Bitcoin Forum
November 09, 2024, 05:22:32 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 [19] 20 21 22 23 24 25 26 27 28 29 30 »
  Print  
Author Topic: [Updated 19/Jul/2016] Faucet Owners Against Scammers and Bots  (Read 36679 times)
rkandrades (OP)
Sr. Member
****
Offline Offline

Activity: 392
Merit: 251


Bitcoin Faucet & Blog


View Profile
November 07, 2015, 03:49:26 PM
 #361

OK, well I wanted to keep the ips in the database to remove load
AFAIK it wouldn't make much of a difference if you had the IPs in a database to be called or in your .htaccess file.
The only difference I could imagine increasing load is it if were reading and writing from a txt document constantly. Neither of these options does that, so you should be fine.

Of courser there are some differences:

1. In htcaccess you will put the IPs manually. Is a little more hard to automate a script to write into htaccess (and this will cause more load). Then you cant make a real-time grow of your blacklist using the htaccess manually.

2. Into your database you can save more information like day and time of the incoming bad IP, how many time this IP attacked you, etc. You could do statistics.

3. Querying your database, you are mre flexible to put your check code where you want. If you just want to check an IP when it completes a claim action, for example. With htaccess you can not do this.

Bitcoin█████████████████████████
█████████████████████████████
███████████████████████████████
█████████████████████████████████
██████████████████████████████████
███████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
████████████████████████████████████
███████████████████████████████████
███████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████████████████████
████████████████████████████
██████████████████████████
atcher.
███
███
███
███
███
███
███
███
███
███
███
███
███
███

══════════════════════════════════════════════════════════════
  FaucetFREE BTCitcoin RewardsBlogLearn about Finance, Economics and Bitcoin
══════════════════════════════════════════════════════════════

███
███
███
███
███
███
███
███
███
███
███
███
███
███

jjavmk
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
November 07, 2015, 03:51:16 PM
 #362

We want to share this small contribution, because in the database does not leave us in some cases to save more than 1900 wallet bot log in address_ban_list I made a change to be enabled to save more than 100 thousand wallet bot.

I explain:

Enter the phpmyadmin then seek Faucetinabox_Setting structure table, the value field give change instead of TEXT and placed MEDIUMTEXT

Then the index of the root seek the line of code

$default_data_query = <<<QUERY
create table if not exists Faucetinabox_Settings (
    `name` varchar(64) not null,
    `value` text not null,
    primary key(`name`)
);

Change the text by being so MEDIUMTEXT, being so


$default_data_query = <<<QUERY
create table if not exists Faucetinabox_Settings (
    `name` varchar(64) not null,
    `value` mediumtext not null,
    primary key(`name`)
);

Now if they can save many wallet bot to be blocked
minifrij
Legendary
*
Offline Offline

Activity: 2352
Merit: 1268


In Memory of Zepher


View Profile WWW
November 07, 2015, 04:11:50 PM
 #363

Of courser there are some differences:

1. In htcaccess you will put the IPs manually. Is a little more hard to automate a script to write into htaccess (and this will cause more load). Then you cant make a real-time grow of your blacklist using the htaccess manually.

2. Into your database you can save more information like day and time of the incoming bad IP, how many time this IP attacked you, etc. You could do statistics.

3. Querying your database, you are mre flexible to put your check code where you want. If you just want to check an IP when it completes a claim action, for example. With htaccess you can not do this.
That's true, though I was more referring to the difference on the load on the server.
rkandrades (OP)
Sr. Member
****
Offline Offline

Activity: 392
Merit: 251


Bitcoin Faucet & Blog


View Profile
November 07, 2015, 05:25:59 PM
 #364

Friends...

I just added to the first post the link to generate a .htaccess file to block entire countries from visiting your faucets.

http://www.blockacountry.com

In addition to I linked the topic of AlexAce420 which teaches techniques to avoid BOTs.

https://bitcointalk.org/index.php?topic=1211353.0

Bitcoin█████████████████████████
█████████████████████████████
███████████████████████████████
█████████████████████████████████
██████████████████████████████████
███████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
████████████████████████████████████
███████████████████████████████████
███████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████████████████████
████████████████████████████
██████████████████████████
atcher.
███
███
███
███
███
███
███
███
███
███
███
███
███
███

══════════════════════════════════════════════════════════════
  FaucetFREE BTCitcoin RewardsBlogLearn about Finance, Economics and Bitcoin
══════════════════════════════════════════════════════════════

███
███
███
███
███
███
███
███
███
███
███
███
███
███

pickupcoin
Legendary
*
Offline Offline

Activity: 1203
Merit: 1000


View Profile WWW
November 07, 2015, 10:00:48 PM
 #365

Friends...

I just added to the first post the link to generate a .htaccess file to block entire countries from visiting your faucets.

http://www.blockacountry.com

In addition to I linked the topic of AlexAce420 which teaches techniques to avoid BOTs.

https://bitcointalk.org/index.php?topic=1211353.0

i send you on PM checked TOR ip lists on my faucets, and if you found something new.. Smiley
 i am not sure for this about block entire country, i am block only Ukraine because have some attack from here and lot of the claim visitors without banner click or very pitiful ads payback
if you want "deny Ukraine" lists for .htassess shot me PM
misterbit
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
November 07, 2015, 10:34:18 PM
 #366

I think this is the best way of blocking countries
http://www.geoplugin.com/

Create a php with the following contents and call it geoplugin.class.php
Code:
<?php

class geoPlugin {
    
    
//the geoPlugin server
    
var $host 'http://www.geoplugin.net/php.gp?ip={IP}&base_currency={CURRENCY}';
        
    
//the default base currency
    
var $currency 'USD';
    
    
//initiate the geoPlugin vars
    
var $ip null;
    var 
$city null;
    var 
$region null;
    var 
$areaCode null;
    var 
$dmaCode null;
    var 
$countryCode null;
    var 
$countryName null;
    var 
$continentCode null;
    var 
$latitude null;
    var 
$longitude null;
    var 
$currencyCode null;
    var 
$currencySymbol null;
    var 
$currencyConverter null;
    
    function 
geoPlugin() {
 
    }
    
    function 
locate($ip null) {
        
        global 
$_SERVER;
        
        if ( 
is_null$ip ) ) {
            
$ip $_SERVER['REMOTE_ADDR'];
        }
        
        
$host str_replace'{IP}'$ip$this->host );
        
$host str_replace'{CURRENCY}'$this->currency$host );
        
        
$data = array();
        
        
$response $this->fetch($host);
        
        
$data unserialize($response);
        
        
//set the geoPlugin vars
        
$this->ip $ip;
        
$this->city $data['geoplugin_city'];
        
$this->region $data['geoplugin_region'];
        
$this->areaCode $data['geoplugin_areaCode'];
        
$this->dmaCode $data['geoplugin_dmaCode'];
        
$this->countryCode $data['geoplugin_countryCode'];
        
$this->countryName $data['geoplugin_countryName'];
        
$this->continentCode $data['geoplugin_continentCode'];
        
$this->latitude $data['geoplugin_latitude'];
        
$this->longitude $data['geoplugin_longitude'];
        
$this->currencyCode $data['geoplugin_currencyCode'];
        
$this->currencySymbol $data['geoplugin_currencySymbol'];
        
$this->currencyConverter $data['geoplugin_currencyConverter'];
        
    }
    
    function 
fetch($host) {
 
        if ( 
function_exists('curl_init') ) {
                        
            
//use cURL to fetch data
            
$ch curl_init();
            
curl_setopt($chCURLOPT_URL$host);
            
curl_setopt($chCURLOPT_RETURNTRANSFER1);
            
curl_setopt($chCURLOPT_USERAGENT'geoPlugin PHP Class v1.0');
            
$response curl_exec($ch);
            
curl_close ($ch);
            
        } else if ( 
ini_get('allow_url_fopen') ) {
            
            
//fall back to fopen()
            
$response file_get_contents($host'r');
            
        } else {
 
            
trigger_error ('geoPlugin class Error: Cannot retrieve data. Either compile PHP with cURL support or enable allow_url_fopen in php.ini 'E_USER_ERROR);
            return;
        
        }
        
        return 
$response;
    }
    
    function 
convert($amount$float=2$symbol=true) {
        
        
//easily convert amounts to geolocated currency.
        
