Spam Login Filter v1.8.2

Release Notes

Some code cleanups, thanks to Cash.

  • oh no i can login fine, just the registration is blocked even on my home network

    A spammer was blocked during registration.
    
    E-Mail: .
    
    IP: 76.125.58.xxx // my IP
    
    Reason: Fassim IP blacklist.
  • @Cim: Seens to be a problem with fassim. I will contact the developer. For now just disable fassim´s check and remove the ip from blacklist.

  • @Cim: Try to check your ip manually and test again with our plugin.

    Just type the url and check the results:

    http://api.fassim.com/regcheck.php?apikey=yourapikey&ip=yourip

    Change "yourapikey" with your key and so on.

  • this is what i get

    {"email_status":false,"ip_status":true,"country_match":false,"proxy":false,"region":false,"top_isp":false,"top_domain":false}

  • @Cim: Send your IP in my personal inbox. But fassim says that your ip is blacklisted.

    I tried with 76.125.58.1 and ip_status was false. Weird.

  • I need to leave my computer now, but send me all information you have. I will check everything here. Same to you Roman.

  • ok i'll inbox you shortly

  • I get notification messages in the blocked IP addresses list. Since manage blocked IP's is not lpresent without spam login filter I assume it is part of this plugin. How to get rid of these deprecated messages?

    Utilities : Manage blocked IPs

    Deprecated in 1.8: Use 'base_url' instead of 'baseurl' for the navigation/pagination view Called from [#7] /home/romancos/public_html/engine/lib/views.php:506
    113.65.146.159  - Created 5 days ago  - Info  - Delete
    222.90.196.236  - Created 5 days ago  - Info  - Delete
    Deprecated in 1.8: Use 'base_url' instead of 'baseurl' for the navigation/pagination view Called from [#7] /home/romancos/public_html/engine/lib/views.php:506
  • @Roman:

    1 - No, the "base_url" is not in my plugin.

    2 - I asked you about your notifications by e-mail. I need to know what´s happening. Just give a look in the older comments. And I think that you have a problem, since you have deprecated messages in the core engine.

  • Don't know if this can help but I experienced the same problem apparently solved (I received no more complaints and new registrations) by setting IP Blacklist on No. For some reason this feature also added my ip to the blacklist.

    Cheers

  • Well, I looked into code, this deprecated notice is just elggs outloud speaking for administrators and pagination is properly made regardless method is 'base_url' or 'baseurl'.

     

     

  • @Roman: Again. The deprecated message doesn´t have relation with my plugin. Open my code and search for "base_url". I will pay you a dinner if you find it.

    @Michele: IP blacklist is there to block second time tentatives. Maybe fassim is giving some false positives, but I need the e-mails with the "blocked reason". I cannot investigate without it.

  • Hi Ray J ,

    sorry, I would have sent it to you but haven't got it because at the beginning I hadn't set any email address to send spam-block notifications to. Now I have set one but IP Blacklist is on No to avoid complaints by users who could not register.

    Checking all other emails I received, here you have a couple below:

    Oggetto:  Spammer blocked
    A spammer was blocked during registration.
                           
    E-Mail: xxxxx@hotmail.com.
                           
    IP: 82.0.149.236.

    Reason: Stopforumspam IP blacklist.
     
    ----
     
    This was one of the false positive:
    Oggetto:  Spammer blocked
    A spammer was blocked during registration.
                           
    E-Mail: xxxxxx@yahoo.co.uk.
                           
    IP: 71.191.1.198.

    Reason: Fassim IP blacklist.
  • @Roman - are you using Member Selfdelete?  That currently causes the 'base_url' notification and the latest from github fixes it.

  • For some reasons delete and report as spam does not submit spammer username, IP or password to stopforumspam.com blacklist. I do receive notification if the spammer is blocked

    elgg v1.8.6

     

  • @Roman: The plugin should submit username, ip and e-mail. Do you have a API key?

  • How do I permanently remove tinyMCE html editors from this plugins email and domain list entries. tinyMCE adds <br> tags and messes up list IMHO.

     

     

  • @Roman: I will release a patch today.

