|
Gifted
|
 |
July 24, 2016, 06:24:12 PM |
|
for proxies you can add this # Block Proxy
RewriteCond %{HTTP:X_HTTP_BRAZIL_FORWARdEd_FOR} !^$ [OR]
<snip>
but i dont use this because i use a proxie for my internet service This kicked me instant out .. without using a proxy .. but a lot of faucets dont let me in .. because of tor/proxy/vpn using .. if i go to http://whatismyipaddress.com/proxy-check all i green (proxy not detectet)  so this dectection is i dont now the right english words for it .. useless ? instead of using the htacces for proxies i added this to the index file because i dont claim but i go to the site //We do not allow proxy here
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It would apprear you're using a proxy, so please, go fuck yourself!");
function checkProxy($ip){
$contactEmail="EMAIL";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http://check.getipintel.net/check.php?ip=$ip");
$response=curl_exec($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}
}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
$view['main']['result_html'] = '<div class="row text-center"><div class="col-sm-6 col-md-offset-3 bg-danger"><p>Bots not allowed !! If you are not a bot and not on a proxy, i still cant help you !</p></div></div>';
$message = "Proxy";
goto error;
}
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
{
$view['main']['result_html'] = '<div class="row text-center"><div class="col-sm-6 col-md-offset-3 bg-danger"><p>Bots not allowed !! If you are not a bot and not on a proxy, i still cant help you !</p></div></div>';
$message = "Proxy";
goto error;
}
$q = $sql->prepare("select * from users where LOWER(username) = LOWER(?) or ip = ? order by claimed_at desc");
$q->execute(array($username,$ip));
$row = $q->fetch();
//timer check |
|
|
|
|
|
Gifted
|
|
July 24, 2016, 06:26:34 PM |
|
I believe they are using tor to get around the timer.. this blocks all tor nodes. Create a file named .htaccess if you haven't already and add this code <Files 403.shtml>
order allow,deny
allow from all
</Files>
What does this option do please ? .. i have asked google because i don't known this .. but can't find a good answer This blocks all tor addresses but you cut off the addresses |
|
|
|
|
|
5ub_zer0 (OP)
|
|
July 24, 2016, 06:39:31 PM |
|
I am banned at http://check.getipintel.net/ to mutch requests .. i was in contact with this guy .. he told me i can make a custom tarif but .. lol .. seriously??? i give satohis away .. the advertising payment never covered this .. and than a damn **** steals satoshi and i should pay for this useless proxycheck ? |
|
|
|
|
|
5ub_zer0 (OP)
|
|
July 24, 2016, 06:42:20 PM |
|
<Files 403.shtml>
order allow,deny
allow from all
</Files>
This blocks all tor addresses but you cut off the addresses i know deny and so on options - so i cut it off because i would only know what this option means |
|
|
|
|
|
Gifted
|
|
July 24, 2016, 06:45:37 PM |
|
<Files 403.shtml>
order allow,deny
allow from all
</Files>
This blocks all tor addresses but you cut off the addresses i know deny and so on options - so i cut it off because i would only know what this option means well it allows all to go to page and denys from the ip you list look here http://blamcast.net/articles/block-bots-hotlinking-ban-ip-htaccess |
|
|
|
|
|
Gifted
|
|
July 24, 2016, 06:48:15 PM |
|
I am banned at http://check.getipintel.net/ to mutch requests .. i was in contact with this guy .. he told me i can make a custom tarif but .. lol .. seriously??? i give satohis away .. the advertising payment never covered this .. and than a damn **** steals satoshi and i should pay for this useless proxycheck ? you should try the code i left and put your faucet back up |
|
|
|
|
|
viralalert
|
|
July 24, 2016, 07:23:39 PM |
|
Gifted, all the codes you posted are already implemented on my site before you even post it. It's not your own code, you just get it somewhere else. I thought the codes you are about to share are from yours.  . I think I wasted my time waiting for your codes as it was already implemented on my site . |
|
|
|
|
Ratnet
Newbie
 Offline
Activity: 22
Merit: 0
|
|
July 24, 2016, 08:13:45 PM |
|
I am banned at http://check.getipintel.net/ to mutch requests .. i was in contact with this guy .. he told me i can make a custom tarif but .. lol .. seriously??? i give satohis away .. the advertising payment never covered this .. and than a damn **** steals satoshi and i should pay for this useless proxycheck ? In order to not get banned from IPGetIntel you should make some kind of "cache" (store in db) of the result returned from them and not to make a request again if you already made one for an IP in the past (some amount of time). I have 3 faucets with one email on IPGetIntel and never had any problem. Cheers! |
|
|
|
|
|
Gifted
|
|
July 24, 2016, 08:55:52 PM
Last edit: July 25, 2016, 04:43:47 PM by Gifted |
|
Gifted, all the codes you posted are already implemented on my site before you even post it. It's not your own code, you just get it somewhere else. I thought the codes you are about to share are from yours. . I think I wasted my time waiting for your codes as it was already implemented on my site . so your saying you have all the tor nodes ip's in htaccess?? and i did make the htaccess  feel free to help too !!!! |
