rkandrades (OP)
Sr. Member
 Offline
Activity: 392
Merit: 251
Bitcoin Faucet & Blog
|
 |
November 07, 2015, 01:16:30 AM |
|
I'm just using it, for now it goes well block some proxies but not all. I'm doing tests now and I see that the following code blocks more proxies <?php if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 )){
echo 'Blocked Proxy';
exit;
}
?>
The problem with these checks is that almost all off them are HTTP headers and can be modified using certain functions of a browser/PHP. You should keep these checks in your code, but you shouldn't rely on them to block all proxies. They have reason, how can I prevent the use of this code after the first visit? Or is that only read the ip when you enter, but not when you receive the reward? This code will validate the visit every page load. If you put this in your index.php, the visitor will be checked twice. One time when entering your page. One second time when the claim confirmation page is loaded. And so I avoid? Well... You have two option: 1st. check just at the claim action: The visitor will be checked once and just if he claims in the faucet. This the best option from the performance point of view and good for your earnings because even proxy user can click or see your CPM ads. But only those whice try to get a reward will be checked and blocked. Otherwise, If you permit a bot to access your site this bot can click your ads crazily causing your ads account banning by abuse. 2nd. Check all incoming visitors. You will have more false positives in this implementation. And you will check every claimer twice. But you will be more protected agains auto-click bots also. How do you do it? If you want to check just the visitor which claim your faucet, lookfor this line of code into your index.php: $ret = $fb->send($address, $reward); So put before it your check code (without the php tags). It should seems like this: if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 ))
{
die('Blocked Proxy');
}
$ret = $fb->send($address, $reward);
|
|
|
|
|
|
|
|
|
The Bitcoin software, network, and concept is called "Bitcoin" with a capitalized "B". Bitcoin currency units are called "bitcoins" with a lowercase "b" -- this is often abbreviated BTC.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
misterbit
|
|
November 07, 2015, 01:35:26 AM |
|
I'm just using it, for now it goes well block some proxies but not all. I'm doing tests now and I see that the following code blocks more proxies <?php if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 )){
echo 'Blocked Proxy';
exit;
}
?>
The problem with these checks is that almost all off them are HTTP headers and can be modified using certain functions of a browser/PHP. You should keep these checks in your code, but you shouldn't rely on them to block all proxies. They have reason, how can I prevent the use of this code after the first visit? Or is that only read the ip when you enter, but not when you receive the reward? This code will validate the visit every page load. If you put this in your index.php, the visitor will be checked twice. One time when entering your page. One second time when the claim confirmation page is loaded. And so I avoid? Well... You have two option: 1st. check just at the claim action: The visitor will be checked once and just if he claims in the faucet. This the best option from the performance point of view and good for your earnings because even proxy user can click or see your CPM ads. But only those whice try to get a reward will be checked and blocked. Otherwise, If you permit a bot to access your site this bot can click your ads crazily causing your ads account banning by abuse. 2nd. Check all incoming visitors. You will have more false positives in this implementation. And you will check every claimer twice. But you will be more protected agains auto-click bots also. How do you do it? If you want to check just the visitor which claim your faucet, lookfor this line of code into your index.php: $ret = $fb->send($address, $reward); So put before it your check code (without the php tags). It should seems like this: if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 ))
{
die('Blocked Proxy');
}
$ret = $fb->send($address, $reward);
And low /libs/faucetbox.php public function send($to, $amount, $referral = "false") {
Would it not equal? |
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
November 07, 2015, 01:41:20 AM |
|
And low /libs/faucetbox.php public function send($to, $amount, $referral = "false") {
Would it not equal? You don't need to change the faucetbox lib. What do you want to change it for? |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 01:46:04 AM |
|
And low /libs/faucetbox.php public function send($to, $amount, $referral = "false") {
Would it not equal? You don't need to change the faucetbox lib. What do you want to change it for? No, it is not to change but to put anti proxy below that line public function send($to, $amount, $referral = "false") {
if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 ))
{
die('Blocked Proxy');
}
|
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
November 07, 2015, 01:53:23 AM |
|
No, it is not to change but to put anti proxy below that line public function send($to, $amount, $referral = "false") {
if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 ))
{
die('Blocked Proxy');
}
That's fine in that case, might even be better if you use several pages with the faucetbox lib. |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 01:56:50 AM |
|
No, it is not to change but to put anti proxy below that line public function send($to, $amount, $referral = "false") {
if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 ))
{
die('Blocked Proxy');
}
That's fine in that case, might even be better if you use several pages with the faucetbox lib. Is it better as well? and if instead of putting the code the Insert with a require_once? |
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
November 07, 2015, 02:34:34 AM |
|
Is it better as well? and if instead of putting the code the Insert with a require_once?
It's only better if you're using the faucetbox lib file for certain pages on your server, which you probably aren't. Even then it's only slightly more efficient. Also, you won't have to insert with a require_once, as the lib file is added to the faucet script by default to call the API. If you have added the code to the lib file you won't have to do anything else. |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 02:42:39 AM |
|
Is it better as well? and if instead of putting the code the Insert with a require_once?
