Results 1 to 5 of 5
  1. #1

    Changed forum registration URL

    For the past couple of months the forum's registration page was getting hammered by bots. We were getting around 5000 registrations attempts per week. And even though they didn't get past our super secret question, they did take up bandwidth and cause server load.

    So to fight the spam some more I have changed the registration URL with a mod to the forum. New people signing up should be presented with the new URL if they click on the Register button. Bots linking directly to the old register.php page will get a 404 error.

    People who have already installed this mod have reported that their bandwidth usage has dropped to 1/5th of what it was before. That makes those bots almost seem like a DDOS attack. Then again, more then half of the Internet traffic is just bots nowadays. Good bots, bad bots, some as bot as your bot...

    Name:  Bot Traffic Report 2013.jpg
Views: 193
Size:  524.7 KB

  2. #2
    Sverf
    Guest
    Nice one!<and increase to more then 10 characters>

  3. #3
    Some bots still managed to find the registration URL, so I changed it again. And then I also changed the CSS class, changed the image name and removed the alt tag describing the image. In the HTML code there is no longer any use of the word "registration" that points to the actual registration URL.

    Let's see if bots are able to find it now. They'd have to OCR the page or count links in the HTML code and guess the right one. Still pretty doable, but it means they'll have to put in effort for just one small forum.

  4. #4
    This approach seems to be working better. Bots can't seem to find the registration page any longer and the amount of bots trying to find it has seemed to have dropped considerably...

    That being said, here are the entries from the apache error log from yesterday where bots couldn't find the registration page:
    Spoiler!


    I expect they will die down eventually after enough failed attempts.

  5. #5
    Sverf
    Guest
    Or else we'll just replace it with a php script that returns data very slowly, so those bots get stuk in a tarpit. 1 character every 30 seconds or so

    D

    I

    E

    S

    P

    A

    M

    B

    O

    T

    !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •