIntel is caching the results and coding a counter to limit your requests daily. For me, the fight against the scammers and bots is teaching me many things. As you know I'm developing my own security system without need to use antibot links or anything like this. I think I am winning this battle for now... Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: thefaucetrunner on October 27, 2015, 05:42:22 PM One of the main things to remember with these bots is that they are using a script, which is fairly rigid. You can do several things to foil the bots, including switching your captcha randomly, implementing legitimate anti-bot math problems and buttons, thresholds for cashouts and other features.
Unfortunately for many of the users on here, these sort of features require knowledge or the money to hire someone with the knowledge. We are lucky to have people like Minifrij etc to help users. I've made it my task in recent months to fight these bots where I can, but I think it's an uphill struggle most of the time. I have banned so many addresses today... Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 27, 2015, 09:09:34 PM One of the main things to remember with these bots is that they are using a script, which is fairly rigid. You can do several things to foil the bots, including switching your captcha randomly, implementing legitimate anti-bot math problems and buttons, thresholds for cashouts and other features. Unfortunately for many of the users on here, these sort of features require knowledge or the money to hire someone with the knowledge. We are lucky to have people like Minifrij etc to help users. I've made it my task in recent months to fight these bots where I can, but I think it's an uphill struggle most of the time. I have banned so many addresses today... Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 27, 2015, 09:18:37 PM Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Hey bud, I implemented this on my faucet. Let me know what you think. http://g-liu.com/blog/2013/08/walkthrough-captcha-php/ (http://g-liu.com/blog/2013/08/walkthrough-captcha-php/). Check out my faucet to see how it works. I will make a tutorial on this post as soon as I get home from work. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 27, 2015, 11:35:53 PM Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Hey bud, I implemented this on my faucet. Let me know what you think. http://g-liu.com/blog/2013/08/walkthrough-captcha-php/ (http://g-liu.com/blog/2013/08/walkthrough-captcha-php/). Check out my faucet to see how it works. I will make a tutorial on this post as soon as I get home from work. http://jsfiddle.net/Ztq83/ Someone who knows how to do it please Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 28, 2015, 01:44:05 AM Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Hey bud, I implemented this on my faucet. Let me know what you think. http://g-liu.com/blog/2013/08/walkthrough-captcha-php/ (http://g-liu.com/blog/2013/08/walkthrough-captcha-php/). Check out my faucet to see how it works. I will make a tutorial on this post as soon as I get home from work. http://jsfiddle.net/Ztq83/ Someone who knows how to do it please Yes. It seems good. But you should implement this making the field mandatory to the submit button. I need to study how to do this yet. Recently I implemented a second simple captcha in my faucet but It just works to hide the claim button. Solving the captcha the claim button is shown. However if the scammer uses a bot that send automatic commands like HTML POSTs and GETs, my second captcha should fail. I will take a look in the faucetbox script tomorrow... Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 28, 2015, 01:55:02 AM Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Hey bud, I implemented this on my faucet. Let me know what you think. http://g-liu.com/blog/2013/08/walkthrough-captcha-php/ (http://g-liu.com/blog/2013/08/walkthrough-captcha-php/). Check out my faucet to see how it works. I will make a tutorial on this post as soon as I get home from work. http://jsfiddle.net/Ztq83/ Someone who knows how to do it please Yes. It seems good. But you should implement this making the field mandatory to the submit button. I need to study how to do this yet. Recently I implemented a second simple captcha in my faucet but It just works to hide the claim button. Solving the captcha the claim button is shown. However if the scammer uses a bot that send automatic commands like HTML POSTs and GETs, my second captcha should fail. I will take a look in the faucetbox script tomorrow... Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on October 28, 2015, 04:18:36 AM Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Hey bud, I implemented this on my faucet. Let me know what you think. http://g-liu.com/blog/2013/08/walkthrough-captcha-php/ (http://g-liu.com/blog/2013/08/walkthrough-captcha-php/). Check out my faucet to see how it works. I will make a tutorial on this post as soon as I get home from work. http://jsfiddle.net/Ztq83/ Someone who knows how to do it please Yes. It seems good. But you should implement this making the field mandatory to the submit button. I need to study how to do this yet. Recently I implemented a second simple captcha in my faucet but It just works to hide the claim button. Solving the captcha the claim button is shown. However if the scammer uses a bot that send automatic commands like HTML POSTs and GETs, my second captcha should fail. I will take a look in the faucetbox script tomorrow... instead of hiding submit button disable it when captcha solved enable it. will it still fail ? can a bot post disabled button ? Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 28, 2015, 04:52:42 PM Are you using the FaucetBox script in your faucet? I'm looking for a way to include more mandatory fields to claim. My idea is to ask for the e-mail or for a second captcha solution> If the user don't put it, the FaucetBox will show that default message: Missing inputs (or something like this...). This move should block a lot of bots (At leas the not customizable ones). I will study how to do this... Hey bud, I implemented this on my faucet. Let me know what you think. http://g-liu.com/blog/2013/08/walkthrough-captcha-php/ (http://g-liu.com/blog/2013/08/walkthrough-captcha-php/). Check out my faucet to see how it works. I will make a tutorial on this post as soon as I get home from work. http://jsfiddle.net/Ztq83/ Someone who knows how to do it please Yes. It seems good. But you should implement this making the field mandatory to the submit button. I need to study how to do this yet. Recently I implemented a second simple captcha in my faucet but It just works to hide the claim button. Solving the captcha the claim button is shown. However if the scammer uses a bot that send automatic commands like HTML POSTs and GETs, my second captcha should fail. I will take a look in the faucetbox script tomorrow... instead of hiding submit button disable it when captcha solved enable it. will it still fail ? can a bot post disabled button ? Yes. I'm doing this. The button born as disabled. Te problem is that a bot can set it to enabled using a java script since the button is being loaded in the client side (HTML). A button generated by PHP code should solve this problem. But the faucetbox script is a mix of PHP and HTML unfortunately. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: minifrij on October 28, 2015, 04:57:42 PM A button generated by PHP code should solve this problem. But the faucetbox script is a mix of PHP and HTML unfortunately. A button generated by PHP? How do you plan to get this to work without using any HTML?Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 28, 2015, 05:23:50 PM A button generated by PHP code should solve this problem. But the faucetbox script is a mix of PHP and HTML unfortunately. A button generated by PHP? How do you plan to get this to work without using any HTML?Sorry... I said a miisleading thing. I am thinking about create the timer and the enable button fuction in PHP to replace javascript functions into the HTML, for example. Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: minifrij on October 28, 2015, 05:56:04 PM Sorry... I said a miisleading thing. I can see where you're coming from, but you cannot create things like timers in PHP. Since PHP is a server side language, it loads only once when the page first loads. If you would want to make a timer in PHP, you would have to somehow delay the loading of the page entirely.I am thinking about create the timer and the enable button fuction in PHP to replace javascript functions into the HTML, for example. You could perhaps add some sort of verification on the PHP submit if you wanted. For example, create a PHP session variable of the time before the form, then compare it to the time after the submission of the form to be sure that it is at least your timer's length between asking for both pages. Something like this maybe: Code: <?php Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 28, 2015, 10:30:23 PM Finally winning the fight against bots! :') I have updated the original post with some helpful information.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on October 28, 2015, 10:52:07 PM Just saying, if you're displaying the maths problems in plain text it is very easy for bots to get around. There's a reason that captchas are images of text rather than the plain words, similar to this. While bots can read images, it makes their life a lot harder if they are.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 28, 2015, 11:36:00 PM Just saying, if you're displaying the maths problems in plain text it is very easy for bots to get around. There's a reason that captchas are images of text rather than the plain words, similar to this. While bots can read images, it makes their life a lot harder if they are. You're right, in the same article that is 2013 a young says of his weakness.Friend this not serve? do you know how to adapt it? http://jsfiddle.net/Ztq83/ Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 12:06:04 AM Just saying, if you're displaying the maths problems in plain text it is very easy for bots to get around. There's a reason that captchas are images of text rather than the plain words, similar to this. While bots can read images, it makes their life a lot harder if they are. In that case I'll have to make the numbers display as images, I'll update my tutorial once I do. Thanks for pointing out such a big flaw lol.You're right, in the same article that is 2013 a young says of his weakness. So you want a confirmation dialog to appear before receiving the satoshi? Maybe I'll implement the math question on the popup? :P Friend this not serve? do you know how to adapt it? http://jsfiddle.net/Ztq83/ Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 29, 2015, 12:34:15 AM Just saying, if you're displaying the maths problems in plain text it is very easy for bots to get around. There's a reason that captchas are images of text rather than the plain words, similar to this. While bots can read images, it makes their life a lot harder if they are. In that case I'll have to make the numbers display as images, I'll update my tutorial once I do. Thanks for pointing out such a big flaw lol.You're right, in the same article that is 2013 a young says of his weakness. So you want a confirmation dialog to appear before receiving the satoshi? Maybe I'll implement the math question on the popup? :P Friend this not serve? do you know how to adapt it? http://jsfiddle.net/Ztq83/ I have not much idea about the mechanism of the bots Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on October 29, 2015, 01:45:29 AM Hey guys got an idea ;D
Instead of using anti bot links if you create a new captcha like click identical image. many Ptc site have this captcha. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 01:58:16 AM Just saying, if you're displaying the maths problems in plain text it is very easy for bots to get around. There's a reason that captchas are images of text rather than the plain words, similar to this. While bots can read images, it makes their life a lot harder if they are. Check out my faucet now, I'm using a image instead of text. Is that better? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on October 29, 2015, 02:17:47 AM Check out my faucet now, I'm using a image instead of text. Is that better? If your faucet is bit-essence.com, I get a 403 Forbidden error trying to access.Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 02:25:22 AM Check out my faucet now, I'm using a image instead of text. Is that better? If your faucet is bit-essence.com, I get a 403 Forbidden error trying to access.How about now? :O Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on October 29, 2015, 02:27:24 AM How about now? :O Yeah, that seems to be fine. Just as long as the problem is not in plain text that a bot can just scrape you should be fine.Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 29, 2015, 03:23:26 AM Check out my faucet now, I'm using a image instead of text. Is that better? If your faucet is bit-essence.com, I get a 403 Forbidden error trying to access.Take a look in my faucet, please: bitcon-catcher.com/faucet Ate the page bottom there is a second simple captcha. I will improve it changing text/numbers to image or something better soon. My point now is about other problem. I would like to transform this captcha in a mandatory captcha as the first (funcaptcha). I mean if the visitor claim without solve that captcha the faucetbox script (PHP) won't send the reward and will return: missing parameters. How could I do that? Do you know how? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on October 29, 2015, 09:45:17 AM Step Four In step four we will be adding a simple math question displayed as an image as a second captcha. Faucet users cannot claim their satoshi until the math question is solved. Download PHP captcha HERE (https://www.mediafire.com/?tx0swq9o0w04t74) extract it and add the "captcha" folder to your root directory. If you don't trust that download you can find the original HERE (https://www.phpcaptcha.org/), it will require some configuring though. Now open your template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) paste the following code at the very top line above <!DOCTYPE html>: Code: <?php session_start(); ?> Paste the following code where you would like the equation to appear Code: <img id="captcha" src="/captcha/securimage_show.php" alt="CAPTCHA Image" /> Now you need to create a PHP document. I use a program called Notepad++, however any text editor will work. Create a new document, then paste in the following code: Code: <?php> Keep the document open. Open your faucet index page, it will most likely be index.php in your ROOTDIRECTORY. (Not the template index.php) Now press CTRL+A and select everything and copy it. Go back to the document you were just making and paste it on the very bottom, underneath the ?> Now save the file as what ever you want, I called mine math.php. Go back to your faucet template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) search for the following: <form method="POST" class="form-horizontal" role="form"> on that same line link your PHP file to it like so: Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> Now you should have a working math eqution that users have to answer correctly before using your faucet. 1. Where do I put the math.php file? 2. I implemented the file in the template directory but I can still claim the coins without solving the problem. Here's the website (http://milli.io). Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 12:55:24 PM The math.php file is essential, it's basically what checks to make sure the captcha is correct. Place it inside the root directory of your server.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 01:59:39 PM Take a look in my faucet, please: bitcon-catcher.com/faucet Ate the page bottom there is a second simple captcha. I will improve it changing text/numbers to image or something better soon. My point now is about other problem. I would like to transform this captcha in a mandatory captcha as the first (funcaptcha). I mean if the visitor claim without solve that captcha the faucetbox script (PHP) won't send the reward and will return: missing parameters. How could I do that? Do you know how? I checked your faucet, I really like it! The captcha is mandatory already, isn't it? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on October 29, 2015, 03:03:32 PM The math.php file is essential, it's basically what checks to make sure the captcha is correct. Place it inside the root directory of your server. I placed it in the root folder but it still doesn't work. I'm able to get the coins without solving the math problem. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 03:47:17 PM Here's what you currently have in your code:
http://i51.photobucket.com/albums/f353/Ace_Of_Fades/Untitled_zpsaiwmiakj.png I wasn't very clear in my original post, but Code: <form method="POST" class="form-horizontal" role="form"> Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> Just delete the first one, you should be fine. :) Currently your form is only applying the POST method, and ignoring your second line with the math.php action. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on October 29, 2015, 05:00:56 PM Here's what you currently have in your code: http://i51.photobucket.com/albums/f353/Ace_Of_Fades/Untitled_zpsaiwmiakj.png I wasn't very clear in my original post, but Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> Code: <form method="POST" class="form-horizontal" role="form"> Just delete the second one, you should be fine. :) Currently your form is only applying the POST method, and ignoring your second line with the math.php action. Thanks for clarifying this, unfortunately now I get an invalid answer page even when I answer correctly. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: AlexAce420 on October 29, 2015, 05:12:27 PM Make sure your math.php file looks like THIS (http://pastebin.com/fsF9XeGW).
Also, you deleted the wrong one. Delete: Code: <form method="POST" class="form-horizontal" role="form"> and use: Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: rkandrades on October 29, 2015, 05:18:37 PM Take a look in my faucet, please: bitcon-catcher.com/faucet Ate the page bottom there is a second simple captcha. I will improve it changing text/numbers to image or something better soon. My point now is about other problem. I would like to transform this captcha in a mandatory captcha as the first (funcaptcha). I mean if the visitor claim without solve that captcha the faucetbox script (PHP) won't send the reward and will return: missing parameters. How could I do that? Do you know how? I checked your faucet, I really like it! The captcha is mandatory already, isn't it? So so... Hehehe... The second captcha is "mandatory" but coun be broken altering the javascript through a firefox tool/plugin. But this is working fine for now. Soon I will improve it. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 29, 2015, 10:08:44 PM Thank you very much, now fits image ;)
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on October 30, 2015, 03:22:04 AM I think it would be good that instead of opening a page with the notice of
Code: I'm sorry but you have to answer the math question correctly!. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pickupcoin on November 07, 2015, 09:53:40 PM hm. thank for this share.
i try to put math step on faucet, but have two erorrs first i have line: Notice: A session had already been started - ignoring session_start() in /home/domains/domain.com/public_html/faucet/templates/default/index.php on line 1 this is 1 line: Quote <?php session_start(); ?> and second: I'm sorry but you have to answer the math question correctly!. Please go back and use a caculator. but i am 100% sure to answer coorect math problem ;D any idea where i am wrong? regards Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on November 07, 2015, 09:57:26 PM hm. thank for this share. I'm unsure what the second problem is, though you do not need that line. FaucetBox starts a session on it's own, so you can just remove/comment out that session_start();i try to put math step on faucet, but have two erorrs first i have line: Notice: A session had already been started - ignoring session_start() in /home/domains/domain.com/public_html/faucet/templates/default/index.php on line 1 this is 1 line: Quote <?php session_start(); ?> Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pickupcoin on November 07, 2015, 10:09:40 PM hm. thank for this share. I'm unsure what the second problem is, though you do not need that line. FaucetBox starts a session on it's own, so you can just remove/comment out that session_start();i try to put math step on faucet, but have two erorrs first i have line: Notice: A session had already been started - ignoring session_start() in /home/domains/domain.com/public_html/faucet/templates/default/index.php on line 1 this is 1 line: Quote <?php session_start(); ?> yes, you're right for this, seems that is not need that line. thanks but still problem with answer the math question correctly!. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: ofirbeigel on November 08, 2015, 07:06:02 AM hm. thank for this share. I'm unsure what the second problem is, though you do not need that line. FaucetBox starts a session on it's own, so you can just remove/comment out that session_start();i try to put math step on faucet, but have two erorrs first i have line: Notice: A session had already been started - ignoring session_start() in /home/domains/domain.com/public_html/faucet/templates/default/index.php on line 1 this is 1 line: Quote <?php session_start(); ?> yes, you're right for this, seems that is not need that line. thanks but still problem with answer the math question correctly!. I get that a lot as well (the second problem). I answer the math question correctly but it still tells me that I'm wrong. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pickupcoin on November 13, 2015, 06:57:54 PM i am remove math captcha from my faucet, i do not solve problem with correctly math question
I would like to hear some idea with double captcha, definitely bots passing by funcaptcha. does anyone have experience with solvemedia vs. funcaptcha, who's better? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on November 13, 2015, 07:56:37 PM does anyone have experience with solvemedia vs. funcaptcha, who's better? Unless SolveMedia has suddenly upped their security tenfold, FunCaptcha is almost certainly better. SolveMedia is flawed in that all that's needed to complete it is for the user to input text, which can be fairly easy for a bot to solve with some human assistance.Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: elson on November 14, 2015, 01:15:27 AM can you explain who to open the math chapacha in a new popup window like your site ?
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: dart vader on November 14, 2015, 08:02:29 AM your site just shows a blank page to me.
of course im not behind any proxy. i was thinking using your steps but im worried of blocking real people (or people not behind proxies). Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on November 14, 2015, 12:41:30 PM i am remove math captcha from my faucet, i do not solve problem with correctly math question I would like to hear some idea with double captcha, definitely bots passing by funcaptcha. does anyone have experience with solvemedia vs. funcaptcha, who's better? You can do it . 1st captcha at login page 2nd captcha when user make a claim Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on November 14, 2015, 01:37:08 PM i am remove math captcha from my faucet, i do not solve problem with correctly math question I would like to hear some idea with double captcha, definitely bots passing by funcaptcha. does anyone have experience with solvemedia vs. funcaptcha, who's better? You can do it . 1st captcha at login page 2nd captcha when user make a claim Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: thinkinger on November 22, 2015, 10:18:25 PM Quote (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) i couldnt understand that. where is it in paytoshi script. can anyone help me?Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pickupcoin on November 22, 2015, 11:18:10 PM Quote (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) i couldnt understand that. where is it in paytoshi script. can anyone help me?this YOURTEMPLATE if you don't change anything is probably "default" like this ../faucet/templates/default/index.php Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on November 22, 2015, 11:28:43 PM this YOURTEMPLATE if you don't change anything is probably "default" He isn't asking about FaucetBox, please read his post. Paytoshi is a bit different.like this ../faucet/templates/default/index.php Since the Paytoshi script is a bit more split up into how it does things, the file that you're looking for is probably at this path: ../themes/default/index.html.twig The other files are aptly named for what they do, though index.html.twig is likely the one you want for editing the main body of your faucet. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pickupcoin on November 22, 2015, 11:40:54 PM this YOURTEMPLATE if you don't change anything is probably "default" He isn't asking about FaucetBox, please read his post. Paytoshi is a bit different.like this ../faucet/templates/default/index.php Since the Paytoshi script is a bit more split up into how it does things, the file that you're looking for is probably at this path: ../themes/default/index.html.twig The other files are aptly named for what they do, though index.html.twig is likely the one you want for editing the main body of your faucet. I worked a long time ago with paytoshi, I completely forgot for .html.twig files. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: thinkinger on November 23, 2015, 04:32:28 PM this YOURTEMPLATE if you don't change anything is probably "default" He isn't asking about FaucetBox, please read his post. Paytoshi is a bit different.like this ../faucet/templates/default/index.php Since the Paytoshi script is a bit more split up into how it does things, the file that you're looking for is probably at this path: ../themes/default/index.html.twig The other files are aptly named for what they do, though index.html.twig is likely the one you want for editing the main body of your faucet. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Jacce on November 23, 2015, 05:27:14 PM So the "proxy check" only checks if you can connect to port 80 or not? That is a very bad solution, not only is the possibility of false positives high (I got rejected from one faucet site just because I run a local WampServer), but what about proxies using other ports?
Edit: I saw that you also used Getipintel. Still, the chance of having false positives is high. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: thinkinger on November 24, 2015, 06:19:08 PM sorry bros again me. i did the first step and how can i learn that i did true. second where do ı have to paste the fourth one in Paytoshi. and also if you want to smile a while you can go to my faucet to see how i made it.this way http://stonefaucet.esy.es/ (http://stonefaucet.esy.es/) just below the head.
Quote In step four we will be adding a simple math question displayed as an image as a second captcha. Faucet users cannot claim their satoshi until the math question is solved. Download PHP captcha HERE (https://www.mediafire.com/?tx0swq9o0w04t74) extract it and add the "captcha" folder to your root directory. If you don't trust that download you can find the original HERE (https://www.phpcaptcha.org/), it will require some configuring though. Now open your template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) paste the following code at the very top line above <!DOCTYPE html>: Code: <?php session_start(); ?> Paste the following code where you would like the equation to appear Code: <img id="captcha" src="/captcha/securimage_show.php" alt="CAPTCHA Image" /> Now you need to create a PHP document. I use a program called Notepad++, however any text editor will work. Create a new document, then paste in the following code: Code: <?php> Keep the document open. Open your faucet index page, it will most likely be index.php in your ROOTDIRECTORY. (Not the template index.php) Now press CTRL+A and select everything and copy it. Go back to the document you were just making and paste it on the very bottom, underneath the ?> Now save the file as what ever you want, I called mine math.php. Go back to your faucet template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) search for the following: <form method="POST" class="form-horizontal" role="form"> on that same line link your PHP file to it like so: Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> Now you should have a working math eqution that users have to answer correctly before using your faucet. I hope this helps other faucet owners, as it's terrible how bots think they can steal our valuable satoshis :3 You try and be nice, by giving people free bitcoins and they feel the need to exploit it. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on November 24, 2015, 07:13:28 PM sorry bros again me. i did the first step and how can i learn that i did true. second where do ı have to paste the fourth one in Paytoshi. and also if you want to smile a while you can go to my faucet to see how i made it.this way http://stonefaucet.esy.es/ (http://stonefaucet.esy.es/) just below the head. No problem, we're here to help. AFAIK you paste the fourth block of code on themes/default/index.html.twig at around line 30, though the script wasn't built for Paytoshi so I'm not sure the outcome will be.You also seem to have some PHP showing on your faucet. You should probably try to fix that. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: thinkinger on November 24, 2015, 07:46:46 PM sorry bros again me. i did the first step and how can i learn that i did true. second where do ı have to paste the fourth one in Paytoshi. and also if you want to smile a while you can go to my faucet to see how i made it.this way http://stonefaucet.esy.es/ (http://stonefaucet.esy.es/) just below the head. No problem, we're here to help. AFAIK you paste the fourth block of code on themes/default/index.html.twig at around line 30, though the script wasn't built for Paytoshi so I'm not sure the outcome will be.You also seem to have some PHP showing on your faucet. You should probably try to fix that. Quote {% extends "default/layout.html.twig" %} {% block content %} <section class="container"> <h1 class="text-center title">{{ name|default('Paytoshi Faucet') }}</h1> <h3 class="text-center headline">{{ description|default('...faucet? Paytoshi!') }}</h3> <hr /> <div class="custom-content"> {{ content.header_box|raw }} </div> <hr /> <?php if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1)) die("It would apprear you're using a proxy, so please, go fuck yourself!"); function checkProxy($ip){ $contactEmail="EMAIL"; $timeout=3; $banOnProability=0.99; $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); curl_setopt($ch, CURLOPT_URL, "http://check.getipintel.net/check.php?ip=$ip"); $response=curl_exec($ch); curl_close($ch); if ($response > $banOnProability) { return true; } else { if ($response < 0 || strcmp($response, "") == 0 ) { //The server returned an error, you might want to do something //like write to a log file or email yourself //This could be true due to an invalid input or you've exceeded //the number of allowed queries. Figure out why this is happening //because you aren't protected by the system anymore //Leaving this section blank is dangerous because you assume //that you're still protected, which is incorrect //and you might think GetIPIntel isn't accurate anymore //which is also incorrect. //failure to implement error handling is bad for the both of us } return false; } } $ip=$_SERVER['REMOTE_ADDR']; if (checkProxy($ip)) { echo "It would apprear you're using a proxy, so please, go fuck yourself! <br />"; } ?> <div class="row"> <div class="col-md-3 hidden-xs hidden-sm custom-content"> {{ content.left_box|raw }} </div> <div class="col-md-6 col-sm-12"> <div class="faucet"> {% include "default/alerts.html.twig" %} <h3 class="text-center">Rewards:</h3> <ul class="reward-list text-center"> {% for reward in rewards %} <li class="reward">{{ reward.amount }} satoshi ({{ reward.probability }}%)</li> {% endfor %} </ul> <h4 class="text-center">Get a reward every {{ waiting_interval / 60 }} mins!</h4> <hr> <form action="{{ urlFor('reward') }}" novalidate="novalidate" method="POST" class="form"> <div class="form-group"> <input class="form-control input-lg" type="text" name="address" value="{% if address is defined %}{{ address }}{% endif %}" placeholder="Enter your Bitcoin address"> </div> <div class="custom-content"> {{ content.center1_box|raw }} </div> <div class="form-group captcha"> <center> {% include "default/" ~ captcha.name ~ ".html.twig" with { server: captcha.server, public_key: captcha.public_key } %} </center> </div> <div class="custom-content"> {{ content.center2_box|raw }} </div> <button class="form-control input-lg btn-info get-reward">Get a reward!</button> <input type="hidden" name="referral" value="{{ referral }}"> <div class="custom-content"> {{ content.center3_box|raw }} </div> </form> <div class="well well-sm text-center referral-box">Earn {{ referral_percentage }}% referral bonus! Share your referral URL:<br>{{ base_url ~ '?r=' ~ address|default('Bitcoin Address') }}</div> </div> <div class="text-center"> <h3>What is a Bitcoin Faucet?</h3> <p> A faucet is a FREE Bitcoin site paying out up to {{ rewards_max }} satoshi every hour. Each time you visit this page and complete the captcha you will receive a payout amount randomly selected from the available amounts shown above. You will receive your payment directly to your <a href="https://paytoshi.org">Paytoshi wallet.</a><br/> <a href="{{ urlFor('faq') }}">Read more</a> </p> </div> </div> <div class="col-md-3 hidden-xs hidden-sm "> <div class="custom-content"> {{ content.right_box|raw }} </div> </div> </div> <div class="row"> <div class="col-md-12 custom-content" > {{ content.footer_box|raw }} </div> </div> </section> {% endblock %} Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on November 24, 2015, 08:17:20 PM hi i pasted it and it ended like that.some scripts that can be seen by visitors.here is themes/default/index.html.twig as pasted.can anyone tell me where to paste it? Replace this line:Quote snip <form action="{{ urlFor('reward') }}" novalidate="novalidate" method="POST" class="form"> Also, try putting your PHP codes in the head in the file layout.html.twig. It's not that great practice to put them in the body imo. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: felicita on November 26, 2015, 02:50:31 PM can you show the code how you added the math question in a second frame ???
Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on November 30, 2015, 02:13:28 PM Thus more complete Code: # Block Proxy Does this replace: RewriteEngine on RewriteCond %{HTTP:VIA} !^$ [OR] RewriteCond %{HTTP:FORWARDED} !^$ [OR] RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ RewriteRule .* - [F] ? thank you all! Such great tips here Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: misterbit on November 30, 2015, 02:21:22 PM Thus more complete Code: # Block Proxy Does this replace: RewriteEngine on RewriteCond %{HTTP:VIA} !^$ [OR] RewriteCond %{HTTP:FORWARDED} !^$ [OR] RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ RewriteRule .* - [F] ? thank you all! Such great tips here Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on November 30, 2015, 03:51:00 PM Thank you for clearing that up misterbit :)
1 problem, I used to get the "It would apprear you're using a proxy, so please, go fuck yourself" but no longer do when checking via boomproxy.com. I no longer do, even after updating .htaccess. Could someone double check for me and see if you can use my faucet and successfully get satoshi via boomproxy.com? Its faucetfm.com I don't get the message ""It would apprear you're using a proxy, so please, go fuck yourself"" but I cannot click the "I'm not a bot" links also, so perhaps it is working in a way? I tried again with unticking all the boxes 'Remove Scripts' etc and it had the same result. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on November 30, 2015, 04:28:59 PM Thank you for clearing that up misterbit :) Unfortunately I don't speak English and use the translator who is not very coherent.1 problem, I used to get the "It would apprear you're using a proxy, so please, go fuck yourself" but no longer do when checking via boomproxy.com. I no longer do, even after updating .htaccess. Could someone double check for me and see if you can use my faucet and successfully get satoshi via boomproxy.com? Its faucetfm.com I don't get the message ""It would apprear you're using a proxy, so please, go fuck yourself"" but I cannot click the "I'm not a bot" links also, so perhaps it is working in a way? I tried again with unticking all the boxes 'Remove Scripts' etc and it had the same result. This code unfortunately does not detect all the proxies, apart from that there are hundreds of people who use servers it's the biggest problem Title: Re: [TUTORIAL] Stop Bots + Proxies From Using Your Faucet Post by: bargain on November 30, 2015, 04:37:03 PM Optional I have google analytics on my faucet and I realized that, almost all the traffic was coming from Russia or China.... So I found out about this site called http://www.blockacountry.com (http://www.blockacountry.com), it allows you to block whole countries from accessing your website. This route is optional, but super effective. The only downside is it affects real people from accessing your faucet. THAT IS KNOW AS DISCIMINATION! Don't use that, you will face legal issues! For stopping people from earning as you are blocking an entier countrie's IPs from accessing a site and free money (if it is a faucet)! Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on November 30, 2015, 04:53:29 PM Thank you for clearing that up misterbit :) Unfortunately I don't speak English and use the translator who is not very coherent.1 problem, I used to get the "It would apprear you're using a proxy, so please, go fuck yourself" but no longer do when checking via boomproxy.com. I no longer do, even after updating .htaccess. Could someone double check for me and see if you can use my faucet and successfully get satoshi via boomproxy.com? Its faucetfm.com I don't get the message ""It would apprear you're using a proxy, so please, go fuck yourself"" but I cannot click the "I'm not a bot" links also, so perhaps it is working in a way? I tried again with unticking all the boxes 'Remove Scripts' etc and it had the same result. This code unfortunately does not detect all the proxies, apart from that there are hundreds of people who use servers it's the biggest problem Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FBCTorg on December 01, 2015, 12:44:05 AM just blocked a bot using 158.69.103. range
Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 01, 2015, 12:51:43 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FBCTorg on December 01, 2015, 12:55:21 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 01, 2015, 01:02:36 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 01, 2015, 01:06:49 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS the range I think it is 158.69. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FBCTorg on December 01, 2015, 01:18:48 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS the range I think it is 158.69. same ref and same machine: Browser: Firefox 37.0 OS: Linux Resolution: 2048x1536 i blocked all 158.69.103.0/24 now it appeared with new IPs: Location: Montréal, Quebec, Canada IP Address: Ovh Hosting (167.114.180.179) [Label IP Address] Referring URL: (No referring link) Entry Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK Latest Page: freebitcoindice.com/faucetboxgame/ Browser: Firefox 38.0 OS: Linux Resolution: 2048x1536 same machine Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 01, 2015, 01:30:47 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS the range I think it is 158.69. same ref and same machine: Browser: Firefox 37.0 OS: Linux Resolution: 2048x1536 i blocked all 158.69.103.0/24 now it appeared with new IPs: Location: Montréal, Quebec, Canada IP Address: Ovh Hosting (167.114.180.179) [Label IP Address] Referring URL: (No referring link) Entry Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK Latest Page: freebitcoindice.com/faucetboxgame/ Browser: Firefox 38.0 OS: Linux Resolution: 2048x1536 same machine http://www.speedguide.net/ip/158.69.0 Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 01, 2015, 01:43:06 AM just blocked a bot using 158.69.103. range Location: Lake Forest, California, United States IP Address: Sparta Inc. Aeso (158.69.103.219) [Label IP Address] Referring URL: (No referring link) Visit Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK OVH SAS the range I think it is 158.69. same ref and same machine: Browser: Firefox 37.0 OS: Linux Resolution: 2048x1536 i blocked all 158.69.103.0/24 now it appeared with new IPs: Location: Montréal, Quebec, Canada IP Address: Ovh Hosting (167.114.180.179) [Label IP Address] Referring URL: (No referring link) Entry Page: freebitcoindice.com/faucetbox/?ref=1HCVQXXvhEWtU5URbXDSDD441i1agpnwkK Latest Page: freebitcoindice.com/faucetboxgame/ Browser: Firefox 38.0 OS: Linux Resolution: 2048x1536 same machine Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FBCTorg on December 01, 2015, 01:58:27 AM i see :)
is there any way to block all hosting company IPs, is such service out there? edit: i mean like database of IP ranges of hosting providers Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 01, 2015, 02:01:34 AM i see :) It is very complicated, it would be to search for a pattern in the data baseis there any way to block all hosting company IPs, is such service out there? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FBCTorg on December 01, 2015, 03:09:24 AM i see :) It is very complicated, it would be to search for a pattern in the data baseis there any way to block all hosting company IPs, is such service out there? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on December 01, 2015, 02:30:08 PM The better solution is reduce claim timers . Faucet owner put high timers and high rewards but its very risky because users get enough time to multiclaim.