It's only better if you're using the faucetbox lib file for certain pages on your server, which you probably aren't. Even then it's only slightly more efficient. Also, you won't have to insert with a require_once, as the lib file is added to the faucet script by default to call the API. If you have added the code to the lib file you won't have to do anything else. OK thanks, the question is that I have several ips to block then with the require_once php occupy less space. Another strange thing I see, is that it is blocking me automatically the Tor ips without having the Nastyhost activated panel, does it have something to do with having the code there? |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 04:14:18 AM
Last edit: November 07, 2015, 04:30:56 AM by misterbit |
|
I'm getting hundreds of visits from bit.makejar.com seems suspicious never had so many visits at the same time, these are the suspects concerned also. 15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG
1Ko83eVMWsps2SQu5m4K5ADWAnB6A8rCjs
145X4Wmucj8FMZ2bBNiirnEbH6UhkZ2YkJ
14eQrybngRY3zeT6VbGtaKP84yykogTEWo
1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh
1Cv9nhUAyEYFYaZSK58JXV8Mnnzjwf4zDd
: Many ips are from United States Amazon server, I think that I am overcoming, Glory to God! |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 09:24:31 AM |
|
No, it is not to change but to put anti proxy below that line public function send($to, $amount, $referral = "false") {
if ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) || @fsockopen( $_SERVER['REMOTE_ADDR'], 8080, $errstr, $errno, 1 ))
{
die('Blocked Proxy');
}
That's fine in that case, might even be better if you use several pages with the faucetbox lib. How could save the ips in MySQL? |
|
|
|
|
Aratrok
Newbie
Offline
Activity: 42
Merit: 0
|
|
November 07, 2015, 10:48:02 AM |
|
Guys, question?
These wallet address are a bot?
/?r=14eQrybngRY3zeT6VbGtaKP84yykogTEWo (none) (direct) 9 81,82%
/?r=1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh (none) (direct) 16 84,21%
/?r=15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG (none) (direct) 14 82,35%
|
|
|
|
|
|
misterbit
|
|
November 07, 2015, 10:53:24 AM |
|
Guys, question?
These wallet address are a bot?
/?r=14eQrybngRY3zeT6VbGtaKP84yykogTEWo (none) (direct) 9 81,82%
/?r=1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh (none) (direct) 16 84,21%
/?r=15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG (none) (direct) 14 82,35%
See my comment above friend, was an attack last night, those addresses/referrals came from Amazon. |
|
|
|
|
Aratrok
Newbie
Offline
Activity: 42
Merit: 0
|
|
November 07, 2015, 11:01:11 AM |
|
Guys, question?
These wallet address are a bot?
/?r=14eQrybngRY3zeT6VbGtaKP84yykogTEWo (none) (direct) 9 81,82%
/?r=1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh (none) (direct) 16 84,21%
/?r=15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG (none) (direct) 14 82,35%
See my comment above friend, was an attack last night, those addresses/referrals came from Amazon. Oh fuck, I have 207 users in my website, they are draining all the faucet. This is too sudden. How we can block this plague? ----------- EDIT: Well not if it is really good or bad. |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 11:02:55 AM |
|
Guys, question?
These wallet address are a bot?
/?r=14eQrybngRY3zeT6VbGtaKP84yykogTEWo (none) (direct) 9 81,82%
/?r=1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh (none) (direct) 16 84,21%
/?r=15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG (none) (direct) 14 82,35%
See my comment above friend, was an attack last night, those addresses/referrals came from Amazon. Oh fuck, I have 207 users in my website, they are draining all the faucet. This is too sudden. How we can block this plague? Put this in the .htaccess if they are from Amazon RewriteBase /
# block amazon cloud
RewriteCond %{HTTP_REFERER} ^http://(([^.]+\.)+)?amazonaws\.com [NC,OR]
RewriteCond %{REMOTE_HOST} ^.*\.amazonaws\.com$ [NC,OR]
# block remote hosts starting with mail or smtp
RewriteCond %{REMOTE_HOST} ^mail(.*)\. [NC,OR]
RewriteCond %{REMOTE_HOST} ^smtp(.*)\. [NC]
RewriteRule ^(.*)$ - [F]
<Limit GET POST HEAD>
Order Allow,Deny
Deny from *.amazonaws.com
Deny from amazonaws.com
Allow from all
</Limit>
|
|
|
|
|
Aratrok
Newbie
Offline
Activity: 42
Merit: 0
|
|
November 07, 2015, 11:07:03 AM |
|
Guys, question?
These wallet address are a bot?
