WXforum.net
Miscellaneous Debris => Tech Corner => Topic started by: saratogaWX on January 11, 2022, 11:23:52 AM
-
I analyze the webserver logs of wxforum.net (and all my sites) daily and it's amusing to note that the robo-registration bots are ever trying to get a foothold on wxforum.net, but are thwarted by the dual captcha devices from successfully registering.
Here's yesterday's unsuccessful attempts:
Count IP Address Location
1495 46.161.11.28 net for dedicated servers users, Russia
954 193.169.254.146 PL-AstroVM-net, ASTROVM.NET, PL (AstroVM.net)
342 178.129.197.209 OJSC "Bashinformsvyaz", Russia
325 158.46.99.43 E-Light-Telecom, Russia
316 195.246.120.170 EU-ZZ-193-194-195, Europe, EU (The Netherlands)
291 46.148.234.229 ECO-NET, route object, RU (Altagen CJSC 3 Davydkovskaya street 121352 Moscow RUSSIAN FEDERATION)
172 95.65.81.152 STARNET S.R.L, Moldova
171 193.169.253.97 GigaHostingServices-NETWORK, PL (ESTONIA)
156 91.221.66.52 Oy Crea Nova Russia LTD, Finland
130 191.101.132.137 Digital Energy Technologies Chile SpA, CL (8320313 - Santiago - RM)
119 46.148.234.164 ECO-NET, route object, RU (Altagen CJSC 3 Davydkovskaya street 121352 Moscow RUSSIAN FEDERATION)
119 165.231.5.4 FIBERGRID-20120611, SC (Seychelles)
114 5.138.126.22 Macroregional_South, Stavropol, Russia, RU (355000, Stavropol, Russia)
114 191.101.132.95 Digital Energy Technologies Chile SpA, CL (8320313 - Santiago - RM)
107 37.192.177.23 RU-NTK-20120321, Novotelecom Ltd., RU (630099 Novosibirsk Russia)
...
They're also after unsecured comment forms, but the Login Pad captcha (https://saratoga-weather.org/scripts-contactLP.php#contactlp) is thwarting the robo-spammers too.
Count IP Address Location
47 109.194.243.36 ERTH-IRKUTSK-PPPOE-19-NET, TM DOM.RU, Irkutsk ISP, RU (Russian Federation)
12 95.152.50.222 JSC Volgatelecom, Penza branch, RU-PENZA-VT-DSL-200901, RU (Russia)
12 92.38.136.69 DINET-USER1, aggregate prefix, RU (Moscow, Russia, 129366)
12 62.171.190.173 RMPLC, Internet for Learning, GB (United Kingdom)
12 178.159.37.66 SBY-Telecom, UA (Marshala Grechko st., n. 20-B, Kiev, Ukraine)
10 24.37.226.178 Le Groupe Videotron Ltee, VL-15BL, Montreal, CA (150 Beaubien Ouest)
10 188.122.82.146 i3d B.V., Netherlands
-
Mainly from eastern Europe :(
It may be overkill but how about randomising the login pad code each time? Something like...
$rndArray = range(0, 9);
shuffle($rndArray);
$kpChallenge = implode('', array_slice($rndArray, 0, 8));
-
Yep, Russia, Ukraine, and other eastern Europe seem to be lax about shutting down robo-spammers and scanners for vulnerabilities to take over a website for use as new spammer/malware distribution. Sigh.
I've found that even using a static passcode with Login Pad captcha, the robots haven't conquered it yet. They're already using Google voice-to-text to solve Google reCaptcha V2 sites easily so that alone is insufficient to protect from spammers. That's why we use two forms of captcha for registrations on WXForum.net -- only the very occasional human spammer slips through now.
-
I've heard that there are third-world sweatshops that take live CAPTCHA images from sites they wish to access via bot, and present them to people as a game. Solve it correctly, earn a penny or something if the answer gets the bot past that CAPTCHA. Who needs artificial intelligence when natural intelligence works that cheap?????
-
But how many legitimate members are turned away?
I do not do the captcha thing. If a site presents it and my solve it bot doesn't solve it instantly, I go away and never return.
-
As to legitimate members turning away, I've only had 4 admin messages from folks saying they couldn't work the captchas in the last 4 years. I handled those manually via email contact.
The contact form on the forum just has a Google reCaptcha V2 on it so is easy to navigate.
Before installing the noCaptcha image rotation captcha, we were flooded with spammer registrations. Apparently, the robospammers had cracked that one two if the default images were used, so I crafted a custom set of images and they've not cracked it yet.
I definitely prefer to thwart the robots at registration by automation than to constantly clean up the mess with a more robot-friendly registration mechanism. Your mileage may vary...
-
Thanks for staying on top of this, Ken!
Rich K.