|
|
|
|
|
Gifted
|
|
July 24, 2016, 08:58:06 PM |
|
I am banned at http://check.getipintel.net/ to mutch requests .. i was in contact with this guy .. he told me i can make a custom tarif but .. lol .. seriously??? i give satohis away .. the advertising payment never covered this .. and than a damn **** steals satoshi and i should pay for this useless proxycheck ? In order to not get banned from IPGetIntel you should make some kind of "cache" (store in db) of the result returned from them and not to make a request again if you already made one for an IP in the past (some amount of time). I have 3 faucets with one email on IPGetIntel and never had any problem. Cheers! so your saying cal an array of somekind??? |
|
|
|
|
|
zenitzz
|
|
July 25, 2016, 01:29:52 AM |
|
Yes now it's too bad for anyone who wants to have a faucet sites will suffer an attack of bots to make up for losses, if that attacked from bot so not a problem with a script. |
|
|
|
|
|
FaucetRank.com
|
|
July 25, 2016, 01:35:27 AM |
|
Yes now it's too bad for anyone who wants to have a faucet sites will suffer an attack of bots to make up for losses, if that attacked from bot so not a problem with a script. It doesn't seem a bot attack because user is using different emails and I think he is manually doing this but little bit faster. His all emails should be banned and than his game over. |
| | | ████
█ ████
█ ████
█ ████
█ ████ █
█ ████ █
█ ████ █
█ ████ █
█ ████ █
████ █
████ █
████ █
████ | | | | | | ████
█ ████
█ ████
█ ████
█ ████ █
█ ████ █
█ ████ █
█ ████ █
█ ████ █
████ █
████ █
████ █
████ | | | .SCAMMERS.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
.EXPOSED. | | | | | | .
▄▄▄▄▄▄▄▄ | | | ████
█ ████
█ ████
█ ████
█ ████ █
█ ████ █
█ ████ █
█ ████ █
█ ████ █
████ █
████ █
████ █
████ | | | |
|
|
|
|
Gifted
|
|
July 25, 2016, 11:04:38 AM |
|
Yes now it's too bad for anyone who wants to have a faucet sites will suffer an attack of bots to make up for losses, if that attacked from bot so not a problem with a script. It doesn't seem a bot attack because user is using different emails and I think he is manually doing this but little bit faster. His all emails should be banned and than his game over. i agree with you its done manual. this is why i think hes using TOR and this is why i updated the TOR IP'S in the .htaccess so far it might be working. here my thought... with vpn or proxie you can own so many but with TOR there is over 3000 of them so Blocking TOR is the solution |
|
|
|
|
|
Gifted
|
|
July 25, 2016, 11:24:00 AM |
|
Ok, so that didn't work ! I will be personally building a login and extra CAPTCHA for the Script and putting together a ready download. This will take a few days or a week because i have a day job that takes a lot out of me, so i will work a few hours a day with it and when i'm done i will post the improved Xapo Script.
|
|
|
|
|
|
|
|
Gifted
|
|
July 25, 2016, 04:42:40 PM |
|
ok, so i figured out that the timer only applies to the ip not the email or btc address... this is the mistake "its needs both" |
|
|
|
|
|
dibon
|
|
July 26, 2016, 07:54:14 AM |
|
Hey guys, Im using different script which checks IPs & emails also, but.... Im getting drained by people with multi accounts (that is sure) and some bots may be too. They found a method for creating multiple accounts. This is how it works: 1. create temporary email 2. go to textnow.com and create virtual phone number (for free!) 3. create another xapo account veryfing it using these fake emails and phones 4. join all your accounts so they can be operated from one xapo account 5. use proxies, vpns As I can see in my phpmyadmin there is a lot of people that have 5-8 accounts. Even with the same login just in different provider (mostly from RU and UA). But there is also A LOT (!!!!) of accounts like tyejsalinjet1988@yandex.ru, webcokoku1985@yandex.ru etc.. Random letters and year... So what can we do?!?! At this moment I turned on another captcha verification for those countries in Cloud Flare. But it did not stopped some of them.. |
|
|
|
|
dibon
|
|
July 26, 2016, 09:15:34 AM |
|
Sorry guys from yandex.ru, you will not be able to payout from my faucet.
Also there is a huge problem with determining proxy when you are behind cloudflare, so I decided to turn it off and check for proxies..
We will see if that helps.
|
|
|
|
|
alfaboy23
|
|
July 26, 2016, 12:45:27 PM |
|
Sorry guys from yandex.ru, you will not be able to payout from my faucet.
Also there is a huge problem with determining proxy when you are behind cloudflare, so I decided to turn it off and check for proxies..
We will see if that helps.
After the last attack on my faucet, aside from Ind0n3s!a, I also block most IP's that is using yandex.ru, and most of them are in Ru5s!a, but some of them are using non-Ru5s!an IP. |
|
|
|
|
|
Gifted
|
|
July 26, 2016, 03:58:15 PM
Last edit: July 26, 2016, 04:25:59 PM by Gifted |
|
So even if i built a login and timed by emails and ips it still would have no effect... The best thing i can think of is blocking the whole country Block Russia like this in .htaccess https://www.countryipblocks.net/deny_russia.txt |
|
|
|
|
|