/?r=14eQrybngRY3zeT6VbGtaKP84yykogTEWo (none) (direct) 9 81,82%
/?r=1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh (none) (direct) 16 84,21%
/?r=15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG (none) (direct) 14 82,35%
See my comment above friend, was an attack last night, those addresses/referrals came from Amazon. Oh fuck, I have 207 users in my website, they are draining all the faucet. This is too sudden. How we can block this plague? Put this in the .htaccess if they are from Amazon RewriteBase /
# block amazon cloud
RewriteCond %{HTTP_REFERER} ^http://(([^.]+\.)+)?amazonaws\.com [NC,OR]
RewriteCond %{REMOTE_HOST} ^.*\.amazonaws\.com$ [NC,OR]
# block remote hosts starting with mail or smtp
RewriteCond %{REMOTE_HOST} ^mail(.*)\. [NC,OR]
RewriteCond %{REMOTE_HOST} ^smtp(.*)\. [NC]
RewriteRule ^(.*)$ - [F]
Thanks dude. Not whether it was good or bad, many visits from United States I think they are bots. In 10 minutes they will have consumed more than 700k Satoshi  |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 11:08:46 AM |
|
Guys, question?
These wallet address are a bot?
/?r=14eQrybngRY3zeT6VbGtaKP84yykogTEWo (none) (direct) 9 81,82%
/?r=1PNWS5VicE1GhaMRQzVGEEM89SJV3JMpHh (none) (direct) 16 84,21%
/?r=15fQkDcRrL7eETx7Jqp7Kc4CzFBCL5aPuG (none) (direct) 14 82,35%
See my comment above friend, was an attack last night, those addresses/referrals came from Amazon. Oh fuck, I have 207 users in my website, they are draining all the faucet. This is too sudden. How we can block this plague? Put this in the .htaccess if they are from Amazon RewriteBase /
# block amazon cloud
RewriteCond %{HTTP_REFERER} ^http://(([^.]+\.)+)?amazonaws\.com [NC,OR]
RewriteCond %{REMOTE_HOST} ^.*\.amazonaws\.com$ [NC,OR]
# block remote hosts starting with mail or smtp
RewriteCond %{REMOTE_HOST} ^mail(.*)\. [NC,OR]
RewriteCond %{REMOTE_HOST} ^smtp(.*)\. [NC]
RewriteRule ^(.*)$ - [F]
Thanks dude. Not whether it was good or bad, many visits from United States I think they are bots. In 10 minutes they will have consumed more than 700k Satoshi Secure Amazon, look at other code that I put in case. |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 12:50:38 PM |
|
Sorry friends, the fight is lost or even imagine the amount of visits from VPS, VPN Proxy etc etc etc is amazing!
|
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
November 07, 2015, 01:32:15 PM |
|
OK thanks, the question is that I have several ips to block then with the require_once php occupy less space.
It wouldn't use any less or any more space. You have to store the IPs in a file to use either method, same as saving them in SQL, therefore they will still take up space. Another strange thing I see, is that it is blocking me automatically the Tor ips without having the Nastyhost activated panel, does it have something to do with having the code there?
You have the Tor file script discussed on the FaucetBox thread, correct? That will be blocking any Tor nodes on the list. It doesn't matter if you have NastyHosts enabled or not. How could save the ips in MySQL?
You could just have a table with lots of IPs inside with separate IDs, then call a SQL query to try and find the ID of a certain IP. If the ID comes back as true (there is an id) then block the user. This would probably be a lot more difficult than just putting them in the .htaccess file though, with no benefit. Sorry friends, the fight is lost or even imagine the amount of visits from VPS, VPN Proxy etc etc etc is amazing!
If you're not using a service like NastyHosts which checks hostnames and such, there will be a lot of VPS and VPN visits. To find those and block those effectively, the best way is to have a service which checks hostnames. NastyHosts is probably the easiest one to use. |
|
|
|
|
|
misterbit
|
|
November 07, 2015, 02:12:57 PM |
|
OK thanks, the question is that I have several ips to block then with the require_once php occupy less space.
It wouldn't use any less or any more space. You have to store the IPs in a file to use either method, same as saving them in SQL, therefore they will still take up space. Another strange thing I see, is that it is blocking me automatically the Tor ips without having the Nastyhost activated panel, does it have something to do with having the code there?
You have the Tor file script discussed on the FaucetBox thread, correct? That will be blocking any Tor nodes on the list. It doesn't matter if you have NastyHosts enabled or not. How could save the ips in MySQL?
You could just have a table with lots of IPs inside with separate IDs, then call a SQL query to try and find the ID of a certain IP. If the ID comes back as true (there is an id) then block the user. This would probably be a lot more difficult than just putting them in the .htaccess file though, with no benefit. Sorry friends, the fight is lost or even imagine the amount of visits from VPS, VPN Proxy etc etc etc is amazing!
If you're not using a service like NastyHosts which checks hostnames and such, there will be a lot of VPS and VPN visits. To find those and block those effectively, the best way is to have a service which checks hostnames. NastyHosts is probably the easiest one to use. OK, well I wanted to keep the ips in the database to remove load |
|
|
|
|
minifrij
Legendary
Offline
Activity: 2324
Merit: 1267
In Memory of Zepher
|
|
November 07, 2015, 02:29:36 PM |
|
OK, well I wanted to keep the ips in the database to remove load
AFAIK it wouldn't make much of a difference if you had the IPs in a database to be called or in your .htaccess file. The only difference I could imagine increasing load is it if were reading and writing from a txt document constantly. Neither of these options does that, so you should be fine. |
|
|
|
|
|