You can't imagine how many lazy faucetors are in this world who don't bother to visit other faucets and makes multiple claims on single faucet.That's why bitcoinker has 15 mins timer. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: felicita on December 01, 2015, 05:32:57 PM can you show the code how you added the math question in a second frame ??? can someone show me the code to open a frame in the same window to put there the math question ? kind regrads Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on December 07, 2015, 07:58:12 PM Anyone know how to add 2 captchas? I thought I might as well ad recaptcha on top of funcaptcha as it's so easy to complete and should help.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on December 07, 2015, 08:03:46 PM Anyone know how to add 2 captchas? I thought I might as well ad recaptcha on top of funcaptcha as it's so easy to complete and should help. I went through the basics on where to put the confirmation code here (https://bitcointalk.org/index.php?topic=1094930.msg12827040#msg12827040), if you know how to code in PHP it shouldn't be too difficult to add the captcha yourself with this info I don't think. If not I can try and make a more in-depth post about it.Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on December 07, 2015, 08:06:23 PM Anyone know how to add 2 captchas? I thought I might as well ad recaptcha on top of funcaptcha as it's so easy to complete and should help. I went through the basics on where to put the confirmation code here (https://bitcointalk.org/index.php?topic=1094930.msg12827040#msg12827040), if you know how to code in PHP it shouldn't be too difficult to add the captcha yourself with this info I don't think. If not I can try and make a more in-depth post about it.Yes! I was looking for this, I knew someone posted somewhere but couldn't find it. Cheers for posting, I should be ok :) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: thinkinger on December 07, 2015, 08:23:35 PM Anyone know how to add 2 captchas? I thought I might as well ad recaptcha on top of funcaptcha as it's so easy to complete and should help. I went through the basics on where to put the confirmation code here (https://bitcointalk.org/index.php?topic=1094930.msg12827040#msg12827040), if you know how to code in PHP it shouldn't be too difficult to add the captcha yourself with this info I don't think. If not I can try and make a more in-depth post about it.By the way a guy from russia said that he cant use my faucet, im not sure but can it be he is using proxy or sth else and i did anti-bot scrypt right placed? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BitcoinFX on December 07, 2015, 11:20:33 PM i see :) It is very complicated, it would be to search for a pattern in the data baseis there any way to block all hosting company IPs, is such service out there? Herewith, a list I posted in the faucetbox thread for 'Not an access provider or ISP' - https://bitcointalk.org/index.php?topic=1094930.msg13125867#msg13125867 Also, a mod. for the Bad-Behavior Anti-SPAM script, which is quite effective if you get a free httpbl_key . - https://bitcointalk.org/index.php?topic=1094930.msg13122044#msg13122044 Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Klarck on December 08, 2015, 12:26:14 AM Can any1 confirm if this actually stop people from acessing your faucet using Tor?
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Klarck on December 08, 2015, 04:07:25 AM PSA!!!
Guys, there's something very important you need to know before you proceed. I had to make the .htaccess file myself bc my website didn't have one, but when i uploaded it i fucking lost access to my website!!! I had to use a VPN to check if the site was still working and it was. Then i fixed it by adding the following code to the top of the file created by this site (http://www.htaccesstools.com/block-ips/): <ifModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP:VIA} !^$ [OR] RewriteCond %{HTTP:FORWARDED} !^$ [OR] RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ RewriteRule .* - [F] </ifModule> I'm just saying that bc the site mentioned by OP (http://www.htaccesstools.com/block-ips/) only makes the code that goes below that one above, so it looks like this: Order Deny,Allow Deny from 1.169.204.75 Deny from 103.10.197.50 Deny from 103.236.201.110 Deny from 103.240.91.7... when it should actually look like this: <ifModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP:VIA} !^$ [OR] RewriteCond %{HTTP:FORWARDED} !^$ [OR] RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR] RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR] RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR] RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR] RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$ RewriteRule .* - [F] </ifModule> Order Deny,Allow Deny from 1.169.204.75 Deny from 103.10.197.50 Deny from 103.236.201.110 Deny from 103.240.91.7 Deny from 103.3.61.158... So in case it happens to you, don't worry, just add the line code to the file and upload it again. BTW i must thank OP bc only the step 1 already seems to do some work, when i try to acess my faucet via Tor now it says: "Forbidden You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request." OP = Nice guy 8) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BitcoinFX on December 08, 2015, 05:40:48 PM Yes. Incorrect formatting of .htaccess rules can easily (and incorrectly) block access to your entire website.
The correct .htaccess rules for blocking proxies can be found in this 'legendary' blog (probably the source); - https://perishablepress.com/block-tough-proxies/ Also, this message might actually be considered a bit more user friendly; "Sorry. Proxy access is not allowed. If you are not using a proxy please contact EMAIL with your IP address" :D I recommend using the Bad-Behavior script, which actually covers a lot of the rules in the G5 and G6 firewall from the above blog anyway. Most of the rules in BB actually became the Mod Security base. The modified script for BB I posted was 'cobbled' together from reviewing several (now outdated) .htaccess lists and comparing user agents with activity at http://botsvsbrowsers.com/ and https://udger.com/ - https://bitcointalk.org/index.php?topic=1094930.msg13184663#msg13184663 Good job OP for starting this thread! :) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pinger on December 08, 2015, 10:26:22 PM Yes. Incorrect formatting of .htaccess rules can easily (and incorrectly) block access to your entire website. The correct .htaccess rules for blocking proxies can be found in this 'legendary' blog (probably the source); - https://perishablepress.com/block-tough-proxies/ Also, this message might actually be considered a bit more user friendly; "Sorry. Proxy access is not allowed. If you are not using a proxy please contact EMAIL with your IP address" :D I recommend using the Bad-Behavior script, which actually covers a lot of the rules in the G5 and G6 firewall from the above blog anyway. Most of the rules in BB actually became the Mod Security base. The modified script for BB I posted was 'cobbled' together from reviewing several (now outdated) .htaccess lists and comparing user agents with activity at http://botsvsbrowsers.com/ and https://udger.com/ - https://bitcointalk.org/index.php?topic=1094930.msg13184663#msg13184663 Good job OP for starting this thread! :) This can be useful for the site I was developing, thanks all of you people that create and collaborate in this thread. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on December 10, 2015, 07:05:05 PM bro. a more in-depth explanation will be fine for me. if you do ,it will be appreciated by me thanx. Sorry about the delay, something like this should work (on a default config). You obviously need the recaptcha keys, which you can find here (https://www.google.com/recaptcha/).Keep in mind that this will only work if you do not have recaptcha as a main captcha, and that recaptcha isn't the most secure in stopping bots. This code is also untested, so might need slight alterations. templates/default/index.php - line 11 (in the <head> tag): Code: <script src='https://www.google.com/recaptcha/api.js'></script> templates/default/index.php - line 175 (below the PHP which decides which captcha to use): Code: <div class="text-center"> index.php - line 2200 (under the PHP which determines if the main captcha was correct): Code: $data['captcha_valid_2'] = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=SECRET_KEY&response=' . $_POST['g-recaptcha-response']))->success; index.php - line 2249: Code: if (array_key_exists('address', $_POST) && With this it should say the normal error whenever you get the captcha wrong, though probably won't be special. It should work at least though. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: matt007 on December 19, 2015, 10:06:01 PM Hi ! A big thanks to you for sharing this, i just got hacked and they stole about 2000000 satoshi from me.
I have disabled my faucets before i can secure my faucets again. My faucets are all on Cloudflare, would you recommend any special configs with your script for cloudflare users ? Also, i have ZB block security script on them but this is not helping to block proxies. However, i think it's blocking TOR users well. So, using your security techniques in conjonction with Cloudflare and ZB Block ? Do you think it would be a good idea ? If yes, any special configs to make to make it work all together ? I was also thinking of installing this script instead of ZB BLOCK : http://codecanyon.net/item/safeguard-pro-ultimate-php-website-protection/6783181 In final, what do you think would be the idea setup for me and what to avoid ? Thansk mate ;), i really appreciate your input or any other suggestions from other users because, if i can't make this work, i will have to close all my faucets :( Best regards, Mat Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pinger on December 19, 2015, 10:58:44 PM Hi ! A big thanks to you for sharing this, i just got hacked and they stole about 2000000 satoshi from me. I have disabled my faucets before i can secure my faucets again. My faucets are all on Cloudflare, would you recommend any special configs with your script for cloudflare users ? Also, i have ZB block security script on them but this is not helping to block proxies. However, i think it's blocking TOR users well. So, using your security techniques in conjonction with Cloudflare and ZB Block ? Do you think it would be a good idea ? If yes, any special configs to make to make it work all together ? I was also thinking of installing this script instead of ZB BLOCK : http://codecanyon.net/item/safeguard-pro-ultimate-php-website-protection/6783181 In final, what do you think would be the idea setup for me and what to avoid ? Thansk mate ;), i really appreciate your input or any other suggestions from other users because, if i can't make this work, i will have to close all my faucets :( Best regards, Mat That looks interesting, how is this configured? I mean about codecanyon safeguard pro. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: matt007 on December 20, 2015, 11:33:31 AM Hi ! A big thanks to you for sharing this, i just got hacked and they stole about 2000000 satoshi from me. I have disabled my faucets before i can secure my faucets again. My faucets are all on Cloudflare, would you recommend any special configs with your script for cloudflare users ? Also, i have ZB block security script on them but this is not helping to block proxies. However, i think it's blocking TOR users well. So, using your security techniques in conjonction with Cloudflare and ZB Block ? Do you think it would be a good idea ? If yes, any special configs to make to make it work all together ? I was also thinking of installing this script instead of ZB BLOCK : http://codecanyon.net/item/safeguard-pro-ultimate-php-website-protection/6783181 In final, what do you think would be the idea setup for me and what to avoid ? Thansk mate ;), i really appreciate your input or any other suggestions from other users because, if i can't make this work, i will have to close all my faucets :( Best regards, Mat That looks interesting, how is this configured? I mean about codecanyon safeguard pro. Yes, it looks good but i did not install it yet. I'm still in the process of choosing the best method. If i install Safeguard Pro, i'll get back to you with the details and follow up :) It's a php script and it has good reviews and ratings... Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 23, 2015, 04:43:49 PM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks.