if ( !is_numeric($this->currencyConverter) || $this->currencyConverter == ) {
            
trigger_error('geoPlugin class Notice: currencyConverter has no value.'E_USER_NOTICE);
            return 
$amount;
        }
        if ( !
is_numeric($amount) ) {
            
trigger_error ('geoPlugin class Warning: The amount passed to geoPlugin::convert is not numeric.'E_USER_WARNING);
            return 
$amount;
        }
        if ( 
$symbol === true ) {
            return 
$this->currencySymbol round( ($amount $this->currencyConverter), $float );
        } else {
            return 
round( ($amount $this->currencyConverter), $float );
        }
    }
    
    function 
nearby($radius=10$limit=null) {
 
        if ( !
is_numeric($this->latitude) || !is_numeric($this->longitude) ) {
            
trigger_error ('geoPlugin class Warning: Incorrect latitude or longitude values.'E_USER_NOTICE);
            return array( array() );
        }
        
        
$host "http://www.geoplugin.net/extras/nearby.gp?lat=" $this->latitude "&long=" $this->longitude "&radius={$radius}";
        
        if ( 
is_numeric($limit) )
            
$host .= "&limit={$limit}";
            
        return 
unserialize$this->fetch($host) );
 
    }
 
    
}
 
?>


Now create a file named geoip.php add inside
Code:
<?php
require_once('geoplugin.class.php');
$geoplugin = new geoPlugin();
$geoplugin->locate();
$country_code $geoplugin->countryCode;
switch(
$country_code) {
case 
'UA'//Ukraine
header('Location: http://example.com'); 
exit;
}
?>


'UA' is the country code that gets on the same page by putting the ip below.

To add a new country
Code:
case 'CODE': //Other
header('Location: http://example.com');
exit;


Then wherever you want to run the blockade put geoip.php on <!DOCTYPE html>

Code:
<?php include("geoip.php"); ?>

Important: There are some rotator cuff like ifaucet.net that do not allow the blocking of countries.
misterbit
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
November 08, 2015, 12:18:22 AM
 #367

Does several hours which does not update the torlist.txt, someone passes you the same?
misterbit
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
November 08, 2015, 07:08:17 AM
 #368

It is the time of looters, protect their faucets!
rkandrades (OP)
Sr. Member
****
Offline Offline

Activity: 392
Merit: 251


Bitcoin Faucet & Blog


View Profile
November 09, 2015, 03:09:19 AM
 #369

Friends...

I just added to the first post the link to generate a .htaccess file to block entire countries from visiting your faucets.

http://www.blockacountry.com

In addition to I linked the topic of AlexAce420 which teaches techniques to avoid BOTs.

https://bitcointalk.org/index.php?topic=1211353.0

i send you on PM checked TOR ip lists on my faucets, and if you found something new.. Smiley
 i am not sure for this about block entire country, i am block only Ukraine because have some attack from here and lot of the claim visitors without banner click or very pitiful ads payback
if you want "deny Ukraine" lists for .htassess shot me PM

I think that block Ukraine is not enough since the bots use Proxies to attack faucets. The most used proxy servers are from USA or Europe because the faucets with GeoiP Location rewards pay more for these countries.

Combine the  country block with other techniques to have more chance to block bots.

---

In addition to this I just added a new white listed IP addres to the OP:

1EaHa6BCV7twxnPJuyPYaKi4fb5ZuGWUHp

This is a good referral address. Please, white list it.

I discovered some bots in the internet recently. I will study those programs to understand How we can block them. The problem is that I'm timeless this month.

As soon as possible I will post here the good news about this job.

Bitcoin█████████████████████████
█████████████████████████████
███████████████████████████████
█████████████████████████████████
██████████████████████████████████
███████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
████████████████████████████████████
███████████████████████████████████
███████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████████████████████
████████████████████████████
██████████████████████████
atcher.
███
███
███
███
███
███
███
███
███
███
███
███
███
███

══════════════════════════════════════════════════════════════
  FaucetFREE BTCitcoin RewardsBlogLearn about Finance, Economics and Bitcoin
══════════════════════════════════════════════════════════════

███
███
███
███
███
███
███
███
███
███
███
███
███
███

FaucetEnthusiast
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
November 09, 2015, 07:05:15 PM
Last edit: November 09, 2015, 07:29:28 PM by FaucetEnthusiast
 #370

Hello there.

First of all, thanks for this post. As I will launch soon my very first faucet, it helps me a lot in order to avoid my faucetto be dry by bots.
But I need some clarifications about this:


Real AntiBot Links

Download & unpack:
http://bit.makejar.com/labs/anti-bot-links-200/antibotlinks.zip


Code:
Files to add:
/libs/antibotlinks.php


Files to edit:
/index.php
/templates/*theme-name*/index.php


Ok, let's start.

