I still don't have access if someone resets my password to something generic then I can log in change it and delete some spam account will be tomorrow as is late here now I have 2 new requests for accounts as well... so guess i should message them to sign up again if their account already been deleted Fuzzybear I can add them manually if you want fuzzybear, also I will add a new account for you manually.
|
|
|
Admin - User manager - Type a letter into the search (any will do there are so many) - delete ones in just the user group "User", if they are in any other group skip them.
I don't have anything saying "admin" or "user manager"... I guess I'm not senior enough... Guess not
|
|
|
Admin - User manager - Type a letter into the search (any will do there are so many) - delete ones in just the user group "User", if they are in any other group skip them.
|
|
|
There are different user groups. The ones we are deleting are just "user" the writers are "user, writers", those are safe.
|
|
|
The ticket is supposedly cleared, I am manually clearing out the bad registrations now. If any of the other admins want to assist me please do so, any blank users just delete, the ones with odd characters you can ignore they are going to have to be removed on the backend.
|
|
|
They are in the mail via usps. He is in Poland, I am in Florida, these things take awhile.
|
|
|
Well we could make them fill out a captcha first in order to learn the fact that they cannot sign up. Why give them that information "for free" up front? :evilgrin:
Basically if they are seemingly human, then tell them what it is that they do have to do in order to get someone to create an account for them.
Maybe bearing in mind we know they are willing to deploy captcha-solvers to do it, so whatever it is should bear that in mind. Which might be why we want a sample article or whatever. (Though I guess bots could have libraries of those too.)
-MarkM-
We could even trump the people paid to fill out captcha's by using some of these? http://crapcha.com/ :evilergrin On the forums I run... to stop spam just some simple questions works that vary... I have set some maths questions on ppcointalk and that works for me on that site.. not had to remove spam posts for 5-6 months now. FuzzyBear The real problem is IO, each time the form is submitted whether successful or not it still attempts. Removing the registration page will make that issue disappear.
|
|
|
Sounds good. For the very few who do useful edits but do not want a user page, they can always ask an admin to make a new account.
Hmm, maybe it could go based on activity instead. If the user has been active, don't remove. I noticed the bots aren't making any posts/edits/etc. at all so that should kick them all out, while not affecting anyone who's there legitimately. Not sure how DokuWiki handles the tracking of activity though. They cannot post on those accounts due to the admin block on them based on their user group. It is just causing IO errors due to the amount of simultaneous registrations. But none of that will matter since we will just keep the registration page from being available to the bots now.
|
|
|
When the host has the ticket cleared I will get onto the user list clean up. Until then its pointless as it will just corrupt again most likely.
|
|
|
Those captchas are iframed (I think havent looked at it in a while) then filled out by humans. They still fill them in, its not truly automated. They pay people 0.00001 cents to fill them out.
|
|
|
somethig similar?! Im sure online merchants are doing somethig to avoid bots or have to bots been able to perpetrate all registration security out there?
I have never seen a perfect method of keeping them out. But considering everything, since we do not NEED people to register, our best offense is to remove the option for the registration so the site isnt pounded constantly. Now I am looking into filtering the user accounts out to remove the spam ones.
|
|
|
It really is just bots. About 36k accounts actually. But since registration requires approval, they are just causing problems.
|
|
|
The host has admitted fault, but I am awaiting them to complete tickets that are open to correct the issues. After that we are going to go clean up the havoc caused by the bots.
|
|
|
Is this a OMG site got hacked all the money is lost omg I am so sorry you all lost your money. *Poof I am gone* - scenario?
|
|
|
I got Hi jasinlee, Someone has logged into your wallet from a new location. If this is you, please click on the following link to authorize: https://inputs.io/auth?authorize=xxxxxxIP Address: 108.162.210.132 Country: United States City: San Francisco Thanks, Inputs.io. Its not just you. Someone has hijacked the logins.
|
|
|
Doing some work on the site, might bounce up / down. Gotta figure out whats causing the issues with the user DB.
Well the host finally came out and admitted its their issue. Makes a lot more sense considering nothing had been changed. Just waiting on them to correct it now.
|
|
|
It look as if I have my loan, should be finalized in a few days. Thanks for the replies. I will update op when its done.
|
|
|
The bots have been an issue for a while, it just now became a problem. They are the same bots that likely go around advertising viagra on random wikis on the net.
|
|
|
Doing some work on the site, might bounce up / down. Gotta figure out whats causing the issues with the user DB.
|
|
|
|