[Fury]

Disable it? Whaddya mean? You use email address INSTEAD of user name.

The alternatives?
- Make registration captcha weaker to allow them to create new users we can then ban and delete.
- IP-ban every random IP-address that is logged in the error log and doesn't belong to the registered user.

I don't see much choice in the matter.

[Goober5000]

Disable it? Whaddya mean? You use email address INSTEAD of user name.

Yes, I understood what you meant.  But I don't particularly like it.

The alternatives?
- Make registration captcha weaker to allow them to create new users we can then ban and delete.
- IP-ban every random IP-address that is logged in the error log and doesn't belong to the registered user.

I don't see much choice in the matter.

Yeah, I don't either.


EDIT: I'm slightly confused though.  Why would the user be logged out if someone else tried to access his account?  Presumably, the bot would not be able to successfully log in in the first place.

[Fury]

EDIT: I'm slightly confused though.  Why would the user be logged out if someone else tried to access his account?  Presumably, the bot would not be able to successfully log in in the first place.

No idea, but that's apparently how SMF works based on replies in some similar issues in the official SMF forums. They didn't offer changing this behavior as solution either, but instead directed at other ways to counter such bruteforce bots.

[Goober5000]

I presume this is the thread you saw?
http://www.simplemachines.org/community/index.php?topic=416928.0

[Fury]

It was late yesterday so it could be, though I saw several. In any case, either one of these should be installed, or both.
http://custom.simplemachines.org/mods/index.php?mod=1665
http://custom.simplemachines.org/mods/index.php?mod=2155

Though I dislike such heavy modifications as they always make it a pain to upgrade forums later when compatibility updates to mods come later. I should probably investigate how to set up the latter server-side, rather than as SMF modification.

Edit: Looks like the Project Honeypot, or http:BL whatever the name is, also has apache module. Interesting, I should look at that.

[Fury]

I've actually now trying out something else, a DNS based solution. This however means that the change will propagate to people within 24-48 hours. I hope it works, otherwise HLP might be down for another 24-48 hours while DNS is reverted back and propagated worldwide.

[TopAce]

What's a DNS-based solution?

[Fury]

I'll tell when and if I've confirmed it actually works.

[Fury]

Alright, so far the DNS change has not broken anything. I'll be able to get some statistics of how it has performed tomorrow. If it performs up to expectations, it should have been able to filter out most of spambots and other **** before they even reach the server. This is not in place for game-warden.com domain however, only hard-light.net.

Coincidentally SMF 2.0 RC5 was also released today which I've already upgraded the forums to. Full changelog included following two entries:

Code: [Select]

! Users were logged out when other failed attempts to login were made (Load.php)
 ! Unoptimized query for topic participation query in unread topics. (Recent.php) [Bug 4457]
Which are two bugs I believe we have met.

Should stop the immediate grief we've had.

[newman]

Just as a matter of feedback, I haven't had a single logout today. Unless I was lucky and it starts again tomorrow, whatever you did seems to have worked. Thanks in any event.

[Mongoose]

Yeah, I was getting them every visit over the past few days but haven't had it happen today.  Fingers crossed.

[Aurora Paradox]

I haven't had a single logout today.

Same here.  Lets hope this is a permanent fix.

[Nohiki]

Well i got booted three times  Which wouldn't bug me if it didn't clean the "unread posts since last visit"... I'm waiting to see if the new version fixes that though before digging any further.

[achtung]

I'm still being logged out intermittently.

[Fury]

What's a DNS-based solution?

Some of the more clever types have probably already figured it out. And it seems to be working as advertised. The DNS based solutions is a DNS proxy in the form of CloudFlare. http://www.cloudflare.com

Feel free to read details on the site, should answer all questions if you have them. It is not used on game-warden.com. I intend to give CF a week long trial, if it passes the trial, I'll set up different account for GW. I cannot change DNS servers that GW uses, so that is left to MatthewPapa to do, if he ever will.