[Douglas]

iLoveHouseMusic:

Where is the normal "captcha" enabled in JR? is that global or at a quota level?

Admin Options > System Config > Account Settings > Use Image Validation


_________________
Douglas Hackney
Jamroom Network Team Member: http://www.jamroom.net
Priority Support: http://www.jamroom.net/Support_Center

[Douglas]

I changed my singup.tpl file from this:

Code

{if $image_validation == 'yes'}     <br><br>     {if strlen($jr_recaptcha_api_key) > 5}       {jr_form_captcha}     {else}       {jr_form_captcha width="250" height="80" class="n_outline"}<br><br>       &nbsp;{jr_lang id="43" default="Enter the validation code from the image"}:<br>       <input id="captcha_code" type="text" name="captcha_code" value="" class="jform input" style="width:340px;">     {/if}   {/if}

to this:

Code

{if $image_validation == 'yes'}     <br><br>       {jr_form_captcha}   {/if}

and that seems to work...

Douglas


_________________
Douglas Hackney
Jamroom Network Team Member: http://www.jamroom.net
Priority Support: http://www.jamroom.net/Support_Center

[iLoveHouseMusic]

Thank you for this, I did not know about recaptcha.

[Brian]

I've just uploaded an updated Jamroom 4.2.6 Change Set for the Jamroom Bonus Pack that addresses the ability for a user to signup to a quota that has signups disabled:

http://www.jamroom.net/index.php?m=td_tracker&o=view&id=1897

The check was being enforced but only for Invitations to the quota, not direct signups.

I would recommend upgrading to the latest signup.php in the change set, and please let me know if you see any issues. I wanted to get this out as quickly as possible so did not put this change through the normal testing process, but being a relatively minor change it should be good.

Thanks!

- Brian


_________________
Make sure and check out:
* The Jamroom FAQ
* The Jamroom Documentation

[jcable]

Absolutely brilliant, BigGuy!
Thank You!! Thank You!!

someone def has exploited this bug, good advice... get patching!
we've been hit by over 1900 IPs thus far, avg about one a minute for over 24hrs..

(upgrading now)

[speedbunny]

Yes, the patch seems to be working - thanks Brian


_________________
http://rockaffairs.com <- My Jamroom site!
http://ownersabroad.org <- My holiday site!
http://vapers.co.uk <- My e-cig site!

Er, yeah, I'll stop that now, I have about 50 more.... (heads over to the soda machine...)

[iLoveHouseMusic]

Thanks for the prompt fix!

[emdiamond]

Ok, ReCaptcha os working but seeing same issue in signup. There are now two places to enter the reCaptcha info. One in the image and the other is generated by JR : "enter the validation code from the image:"


The one in the Recaptcha image works fine. So how do we get rid of the redundant line? "enter the validation code from the image:"

Thanks


Also, the spam has slowed down by useing reCaptcha.

Quote:

I've done this for my site, however I still see the " enter the validation code from the image:" text and form field, even though the new reCaptcha image is showing. Is there something else we need to do? Thanks, Douglas

[Paul]

Edit the skin jr_signup.tpl (or signup.tpl) template to remove the field.
Cheers
Pa


_________________
Paul Asher
Jamroom Network Team Member: http://www.jamroom.net
Priority Support: http://www.jamroom.net/Support_Center

[emdiamond]

My line was a little bit different. But I found it and this works.

Thanks


Changed this:

{*
{if $use_captcha == 'yes'}
<br><br>
{if strlen($jr_recaptcha_api_key) > 5}
{jr_form_captcha}
{else}
{jr_form_captcha width="250" height="80" class="n_outline"}<br><br>
&nbsp;{jr_lang id="43" default="Enter the 5 digit code from the image"}:<br>
<input id="captcha_code" type="text" name="captcha_code" value="" class="jform input" style="width:340px;">
{/if}
{/if}

*}


To this:

{if $use_captcha == 'yes'}
<br><br>
{jr_form_captcha}
{/if}

pasher:

Edit the skin jr_signup.tpl (or signup.tpl) template to remove the field. Cheers Pa

[jcable]

Appreciate all the suggestions, had no idea this post was even going on while I was leading another in VIP. we are still currently under extreme fire by this botnet spammer. we've banned nearly 2500 IP address on our firewall thus far, at its peek we had it trying to log in from a failed rouge account via 10 IPs within less then 30s. Kinda of a overview of how large this bots scope has been for us.


What we've learned:
- Banning the emails in JR is a completely pointless effort.
- Manually banning the IPs is also pointless effort.
- Banning IPs as suggested via JR can work but still allows apache access.

Since they are coming @ us with such force apache was taking a bit of performance hit, we were also trying to protect SQL from garbage data, far from a DOS attack but still affecting our community.

We have taken the following actions:
- removed the affected/exploited quota and moved all active user to a new one.
- deleted and removed all the rouge accounts, had to take it down for maintenance for a few minutes.
- we wrote a bash script to loop and grep the apache logs and drop IPs @ iptables that were accessing the exploited now removed quota
(+2500 blacked so far)
- we patched the signup.php in the test release provided by Brian (Thanks!)
- we switched captcha to Google API (Great Suggestion! no template edits were required)

They are still hitting us, new IP once a min on avg now. Hopefully they get the picture and shut this script off soon, now its just a nuisance. Thanks for helping make it a patched one!

-jc

[Brian]

I'm glad to see the fix helped. I'm not sure why we're seeing such an "explosion" in spam bots right now, but glad to see you've been able to hold the line

- Brian


_________________
Make sure and check out:
* The Jamroom FAQ
* The Jamroom Documentation

[emdiamond]

Probably Google. Seems the attacks came right as they started their new music service. They don't like competition.

LOL

bigguy:

I'm glad to see the fix helped. I'm not sure why we're seeing such an "explosion" in spam bots right now, but glad to see you've been able to hold the line - Brian

[emdiamond]

Ok, I have over 700 Spam blogs I want to remove. There is a button to accept them all but no button to remove them all when checked. Does anyone have a quit way of removing all pending blogs?


This is the page that has this on, I put yoursite.com in for reference

http://www.yoursite.com/tools.php?mode=pending&type=message


Blog (746) Audio (0) Video (0) Photos (0) Vault (0) Events (0) Store (0)
Submitted Profile Blog Title Modify Approve Reject
11/15/11 17:31:00 rogerschultz1026 Data Center San Diego
11/15/11 17:34:13 eduardovinso36 Tackling a Mouse Issue

[speedbunny]

And here is a question... if I remove these users at Database level, then run 'Integrity Check'/'Repair Tables', does it remove the blog entries (and all other information) associated with the users I've deleted?


_________________
http://rockaffairs.com <- My Jamroom site!
http://ownersabroad.org <- My holiday site!
http://vapers.co.uk <- My e-cig site!

Er, yeah, I'll stop that now, I have about 50 more.... (heads over to the soda machine...)