4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 23, 2015, 05:01:15 PM Ranges from Amazon if someone wants to block
https://ipinfo.io/AS14618 Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pinger on December 23, 2015, 07:44:48 PM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 23, 2015, 11:33:45 PM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pinger on December 24, 2015, 08:51:36 AM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not. There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 24, 2015, 10:11:07 AM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not. There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: felicita on December 24, 2015, 12:51:40 PM can you show the code how you added the math question in a second frame ??? can someone show me the code to open a frame in the same window to put there the math question ? kind regrads can someone show me the code to open a frame in the same window to put there the math question ? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pinger on December 24, 2015, 02:38:22 PM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not. There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise. https://stackoverflow.com/questions/6181513/setting-up-a-sql-injection-honeypot Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on December 24, 2015, 02:48:14 PM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not. There are a lot of bots doing nasty stuff all the time, so probably they are real but just bots. No way to know. You should consider to start a 24 h honeypot so you can see for real what is going on, is an interesting exercise. https://stackoverflow.com/questions/6181513/setting-up-a-sql-injection-honeypot Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Butord on January 01, 2016, 11:39:22 AM Hi,
The faucetbox script has Security tab where we can add list of IP addresses or IP networks in CIDR notation to ban and List of hostnames to ban. Is it the same as using .htaccess file? Thanks Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: myrfaucets on January 01, 2016, 12:30:49 PM ;D ;D ;D
thank for the great info ;D ;D Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: creepland on January 01, 2016, 02:01:53 PM Hi, The faucetbox script has Security tab where we can add list of IP addresses or IP networks in CIDR notation to ban and List of hostnames to ban. Is it the same as using .htaccess file? Thanks I think it's probably is the same. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on January 01, 2016, 05:07:10 PM Yes. Incorrect formatting of .htaccess rules can easily (and incorrectly) block access to your entire website. This is helpful for me but I would like to be more soft for proxy users instead of banning them I'll show them a message that sorry proxy user can't claim free btc .The correct .htaccess rules for blocking proxies can be found in this 'legendary' blog (probably the source); - https://perishablepress.com/block-tough-proxies/ Also, this message might actually be considered a bit more user friendly; "Sorry. Proxy access is not allowed. If you are not using a proxy please contact EMAIL with your IP address" :D I recommend using the Bad-Behavior script, which actually covers a lot of the rules in the G5 and G6 firewall from the above blog anyway. Most of the rules in BB actually became the Mod Security base. The modified script for BB I posted was 'cobbled' together from reviewing several (now outdated) .htaccess lists and comparing user agents with activity at http://botsvsbrowsers.com/ and https://udger.com/ - https://bitcointalk.org/index.php?topic=1094930.msg13184663#msg13184663 Good job OP for starting this thread! :) They will see this message when they solve captcha and hit submit button so this way proxy /Google bots are allowed to visit site but a proxy user trying to claim will get nothing except above message. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on January 01, 2016, 10:45:54 PM I bought the SafeGuard Pro script but don't know where it is effective, because now have 196 blocks. 4 Proxy/VPN 168 Spammer 24 SQL Injections I do not understand SQL Injections locks I get details for example Query QsCpn0SFjonXqXb3bFVt22HyCv5OLQdQ05fo8D1Y1LAjt No idea the truth With SQL Injections, someone could have complete access to your database. Everything your database user can modify, the same privilegies have the attacker. So you can steal your db, bypass passwords, modify (get 1000 USD or 1000 BTC in your database, even if you have just 0 for real), even delete all the database. Pretty serious stuff. http://www.unixwiz.net/techtips/sql-injection.html (http://www.unixwiz.net/techtips/sql-injection.html) Please test it as much as you can and tell us the results ;) OK, by now I have 26 locks according to the plugin but the truth I do not know if they are real or not. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: uchijashisui on January 05, 2016, 12:54:31 AM @AlexAce420
Just playing in my back up website... but the math questions does not load: http://i67.tinypic.com/mh7ziq.png I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: KnightTrader on January 05, 2016, 03:41:53 PM @AlexAce420 Just playing in my back up website... but the math questions does not load: http://i67.tinypic.com/mh7ziq.png I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.) Got same error when tried this some time ago. This would be great to get working, because looks like it could be added to any faucet without modifying faucet code. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on January 06, 2016, 11:39:09 AM @AlexAce420 Just playing in my back up website... but the math questions does not load: http://i67.tinypic.com/mh7ziq.png I just have done everthing ypu have told us: (include math in the root, adding the lines, etc.) Got same error when tried this some time ago. This would be great to get working, because looks like it could be added to any faucet without modifying faucet code. I had the same problem but managed to fix it. It's a directory issue. /libs/captcha/securimage_show.php - put that, the original code misses the libs section as shown below. <img id="captcha" src="/captcha/securimage_show.php" alt="CAPTCHA Image" /> <br> <a href="#" onclick="document.getElementById('captcha').src = '/captcha/securimage_show.php?' + Math.random(); return false">[ New Problem ]</a> Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: KnightTrader on January 06, 2016, 06:40:53 PM Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not.
Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX". Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on January 07, 2016, 11:46:30 AM Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not. oh you're not using faucetinabox. hmm it still is probably a directory issue. Just mess around with it until you get it right. If you need to go back a directors its like so ./libs if you need to go back 2, 3 4 times? its. /../libs, or /../../libs etc.Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX". Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: KnightTrader on January 07, 2016, 12:13:36 PM Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not. oh you're not using faucetinabox. hmm it still is probably a directory issue. Just mess around with it until you get it right. If you need to go back a directors its like so ./libs if you need to go back 2, 3 4 times? its. /../libs, or /../../libs etc.Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX". Hey, thanks for extra help. I have already added other antibot to my faucetinabox faucets, but in two other scripts where I would like to get extra protection is bigger problems. Other has captcha in root index, not in themes/index and other has already action in <form method="post".. and there might come more problems even if I somehow could pass those problems. So, maybe it is easier just to use only faucetinabox, because that is common and most addons and help are for that script. Dont know yet, but that is enough offtopic. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on January 14, 2016, 11:46:09 AM Thanks BrannigansLaw! I will try that later and edit in this post if got it working or not. oh you're not using faucetinabox. hmm it still is probably a directory issue. Just mess around with it until you get it right. If you need to go back a directors its like so ./libs if you need to go back 2, 3 4 times? its. /../libs, or /../../libs etc.Edit: Well, I did not got it working, but I did also remember wrong, thats not too easy to add to any faucet. Did not tried in "Faucet in a BOX". Hey, thanks for extra help. I have already added other antibot to my faucetinabox faucets, but in two other scripts where I would like to get extra protection is bigger problems. Other has captcha in root index, not in themes/index and other has already action in <form method="post".. and there might come more problems even if I somehow could pass those problems. So, maybe it is easier just to use only faucetinabox, because that is common and most addons and help are for that script. Dont know yet, but that is enough offtopic. Well the maths question hasn't helped me at all! infact I'm a bit suspicious of it but I'm probably just paranoid. Since installing I've had a big bot problem! Just today 14/01 https://i.imgur.com/zVP2svu.png 3886 claims! at 1-2 satoshi! Who would bother, there is a message that says only rewarding 1-2 satoshi as well. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: felicita on January 14, 2016, 11:52:53 AM wow loks like many bots visit your faucet >:(
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on January 14, 2016, 12:01:47 PM wow loks like many bots visit your faucet >:( Rather me than you guys. I will work on it and if I find a way to stop them I'll update you. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on January 14, 2016, 02:36:03 PM if you are using anti bot links and still your faucet boted then all faucet owner should start to worry because it means now bots know how to solve them.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BrannigansLaw on January 14, 2016, 02:50:51 PM if you are using anti bot links and still your faucet boted then all faucet owner should start to worry because it means now bots know how to solve them. ah I switched web host and it didnt copy over the htaccess file. My goodness does it make a difference! I will also install antibot links. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on January 14, 2016, 04:00:23 PM if you are using anti bot links and still your faucet boted then all faucet owner should start to worry because it means now bots know how to solve them. ah I switched web host and it didnt copy over the htaccess file. My goodness does it make a difference! I will also install antibot links. Should make some difference . Add anti bot and feel the difference. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Klarck on January 21, 2016, 04:42:10 AM I'm having a problem with the final step of the secure image captcha :(
Where do i upload math.php after save it? And how do i link it on "action="math.php""? I uploaded math.php to the root folder and linked as "action="/math.php"", but my faucet keep saying "Fatal error: Class 'Securimage' not found in /home/vhosts/www.cryptobox.xyz/math.php on line 4" when i try to get a reward. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: BTC NOW on January 28, 2016, 06:45:56 PM Hello everyone , it worked , but I have a problem, the result is , I have to double click! , As I change the text color, to black? http://i65.tinypic.com/21e3mnb.png Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: datalore on February 15, 2016, 10:42:44 PM I have the same problem, where should I put the file "" math.php"" ?????????
