| 
Welcome, Guest

TOPIC: CB Antispam released with great protection tools

CB Antispam released with great protection tools 1 year 6 months ago #226719

  • nant
  • nant
  • ONLINE
  • Administrator
    Administrator
  • Posts: 21862
  • Karma: 810
This thread discusses the big news CB Antispam released with great protection tools.

Great job once again Kyle!
Congratulations to Kyle (krileon) for the great new major release!

Keep up the great work. :)
Last Edit: 1 year 6 months ago by nant.
The administrator has disabled public write access.

CB Antispam released with great protection tools 1 year 6 months ago #226724

  • activha
  • activha
  • OFFLINE
  • Platinum Boarder
    Platinum Boarder
  • Posts: 488
  • Karma: 1
Wonderful ans vert useful plugin.

Could you tell us how and where phrases for anti spam can be translated ?

How does it fit with admin tools ? Can both tools be used at the same time for front end login control ?

Thanks
The administrator has disabled public write access.

CB Antispam released with great protection tools 1 year 6 months ago #226735

  • dotcom22
  • dotcom22
  • OFFLINE
  • Platinum Boarder
    Platinum Boarder
  • Posts: 567
  • Karma: 3
This plugin seem to be very complete and powerful... I looked on all settings but I'm a bit lost and unfortunately like all Incubator project no documentation are provided.

My goal was to only block user IP after (for example after 5 login attempt) for prevent brute force attack. So if I understand correctly is only required to:

- Go to Configuration plugin
- Go to Tab Login
- Go to Tab Auto-block
- Enable block

Could you confirm if this is right please ?

thank
I use Joomla 3.3.6 - CB 2.0 - CBSubs 4 - Several Incubator plugins
The administrator has disabled public write access.

CB Antispam released with great protection tools 1 year 6 months ago #226741

  • krileon
  • krileon
  • ONLINE
  • Administrator
    Administrator
  • Posts: 38651
  • Karma: 1095
Could you tell us how and where phrases for anti spam can be translated ?
All strings can be translated. Even the Question captcha mode questions and answers can be translated.
How does it fit with admin tools ?
I've no idea what admin tools is. CB AntiSpam acts on CB triggers so its goal is to only protect CB sites. It also only functions for frontend as there's plenty of tools to block backend (best case for backend is htaccess lockdown admin).
Can both tools be used at the same time for front end login control ?
I don't see why not.
Could you confirm if this is right please ?
Yup, that's correct location. Set the Attempts to 5 and adjust the other settings as needed as well to have your desired results.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Tutorials + Search the forums
CB links: Documentation - Tutorials - Templates - CBSubs - Hosting - Forge - Incubator - GroupJive
--
If you are a Advanced, Professional, Developer, or CBSubs subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Advanced, Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM EST to 4:00 PM EST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
--
If you use Community Builder, please post a rating and a review at the Joomla! Extensions Directory.
Last Edit: 1 year 6 months ago by krileon.
The administrator has disabled public write access.

CB Antispam released with great protection tools 1 year 6 months ago #226753

Delighted to see a plugin to combat SPAM, but what we really need is something that can pattern match against registrations data to provide automatic blocks. We get a lot of robotic registrations with pretty consistent patterns: For example:
Name - Sleegrern SleegrernAZ
E-mail - This e-mail address is being protected from spambots. You need JavaScript enabled to view it
Username - Sleegrern

The "lastname" will always end in 2 Upper case characters and first, last, and username all match (except for the 2 uppercase characters) OR we get some where first, last, and username all match exactly. These are and a few other repeating patterns are all generated by SPAM-bots out there. A CB plugin that let use set up rules using REGEX patterns for these three fields and block if the pattern is matched would be HUGELY helpful.

We can not block by IP or email domain as the IPs vary widely and the emails are generally hacked accounts on popular email services like hotmail, yahoo, gmail, etc.). The best option would be something to detect the robot generated patterns of name and username and block if the pattern is matched.

Any chance you may add a feature like this to the new anit-spam plugin? Or is there any otther way this could be done with existing CB plugin(s)?
The administrator has disabled public write access.

CB Antispam released with great protection tools 1 year 6 months ago #226773

  • krileon
  • krileon
  • ONLINE
  • Administrator
    Administrator
  • Posts: 38651
  • Karma: 1095
Delighted to see a plugin to combat SPAM, but what we really need is something that can pattern match against registrations data to provide automatic blocks. We get a lot of robotic registrations with pretty consistent patterns: For example:
Name - Sleegrern SleegrernAZ
E-mail - This e-mail address is being protected from spambots. You need JavaScript enabled to view it
Username - Sleegrern

The "lastname" will always end in 2 Upper case characters and first, last, and username all match (except for the 2 uppercase characters) OR we get some where first, last, and username all match exactly. These are and a few other repeating patterns are all generated by SPAM-bots out there. A CB plugin that let use set up rules using REGEX patterns for these three fields and block if the pattern is matched would be HUGELY helpful.
You don't need a plugin for this. You've been able to do this for years now. Just add custom regex validation to your fields by editing them in CB > Field Management and setting "Authorized input:" to "Custom PERL regular expression" now add your custom validation to "Perl Regular Expression:". Then they'll never even make it past registration validation and will fall into failed registration attempts and be subject to blocking if you enable and use it.
We can not block by IP or email domain as the IPs vary widely and the emails are generally hacked accounts on popular email services like hotmail, yahoo, gmail, etc.). The best option would be something to detect the robot generated patterns of name and username and block if the pattern is matched.
Nothing can detect such patterns reliably. What if a legitimate user has 2 upper case letters? You just lost a customer or user due to it. Spam registrations will always be a reality. The idea behind CB AntiSpam is to cut back on them. Human spam bots, like what you're probably experiencing, will always surpass stuff like this because it's a person sitting there inputting the data. Spam bots won't or shouldn't make it past the new captcha in CB AntiSpam so you should be able to completely eliminate automatic bots; you can also use ReCaptcha captcha mode if you like which uses advanced image recognition deterrent techniques.
Any chance you may add a feature like this to the new anit-spam plugin?
Nope.
Or is there any otther way this could be done with existing CB plugin(s)?
In addition to the above you can use CB Auto Actions to check against post data and try to fail the registration. Conditionals has a REGEX operator so you could regex a field value to see if it contains a match to something you don't like then set a $_PLUGIN error which should stop registration using a Code action with PHP Method. Be careful though as simply checking for 2 capital letters at the end of a last name could easily backfire and block many legitimate users.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Tutorials + Search the forums
CB links: Documentation - Tutorials - Templates - CBSubs - Hosting - Forge - Incubator - GroupJive
--
If you are a Advanced, Professional, Developer, or CBSubs subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Advanced, Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM EST to 4:00 PM EST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
--
If you use Community Builder, please post a rating and a review at the Joomla! Extensions Directory.
Last Edit: 1 year 6 months ago by krileon.
The administrator has disabled public write access.
Time to create page: 0.238 seconds