Forums  ›  General  ›  General discussions
 

Fake Membership Requests

Make them pay to join.

cool

~~~~~~~~~~~~~~~~~~~~~~
Michel - Meta-Travel.com
~~~~~~~~~~~~~~~~~~~~~~

TravelNotes.org - The Online Guide to Travel

I've been using an .htaccess snippet that uses an outside module geoip but I currently have it switched off. I'm not sure it ever worked properly. I also have a module from Anton called Profiles Auto Moderator that warns when key words are used in profiles.  If I entered Bitcoin in the list, it would warn me that one of my members has used the word. I was hoping for something similar to use on the join form description. Anton's module doesn't go that far.

Deano's bot fix could solve it, so more reason to migrate. Sadly my current commitments don't  allow me the time.

I had five (5) attempts yesterday alone.

 

 

Thanks @Geek_Girl. That's probably what I'm looking for, but Anton seems to have abandoned Dolphin and I don't feel like spending $2 with him any more. He was once a fantastic developer and his service was impeccable. However, I purchased a module which doesn't work logically and I even offered to pay him to fix the problem. Without the fix, the module is useless. He's ignored all but one email and it took him almost a month to answer the first. My remaining emails have gone into  his litter basket. Sadly, he seems to have joined the ranks vanishing third-party developers.

The module basically did a db lookup of a list of IP ranges comparing it to the ip address of the incoming request.  That would be a nice feature for Cheetah in the future.  I have done it in .htaccess but of course Nginx does not use .hataccess.  If you are running your own firewall, you can probably block a range of IPs at the firewall level.

Thanks @Geek_Girl. That's probably what I'm looking for, but Anton seems to have abandoned Dolphin and I don't feel like spending $2 with him any more. He was once a fantastic developer and his service was impeccable. However, I purchased a module which doesn't work logically and I even offered to pay him to fix the problem. Without the fix, the module is useless. He's ignored all but one email and it took him almost a month to answer the first. My remaining emails have gone into  his litter basket. Sadly, he seems to have joined the ranks vanishing third-party developers.

For blocking Countries I use the module https://www.boonex.com/m/Access_Management_System_2_0_0

It has a simple form with checkboxes for the countries you want to block.  It also includes some other features; like locking out ip addresses that try to hammer an account to gain access; if the person trying to get in fails at several attempts, then you can lock the ip out for a prescribed amount of time.  It is not a cheap module but it was a big help to block spammers on my Dolphin site.

Thanks Deano. I was talking about the Dolphin site because the script I'm referring to isn't going to be easy to convert. I was waiting for a stable release of Cheetah so I don't have an excuse other than I'm really busy on an unrelated project.

I'm glad to see that you've addressed the issue. I made my forum post here in case you were interested, but you've beaten me to it - again!

Best wishes,

John

The current release of Cheetah has a new feature called bot detection and is in the Anti spam section in admin.

I am guessing that these are bots creating these accounts and the reason i created bot detection into the script because i was getting hit on this site as well with the same thing.

I would suggest you turn it on. Or are you talking about a Dolphin site?

I receive about a dozen fake membership requests a week. They're not spam when they try to join, but I'm sure the member will intentionally spam once their membership is approved. These requests are coming form all over the place, so blocking IP's may be a pain.

The requests all have one thing in common. In the person's Description, they always include the words: Crypto currency, Bitcoin, Bit-Coin or Bit Coin.

I'm able to block them before their membership is approved, but I'm not sure if I can enter key-words somewhere to stop the join form from allowing the request to proceed. (Reject application containing the following key-words in Description of me: xxx, yyy, zzz)

I don't want the person to know they've been blocked because they've used a certain word, otherwise they'll just do another description without it.

Also, I'm using a country block in my .htaccess, but it's a bit hit and miss. Using the above keyword scenario, would it be difficult to also reject applications where a person enter's an unacceptable country? (Accept the following: USA, Australia, UK, France)

I'm not sure if third-party modules already exist for this, but maybe it's something that can be added to the Join Form and Advanced Settings?