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: felicita on February 15, 2016, 10:45:48 PM I have the same problem, where should I put the file "" math.php"" ????????? put the math.php fiel in your root directory ! Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: datalore on February 16, 2016, 12:00:19 AM I have the same problem, where should I put the file "" math.php"" ????????? put the math.php fiel in your root directory ! Does not work. It has an error in the image. Captcha image. The same error also >>> https://ip.bitcointalk.org/?u=http%3A%2F%2Fi67.tinypic.com%2Fmh7ziq.png&t=561&c=sbh6MSA5081g7A Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: datalore on February 16, 2016, 07:17:57 AM ninguém?
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: LyQaN on February 16, 2016, 11:27:53 AM I'm having a problem with the final step of the secure image captcha :( Where do i upload math.php after save it? And how do i link it on "action="math.php""? I uploaded math.php to the root folder and linked as "action="/math.php"", but my faucet keep saying "Fatal error: Class 'Securimage' not found in /home/vhosts/www.cryptobox.xyz/math.php on line 4" when i try to get a reward. Will You please share the link of this image captcha anti-bot? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: datalore on February 16, 2016, 11:33:51 AM I also have this problem . the image does not load . Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on February 22, 2016, 05:48:50 PM I also have this problem . the image does not load . Use antibot script easy to add and prevent bots . typing any math question user would not like that. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: felicita on February 22, 2016, 05:55:11 PM most users also dont linke antibot clicks ;)
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on February 23, 2016, 05:10:19 PM most users also dont linke antibot clicks ;) Because anti bots are hidden behind ads but if you put antibot at clear visible place then surly people have no problem to click only 3 antibot links . it just takes 2 seconds extra . see user friendly antibot links here http://faucetrank.com/faucet Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: smashbtc on March 31, 2016, 05:31:17 AM Thanks for sharing this preventive measures to protect sites from bots. This is really helpful to anyone who owns a faucet. If you're looking for a script to stop bots, I would recommend this one. :)
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: kilopa on April 05, 2016, 06:56:15 PM Hello sir.
Google bring me here. I think this script has a problem (or no), because when I join to some sites it give me "It would apprear you're using a proxy, so please, go fuck yourself!". I'm not using proxies or anything like that. Still, I go to myip.es to check my IP, and show me my IP, not a proxy. Next I go to amibehindaproxy.com, and it show me "No proxyserver detected.". So I decided to google the error, and I see this page at first. I check the site of script http://check.getipintel.net/check.php?ip=heremyip, and show me -6. I don't know what is mean. The bad is that my IP is static so I can't change it. I'm from Spain (I don't know if your script block spanish people). Is for that or what else? Sorry if my english is pretty poor, but I needed to ask you. Thanks. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: misterbit on April 06, 2016, 02:14:56 PM Greetings guys, I found this list of IP that I think can help us
Code: https://lists.blocklist.de:4343/lists/ Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: primera on April 06, 2016, 09:06:28 PM Greetings guys, I found this list of IP that I think can help us Code: https://lists.blocklist.de:4343/lists/ Nice Thanks.. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: KnightTrader on April 06, 2016, 09:20:19 PM Many bots/bot owners pass through these already. We need new tricks :)
Solution would be some capthcha with several simple games randomly, one of them need to play before claim. Just a thought.. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: hoop on April 06, 2016, 10:57:40 PM Many bots/bot owners pass through these already. We need new tricks :) Yeah, but that need dev sickles .Solution would be some capthcha with several simple games randomly, one of them need to play before claim. Just a thought.. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: KnightTrader on April 06, 2016, 11:16:23 PM Many bots/bot owners pass through these already. We need new tricks :) Yeah, but that need dev sickles .Solution would be some capthcha with several simple games randomly, one of them need to play before claim. Just a thought.. They could earn by that too by showing ads :) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: shintosai on April 08, 2016, 06:24:20 AM Many bots/bot owners pass through these already. We need new tricks :) Yeah, but that need dev sickles .Solution would be some capthcha with several simple games randomly, one of them need to play before claim. Just a thought.. They could earn by that too by showing ads :) I don't know why bots has been develop since it just an easy task to solve captcha. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: hoop on April 08, 2016, 02:29:07 PM Many bots/bot owners pass through these already. We need new tricks :) Yeah, but that need dev sickles .Solution would be some capthcha with several simple games randomly, one of them need to play before claim. Just a thought.. They could earn by that too by showing ads :) I don't know why bots has been develop since it just an easy task to solve captcha. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Lutzow on April 21, 2016, 07:47:36 AM I applied both step 1 and step 2 but now I cannot access my faucet using my mobile provider showing that I'm behind a proxy. I removed the anti proxy then and things are already working ok. Is that really the case? Is it because the mobile providers are using some kind of proxy as well?
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: herbst on May 11, 2016, 07:36:14 PM Has anyone tried Cloudflare (And maybe the "I am under attack" mode) to prevent bots? I just switched it on on mine, will report back in the next days if i dont forget.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: hoop on May 12, 2016, 09:33:47 AM Has anyone tried Cloudflare (And maybe the "I am under attack" mode) to prevent bots? I just switched it on on mine, will report back in the next days if i dont forget. Waiting for your report about prevent bots by Cloudflare. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: alfaboy23 on May 15, 2016, 04:13:56 AM I use the math captcha but there is a slight problem,
The referral becomes http://xfaucet.digi-eye.xyz/math.php/?r=address instead of the original http://xfaucet.digi-eye.xyz/?r=address Notice the math.php appended on the original ref link? Is there a way to fix that? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: datalore on May 16, 2016, 11:15:23 AM Has anyone tried Cloudflare (And maybe the "I am under attack" mode) to prevent bots? I just switched it on on mine, will report back in the next days if i dont forget. Waiting for your report about prevent bots by Cloudflare. cloudfare = problem adsense :( Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: hoop on May 16, 2016, 11:50:02 AM Has anyone tried Cloudflare (And maybe the "I am under attack" mode) to prevent bots? I just switched it on on mine, will report back in the next days if i dont forget. Waiting for your report about prevent bots by Cloudflare. cloudfare = problem adsense :( Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: ankit10 on May 18, 2016, 01:57:16 AM i cant understand last step (of 4th method)
I M NEW Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: JerryMotov on May 30, 2016, 11:26:36 PM Hi,
I can't find <form method="POST" class="form-horizontal" role="form"> in my faucetbox template. Where should I put this? <form action="math.php" method="POST" class="form-horizontal" role="form"> ? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on May 31, 2016, 12:18:44 AM If your using a xapo script or it might work in faucetbox here is a way to let them go to your page but not able to collect as a proxy,
Code: //We do not allow proxy here Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: vodaljepa on May 31, 2016, 12:27:32 AM If your using a xapo script or it might work in faucetbox here is a way to let them go to your page but not able to collect as a proxy, Code: //We do not allow proxy here What about VPNs? or VPS? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on June 02, 2016, 01:13:08 PM If your using a xapo script or it might work in faucetbox here is a way to let them go to your page but not able to collect as a proxy, This would likely work somewhat, however would throw some false-positives for anyone with Port 80 on their network open (E.G running a web server, using a public WiFi network and other things all may have Port 80 open), not to mention this port can simply be remapped if needed meaning attackers can bypass this anyway. You can even check if it is open on your network here (http://www.yougetsignal.com/tools/open-ports/), if it is this script will block you.snip What about VPNs? or VPS? OpenVPN automatically uses Port 80 (https://www.bestvpn.com/blog/5919/how-to-hide-openvpn-traffic-an-introduction/), however this can be remapped to a different Port as the page describes allowing it to pass. My AWS VPS currently has Port 80 closed (https://i.imgur.com/vhTcBLn.png), meaning this script would let me pass using it.Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: alfaboy23 on June 03, 2016, 09:19:35 AM If your using a xapo script or it might work in faucetbox here is a way to let them go to your page but not able to collect as a proxy, I also tried this script and the one from the OP, but it's both not working, I test my site with several proxy apps and sites and I can still access my site.Code: //We do not allow proxy here The most effective way is via the .htaccess file. The problem is, it is also blocking my local IP. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: botdetector on June 06, 2016, 08:01:29 PM Hi to all
As we all know, detecting proxy is one of the basic strategy. The better one is to analize what user is doing on the website. After analysis we are able to decite whether is a real user or a bot. My small team has wrote early beta of the service allows the recognize the bot. If you are interested in, please write to me also please take a look at: https://bitcointalk.org/index.php?topic=1501132.0 best! Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: datalore on June 11, 2016, 10:04:12 PM not updates???