First make a backup of your faucet (everything could go wrong, better safe than sorry).

Then

Copy:
antibotlinks.php

To:
/libs/antibotlinks.php


Now you will need to edit 2 files. I suggest using Notepad++ https://notepad-plus-plus.org/ to edit files but any good editor will do the job.
This is based on FB R60 but should work with newer/older versions.

Open:
/index.php

Find:
        $data['captcha_info'] = $captcha;

add after:
        # AntiBotLinks
        require_once('libs/antibotlinks.php');
        $antibotlinks = new antibotlinks(true);// true if GD is on on the server, false is less secure
        if (array_key_exists('address', $_POST)) {
          if (!$antibotlinks->check()) {
            $antibotlinks->generate(5, true);// number of links once they fail to solve min 3 - max 5, the second param MUST BE true
          }
        } else {
          $antibotlinks->generate(3);// initial number of links min 3 - max 5
        }


Find:
           $data['captcha_valid'] &&

add after:

           # AntiBotLinks
           $antibotlinks->is_valid() &&
          

Open:
/templates/*theme-name*/index.php

Find:
</head>

Add before:
<?php
# AntiBotLinks START
?>

<script style="text/javascript">
$(function() {
  var clicks = 0;
  $('.antibotlinks').click(function() {
    clicks++;
    $('#antibotlinks').val($('#antibotlinks').val()+' '+$(this).attr('rel'));
    if(clicks == <?php echo $antibotlinks->get_link_count(); ?>) {
      var rand = Math.floor((Math.random() * clicks) + 1);
      var button = '<input type="submit" class="btn btn-primary btn-lg" value="Get Reward!">';
      var z=0;
      $('.antibotlinks').each(function(){
        z++;
        if (z==rand) {
          $(this).replaceWith(button);
        }
      });
      
    }
    $(this).hide();
    return false;
  });
});
</script>
<?php
# AntiBotLinks END
?>



Find:
                            <?php if(!$data["captcha_valid"]): ?>
                            <p class="alert alert-danger">Invalid captcha code!</p>
                            <?php endif; ?>


Add after (the input field must be between <form> and </form>):

<?php
# AntiBotLinks START
?>

                            <input type="hidden" name="antibotlinks" id="antibotlinks" value="" />
                            <?php if(!$antibotlinks->is_valid()): ?>
                            <p class="alert alert-danger">Invalid AntiBot verification!</p>
                            <?php endif; ?>
<?php
# AntiBotLinks END
?>



Somewhere between <form> and </form> add (you need to do it 5 times, this is where the links will appear):

<?php
# AntiBotLinks START
?>

                        <?php echo $antibotlinks->show_link(); ?>
<?php
# AntiBotLinks END
?>


And finally remove the default CLAIM button :)

Thanks to NeedIfFindIt


What are supposed to be the effect of this one ?
I don't know if I do right but I've got this appearing on my faucet:

https://i.imgur.com/jxcVefV.png

And when I tried to claim from my faucet, I've got this one appearing:

https://i.imgur.com/K5VPo1f.png

Is this supposed to happen ? If not, can you tell me where I could be wrong.

Thanks for your answers Smiley
minifrij
Legendary
*
Offline Offline

Activity: 2352
Merit: 1268


In Memory of Zepher


View Profile WWW
November 09, 2015, 07:10:16 PM
 #371

snip
It seems that you're trying to show us thumbnail images rather than the full size. Try using a simple uploader like Imgur to upload your images and we can try to help you.
LosingAlpha
Full Member
***
Offline Offline

Activity: 189
Merit: 100


View Profile WWW
November 09, 2015, 07:15:28 PM
 #372

Those antibot links are a puzzle made to be difficult for machines to solve, but easy for humans.

In other words, they're a captcha, except they're more annoying because the user has to hunt around all over page. So why not just use a second captcha?

FaucetEnthusiast
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
November 09, 2015, 07:18:30 PM
Last edit: November 09, 2015, 07:32:42 PM by FaucetEnthusiast
 #373

snip
It seems that you're trying to show us thumbnail images rather than the full size. Try using a simple uploader like Imgur to upload your images and we can try to help you.

Oh, my bad. I edit my post with full size links. Thanks minifrij.
grosminer
Hero Member
*****
Offline Offline

Activity: 718
Merit: 500



View Profile
November 10, 2015, 04:59:23 PM
 #374

A new suspicious ip appeared in my logs since november:

77.222.106.36 9000 hits in 4 days only..

