[Updated 19/Jul/2016] Faucet Owners Against Scammers and Bots

[felicita]

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kind regards

[1714939761]

1714939761

[1714939761]

1714939761

[vartox]

Just noticed that I have no protection against scammers and bots on my facet, thanks for this epic thread 

[alfaboy23]

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kind regards

I'm using a proxy, but still says "good isp". I think you missed the ISP named Hurricane Electric.

[felicita]

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kind regards

I'm using a proxy, but still says "good isp". I think you missed the ISP named Hurricane Electric.

thanks for this  great infromation . Added this to the blocklist .
Can you name the proxy u used ?

kind regards

[alfaboy23]

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kind regards

I'm using a proxy, but still says "good isp". I think you missed the ISP named Hurricane Electric.

thanks for this  great infromation . Added this to the blocklist .
Can you name the proxy u used ?

kind regards

It's a Windows application called Freegate by Dynaweb. It uses the Hurricane Electric as ISP.

[alfaboy23]

I just want to add this for a little security to Xapo faucet script:

First, find this in your /index.php on your root directory:

Code: (php)

if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_POST["new_password"])) {

  $view['main']['result_html']  = '';
  $view['main']['waiting_time'] = 0;
  $success                      = "false";
  $ip                           = get_ip();

Just after that, place this:

Code: (php)

$disallowedWords = array(
  'yandex.',
  'inbox.',
  'mail.',
  'ukr.net',
  'bigmir.net',
  'meta.ua'
);
// Search for disallowed words.
foreach ($disallowedWords as $xword) {
  if (strpos($_POST['username'], $xword) !== false) {
    $view['main']['result_html'] = '<div class="row text-center"><div class="col-sm-6 col-md-offset-3 bg-danger"><p><b>The e-mail you are using is not allowed!</font></b></p></div></div>';
    $message                     = "Forbidden";
    goto error;
  }
}

It will not allow the e-mail addresses with that specified word. You can also specify whole e-mail addresses.

I hope it will help even just a little.

[BitBustah]

you can test here with a proxy !
it blocks only ISP so it will only bann Servers no real users !!!
http://yannik.biz/vpntest.php

if you get good isp but u using a proxy give me the proxy ip and i can add this to my blocklist soon we will block all bots !!


kind regards

"nothing to look here !"

Is that good or bad?

[FaucetRank.com]

I'm again saying blocking proxy is not solution for bots you have to be tricky to flight with them I also tired many ip blocking  tricks but did not get the success because bot may come from any country and you can't block all countries just to keep your faucet live, you also have to earn money from your traffic.

[FaucetSystem.com]

If you pay user before proxy detection it makes no sense, you lost your money. In my faucet script at the beginning we try detect a proxy and after pay; plus non standart captcha (http://faucetsystem.com/img/screens/fullsize/8.png).

[NeedIfFindIt]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

[catcatcatcaty]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

[NeedIfFindIt]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

[sabotag3x]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

Same here, my faucet is dry(2-3 days) and still have ~1500 visits from bots..

I think they have a faucetlist and keep trying to enter/claim in everyone 

I was using a big blacklist, well it ban real user too, however it can stop a lot of bots..

I'm waiting your defense system be ready to everyone!

[felicita]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!


kind regards

[sabotag3x]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!


kind regards

I thinked in your system too felicita, and other day I saw this topic https://bitcointalk.org/index.php?topic=1599533.0, is your alt account?

Well, a lot of people trying to bring security for faucet owners, that's great!

[CroSany]

I suggest you guys update your script or add some sort of email verification for users. I have reduced my botting almost completely since I implemented this change - in fact, I predict that most large faucets will need to implement such features if they are to survive.

The Faucetbox script as standard suits small-medium faucets, anyone offering more than 500 satoshi per hour is at risk.

You need to surgically remove bots and not delete large referral trees.

[FaucetRank.com]

I just want to add this for a little security to Xapo faucet script:

First, find this in your /index.php on your root directory:

Code: (php)

if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_POST["new_password"])) {

  $view['main']['result_html']  = '';
  $view['main']['waiting_time'] = 0;
  $success                      = "false";
  $ip                           = get_ip();

Just after that, place this:

Code: (php)

$disallowedWords = array(
  'yandex.',
  'inbox.',
  'mail.',
  'ukr.net',
  'bigmir.net',
  'meta.ua'
);
// Search for disallowed words.
foreach ($disallowedWords as $xword) {
  if (strpos($_POST['username'], $xword) !== false) {
    $view['main']['result_html'] = '<div class="row text-center"><div class="col-sm-6 col-md-offset-3 bg-danger"><p><b>The e-mail you are using is not allowed!</font></b></p></div></div>';
    $message                     = "Forbidden";
    goto error;
  }
}

It will not allow the e-mail addresses with that specified word. You can also specify whole e-mail addresses.

I hope it will help even just a little.

This is very useful code because recently I got bot attack from these domains email but now they gone forever because of this code.
thanks for sharing this with us.

[viperzero]

Bots are insane today 50% of the claims from a ~100 satoshi faucet with nastyhosts disabled + no anti bot links.

They continue to try even when I stopped paying them a week ago.

I've port scanned few of the bot IPs - no open ports at all  He probably uses "port knocking".

The only common thing between his IPs is that they are not pingable (it is not really practical to check for this).

confirmed:
- the default puzzles of anti-bot links 2.x are broken - either delete the default ones and create your own or upgrade to 5.01
- once the antibotlinks 5+ is in place (make sure ttf/otf fonts work) the bot will stop trying to claim (I hope for long).

looking at that screenshot - what is waterfallmanager? how to use it in my faucet? it looks effective against bots!

It is still in development (planned to be paid service since it uses alot of resources) but it is not perfect for now. Today it screwed 3 legit users

Maybe in a week or two I'll start a beta with all the users that have helped in the past few months and if everything is ok I'll make it available to everybody else.

great to here this we need this !
iam also working on a VPN Defense !!
http://shielded.cf/index.php?id=1

but its not ready yet !!


kind regards

I thinked in your system too felicita, and other day I saw this topic https://bitcointalk.org/index.php?topic=1599533.0, is your alt account?

Well, a lot of people trying to bring security for faucet owners, that's great!

I upgraded today to faucetbox R65 and NeeditFindit's  antiBotlinks 5.01 is not working anymore. I posted a message to him and hopefully this will be sorted out soon. So don't upgrade yet if you have antibotlinks in use and plan to continue to use it. I made a small donation and hope everybody else makes the same so we can have an update to antibotlinks. Keep up the good work fighting against bots!

[Butord]

Hi, everyone.
I know that faucetbox script has btc address block function but what the code for it? For ex. if I want to use the code to block some certain btc address on other faucet script could smn write what the code it can be?

[MONKEYJUNK]

Hi, everyone.
I know that faucetbox script has btc address block function but what the code for it? For ex. if I want to use the code to block some certain btc address on other faucet script could smn write what the code it can be?

Maybe it's this part of the code

Code:

$security_settings = array();
    $q = $sql->query("SELECT `name`, `value` FROM `Faucetinabox_Settings` WHERE `name` in ('ip_check_server', 'ip_ban_list', 'hostname_ban_list', 'address_ban_list')");
    while($row = $q->fetch()) {
        if(stripos($row["name"], "_list") !== false) {
            $security_settings[$row["name"]] = array();
            if(preg_match_all("/[^,;\s]+/", $row["value"], $matches)) {
                foreach($matches[0] as $m) {
                    $security_settings[$row["name"]][] = $m;
                }
            }
        } else {
            $security_settings[$row["name"]] = $row["value"];
        }
    }

    if(!empty($_POST["mmc"])) {
        $_SESSION["mouse_movement_detected"] = true;
        die();
    }

    if($_SERVER["REQUEST_METHOD"] == "POST") {
        if($security_settings["ip_check_server"]) {
            if(!preg_match("#/$#", $security_settings["ip_check_server"])) {
                $security_settings["ip_check_server"] .= "/";
            }
        }

And you will have to add the address to this table on sql 'address_ban_list'