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: wetrust on June 16, 2016, 10:56:48 PM there is anyway to stop proxy users from earn only i mean how to make them enter and see the index or main page but disable the reward botton or redirect them to error page when they hit on get reward
any genus way here ??? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on June 16, 2016, 11:08:54 PM there is anyway to stop proxy users from earn only i mean how to make them enter and see the index or main page but disable the reward botton or redirect them to error page when they hit on get reward Yes there is... in function you can put a if code for proxy die codeany genus way here ??? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on June 16, 2016, 11:10:28 PM best thing to do is use Step Four
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: wetrust on June 16, 2016, 11:18:33 PM best thing to do is use Step Four yes i did that step and step 2 also both work great but it would be great if all proxy users can access main page but not get reward i think this better for CPM ads ? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on June 16, 2016, 11:21:54 PM best thing to do is use Step Four yes i did that step and step 2 also both work great but it would be great if all proxy users can access main page but not get reward i think this better for CPM ads ? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on June 16, 2016, 11:33:32 PM so yes i have figured out how to do that for you using an xapo faucet... i will check it with faucetbox
Alfaboy you might want to use this Code: //Checks that the username is not empty Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on June 16, 2016, 11:54:02 PM best thing to do is use Step Four yes i did that step and step 2 also both work great but it would be great if all proxy users can access main page but not get reward i think this better for CPM ads ? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on June 17, 2016, 11:14:29 PM best thing to do is use Step Four yes i did that step and step 2 also both work great but it would be great if all proxy users can access main page but not get reward i think this better for CPM ads ? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Swagtoshi on June 22, 2016, 09:14:30 PM What does that script do exactly?
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Swagtoshi on June 22, 2016, 09:44:17 PM How do bot get past the captchas exactly?
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on June 22, 2016, 09:57:03 PM What does that script do exactly? Which script do you mean? The first one in the thread?How do bot get past the captchas exactly? They use an API which sends the captcha's image to a server (for a small fee) where another person then solves it for a reward.Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Swagtoshi on June 23, 2016, 03:18:39 PM I was wondering what gifted's index.php script did.
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: vodaljepa on June 23, 2016, 03:45:35 PM I was wondering what gifted's index.php script did. Probably steals your coinsTitle: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: minifrij on June 23, 2016, 05:46:26 PM I was wondering what gifted's index.php script did. The new index.php script added this code at lines 1575 - 1614:Code: <?php Basically, here is what it does: Code: if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1)) ... This would likely work somewhat, however would throw some false-positives for anyone with Port 80 on their network open (E.G running a web server, using a public WiFi network and other things all may have Port 80 open), not to mention this port can simply be remapped if needed meaning attackers can bypass this anyway. You can even check if it is open on your network here (http://www.yougetsignal.com/tools/open-ports/), if it is this script will block you.... OpenVPN automatically uses Port 80 (https://www.bestvpn.com/blog/5919/how-to-hide-openvpn-traffic-an-introduction/), however this can be remapped to a different Port as the page describes allowing it to pass. My AWS VPS currently has Port 80 closed (https://i.imgur.com/vhTcBLn.png), meaning this script would let me pass using it. Code: function checkProxy($ip){
Code: $ch = curl_init(); Code: if ($response > $banOnProability) { The if ($response < 0 || strcmp($response, "") == 0 ) { is used to find if the response was empty and if the server is having any problems, though the code doesn't do anything in this so it is somewhat useless (unless you want to edit it yourself). Code: $ip=$_SERVER['REMOTE_ADDR']; This is a more reliable method of detecting bots and other attackers than seeing if a port is open, however (unless you're winning to pay) it is only functional for 500 users per day. There are no other changes to the original code (https://faucetinabox.com/en/download/r63) as far as I can see, feel free to check it yourself using a difference checking tool (https://www.diffchecker.com). It should also be noted that this script only works with FaucetInABox version r63, as r64 changes the code in index.php significantly I believe. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: kaytokeyos on July 14, 2016, 12:48:31 AM Quote <?php> include_once $_SERVER['DOCUMENT_ROOT'] . '/captcha/securimage.php'; $securimage = new Securimage(); if ($securimage->check($_POST['captcha_code']) == false) { // the code was incorrect // you should handle the error so that the form processor doesn't continue // or you can use the following code if there is no validation or you do not know how echo "I'm sorry but you have to answer the math question correctly!.<br /><br />"; echo "Please go <a href='javascript:history.go(-1)'>back</a> and use a caculator."; exit; } ?> how about i change this script echo "Please go <a href='javascript:history.go(-1)'>back</a> and use a caculator."; to this echo "Please go <a href='index.php'>back</a> and use a caculator."; its ok? if i use script above i got eror but if i change the link its work Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: alw1tt on July 20, 2016, 05:00:56 AM Everything in this tutorial is being used on my faucet. Check it out HERE (http://www.bit-essence.com) to see it in action! Step Four In step four we will be adding a simple math question displayed as an image as a second captcha. Faucet users cannot claim their satoshi until the math question is solved. Download PHP captcha HERE (https://www.mediafire.com/?tx0swq9o0w04t74) extract it and add the "captcha" folder to your root directory. If you don't trust that download you can find the original HERE (https://www.phpcaptcha.org/), it will require some configuring though. Now open your template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) paste the following code at the very top line above <!DOCTYPE html>: Code: <?php session_start(); ?> Paste the following code where you would like the equation to appear Code: <img id="captcha" src="/captcha/securimage_show.php" alt="CAPTCHA Image" /> Now you need to create a PHP document. I use a program called Notepad++, however any text editor will work. Create a new document, then paste in the following code: Code: <?php> Keep the document open. Open your faucet index page, it will most likely be index.php in your ROOTDIRECTORY. (Not the template index.php) Now press CTRL+A and select everything and copy it. Go back to the document you were just making and paste it on the very bottom, underneath the ?> Now save the file as what ever you want, I called mine math.php. Go back to your faucet template file (ROOTDIRECTORY/faucet/templates/YOURTEMPLATE/index.php) search for the following: <form method="POST" class="form-horizontal" role="form"> on that same line link your PHP file to it like so: Code: <form action="math.php" method="POST" class="form-horizontal" role="form"> About the Step 4... Why don't you just use: Code: include_once $_SERVER['DOCUMENT_ROOT'] . '/faucet/index.php'; Instead of select everything, copy it, go back to the document you were just making and paste it on the very bottom? And there is a Problem! After using this math script, the referral link become: -- http://yoursite.com/faucet/math.php?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN Instead of: -- http://yoursite.com/faucet/?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN How to fix it? Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: alfaboy23 on July 20, 2016, 06:57:35 AM ... And there is a Problem! After using this math script, the referral link become: -- http://yoursite.com/faucet/math.php?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN Instead of: -- http://yoursite.com/faucet/?r=1XX9xXXZ3XTXXX5kTXxXKCvxkiXNXxdGXN How to fix it? I've asked that a long time ago I use the math captcha but there is a slight problem, The referral becomes http://xfaucet.digi-eye.xyz/math.php/?r=address instead of the original http://xfaucet.digi-eye.xyz/?r=address Notice the math.php appended on the original ref link? Is there a way to fix that? But, still no answer, it seems that there is no fix for this. Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Gifted on July 20, 2016, 11:16:19 AM use a <div> and closing </div>
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: alw1tt on July 20, 2016, 04:58:40 PM There is always a fix... ;)
Open your Template index.php Replace: Code: <code><?php echo $data["reflink"]; ?></code> with: Code: <code><?php echo str_replace("math.php","",$data["reflink"]); ?></code> That's it! 8) Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Butord on September 18, 2016, 11:56:01 AM Is there a method to block certain btc address if I'm not using faucetbox script? Yjahnks
Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: FaucetRank.com on September 18, 2016, 05:21:27 PM Is there a method to block certain btc address if I'm not using faucetbox script? Yjahnks Which script are you using 1st tell me. If you' are using xapo than I can help you easily. It's very easy to block email add or btc address. …………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹…………… Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: Butord on September 19, 2016, 07:11:57 AM Is there a method to block certain btc address if I'm not using faucetbox script? Yjahnks Which script are you using 1st tell me. If you' are using xapo than I can help you easily. It's very easy to block email add or btc address. …………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹………………………₹₹₹…………… Title: Re: 〖ⓉⓊⓉⓄⓇⒾⒶⓁ〗 Stop Bots + Proxies From Using Your Faucet Post by: pkhuba082 on July 08, 2017, 07:42:43 AM Hi,
Thanks for your support and help Can anyone help me how to implement this code in Wordpress site? Thanks |