  • okay, looking forward for the patch, amazing plugin by the way even nwith all these minor iisues it does keep pests away from the site.

     

  • Well, I digged into elgg programmers manual and found that I can get rid of tinymce or richtext editor if I change form field type from largetext into plaintext, so here are file with 2 lines in the login spam plugin that needs to be changed:

    in views/default/plugins/spam_login_filter/settings.php

    line 106 change to -

        echo elgg_view('input/plaintext', array('name' => "params[blacklisted_mail_domains]", 'value' => $vars['entity']->blacklisted_mail_domains));

    line 122 to -

        echo elgg_view('input/plaintext', array('name' => "params[blacklisted_mails]", 'value' => $vars['entity']->blacklisted_mails));

     

    upload changed plugin and flush caches to see fresh changes. Good luck.

     

  • @Roman: Thank you. I already did that, but I need time to test all plugin before uploading it. And I am waiting for response about the fassim issue, so I can upload a plugin with major changes.

    For now, you can select the "disable editor" link in settings page.

  • I had this set up and it worked like a charm for over a week. Then suddenly 2 days ago the spam accounts once again started flooding in. I have no idea what's going on. Since then I have now gotten an API from stopforumspam.com and that is not helping either. I'm deleting about 10 - 20 spam profiles a day now. Just like it was before I installed the spam login filter.

    Does anyone have any idea what this is about?

     

    Plugin Settings

    Spam Login Filter


    Stopforumspam

    Use stopforumspam.com

    stopforumspam API Key (Optional) (I have added one !)

    Fassim

    Use fassim.com
    Fassim API Key

    Check email?
    Check IP?
    Block anonymous proxies?
    Block top spamming ISP's?
    Block top spamming domains?

    You now can type in the country code(s) you want to block from registering to your forum. Just type in the country abbreviation, for multiple separate by comma (e.g. US,LV,HK). For a list that we currently keep up to date and block, clickCountry Codes to get the codes.

    If for some reason you want to block a specific region from registering from your site, you can type in the region code(s) you want to block from registering to your forum. Just type in the region abbreviation, for multiple separate by comma (e.g. US-GA,CA-NS). For a list that we currently keep up to date and block, click Region Codes to get the codes.


    Domain Blacklist

    Use mail domain blacklist
    Blacklisted mail domains - One per line



    Email Blacklist

    Use especific mail blacklist
    Blacklisted mails - One per line


    Plugin Notifications

    Notify blocked tentatives by e-mail
    E-Mail Address

    IP Blacklist

    Blacklisted IPs can navigate into site, but will see the error '403 error - Access denied' in registration page.
    Use IP blacklist cache
     
  • My main elgg install with higher volume is okay (zero spam attempts today).  I check that one at least six times a day.  Hardly any spam at all on that site now.  But the other two which I check only one a day or every few days get it far worse.  One was hit with about 7 spams today (it used to be hundreds a day!) and the other was clean.

    I think it makes a big difference in how fast and consistantly you check it to kill the spammers who still make it through.  They stop when they see all their IPs are being shared to a community blacklist and they will avoid (or take it off their spam lists) your site after a while.  Keep plugging away and it should get a lot better soon since you have the API key and are submitting spammers. 

  • I'm hoping it will too, and I do keep at it. I just wonder why it totally stopped after installing the plugin, and then a week later it suddenly flooded in again. Perhaps I'm just being targeted manually at the moment. Since I installed the image captcha it also put a stop to it, for a while.

  • I cannot get the 'domain blacklist' to work?

    I tried domain.com / www.domain.com / @domain.com but several spammers keeps entering with the same @domain.com name? Please let me know if I'm doing something wrong. I would love to block these spammers.

Matt Beckett

I'm a self-employed web developer, family man, nerd, scuba diver. Manager/maintainer of this elgg community site, and core Elgg development team member.

Project Info

Stats

  • Category: Spam
  • License: GNU General Public License (GPL) version 2
  • Updated: 2015-12-18
  • Downloads: 11484
  • Recommendations: 78

Other Projects

View Matt Beckett's plugins