And the faucet got milked.. i'm not sure yet but this ip looks really suspicious
~

Hi, friend.

I checked this IP for suspicious activities in the internet (SPAM, BOTs and Malicious attacks) and then I did some tests to check if it is a proxy IP.

I didn't found anything about this IP. It seems to be a normal IP.

However, it is a Russian IP.

If I was you I would keep on open eye on my logs to monitor this IP actions...
Hi , thanks for the checkup.
I'll keep checking

grosminer
Hero Member
*****
Offline Offline

Activity: 718
Merit: 500



View Profile
November 10, 2015, 05:23:54 PM
 #375

New suspicious IP's and wallet address


37.53.226.42
46.98.124.237
178.44.218.154
With same ref: 15WYfNSFQ6GiB9gHMj8fC58WqPAUb1W4Kp  1 hit every minute for 3 hours in a row.

Still under investigation...
nawaraj
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
November 11, 2015, 10:15:00 AM
 #376

Where I have to create .htaccess file to do all thing which you mentation on first page.
minifrij
Legendary
*
Offline Offline

Activity: 2352
Merit: 1268


In Memory of Zepher


View Profile WWW
November 11, 2015, 10:16:54 AM
 #377

Where I have to create .htaccess file to do all thing which you mentation on first page.
Just create it in the root directory of your site, where your index.php is. Just create a file called '.htaccess' and put the code in the first post inside that file.
nawaraj
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
November 11, 2015, 10:37:05 AM
 #378

I think there are 4 index.php in the script . I have to create ".htaccess" near to first index.php where libs located or I have to create this on currently using template.
rkandrades (OP)
Sr. Member
****
Offline Offline

Activity: 392
Merit: 251


Bitcoin Faucet & Blog


View Profile
November 11, 2015, 11:03:37 AM
 #379

I think there are 4 index.php in the script . I have to create ".htaccess" near to first index.php where libs located or I have to create this on currently using template.

You Shoould create the .htaccess file into the main/root directory. I mean next to the first index.php (not the templates index.php).

Remember to check others ways to block attacks by .htaccess file in the internet.

There are many implementations to make in this file aiming to get a higger security.


It is a powerfull resource if you know how to use it.

Bitcoin█████████████████████████
█████████████████████████████
███████████████████████████████
█████████████████████████████████
██████████████████████████████████
███████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
████████████████████████████████████
███████████████████████████████████
███████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████████████████████
████████████████████████████
██████████████████████████
atcher.
███
███
███
███
███
███
███
███
███
███
███
███
███
███

══════════════════════════════════════════════════════════════
  FaucetFREE BTCitcoin RewardsBlogLearn about Finance, Economics and Bitcoin
══════════════════════════════════════════════════════════════

███
███
███
███
███
███
███
███
███
███
███
███
███
███

rkandrades (OP)
Sr. Member
****
Offline Offline

Activity: 392
Merit: 251


Bitcoin Faucet & Blog


View Profile
November 11, 2015, 11:37:40 AM
 #380

New suspicious IP's and wallet address


37.53.226.42
46.98.124.237
178.44.218.154
With same ref: 15WYfNSFQ6GiB9gHMj8fC58WqPAUb1W4Kp  1 hit every minute for 3 hours in a row.

Still under investigation...


Friend,

I just checked those three IPs with some public malicious records databases in the internet and I didn't found any proof to consider them bad IPs.

Of course t doesn't means that they are safe. But we don't have how to guarantee this.

About the 15WYfNSFQ6GiB9gHMj8fC58WqPAUb1W4Kp address. I just looked at its Faucetbox historic and it hasn't a bot/scam behavior.

For me it seems to be a normal bitcoin address.

I hope these information are helpful to you.

Good luck!

Bitcoin█████████████████████████
█████████████████████████████
███████████████████████████████
█████████████████████████████████
██████████████████████████████████
███████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
████████████████████████████████████
███████████████████████████████████
███████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████████████████████
████████████████████████████
██████████████████████████
atcher.
███
███
███
███
███
███
███
███
███
███
███
███
███
███

══════════════════════════════════════════════════════════════
  FaucetFREE BTCitcoin RewardsBlogLearn about Finance, Economics and Bitcoin
══════════════════════════════════════════════════════════════

███
███
███
███
███
███
███
███
███
███
███
███
███
███

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 [19] 20 21 22 23 24 25 26 27 28 29 30 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!