How to stop Buddypress Spam Bot Registration

Listen to the blog post


Hi,

Anygig Screen Registration

Anygig Screen Registration

Are you tied of spam registrations?  I am!  I grew so fed up with plugins not stopping spam that I decided to do it my way.  First, you got to know who you are going up against and what technology they like to employ to do their task of hacking in to your site.  Where do you start?  Your LOGS!  So in the logs I see entries like this:

127.0.0.1 – - [13/May/2010:10:04:01 -0400] “GET /register/ HTTP/1.0″ 200 15076 “http://anygig.com/register/” “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 3.0.04506; Media Center PC 5.0; SLCC1; Tablet PC 2.0)”
127.0.0.1 – - [13/May/2010:10:04:02 -0400] “POST /register/ HTTP/1.0″ 200 9309 “http://anygig.com/register/” “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 3.0.04506; Media Center PC 5.0; SLCC1; Tablet PC 2.0)”
Easy enough to spot.  The bot does an html get first.  This populates their script with form data and input variable names.  The bot then fills out the empty variables and does a post with it.  I’ve even seen some bots do this with javascript checks and even captcha.  With captcha you can use a tool to decode the text and then fill it in.  It’s harder, but not impossible.  Worst, the tool is FREE!  With the javascript if you know what you’re doing you can circumvent this too.  I won’t say how here though ;)
Almost all scripts I encounter are perl using LWP and/or Mechanize.  Great tools to automate testing websites with.  They do have one failing point.  They can’t handle client side (aka javascript/jQuery) scripts.  Now it’s OUR turn.  Let’s exploit their weakness! Edit your registration.php page for buddypress and look for the form element tag.
<form action="" name="signup_form" id="signup_form" method="post" enctype="multipart/form-data">
Replace it with something else.  Like this:  <div id=”signup_form”>.  Find the other </form> tag and replace
that with </div>.  Previous bot hits will search for your id on this and now fail because it’s a div, not a form:)
I bet you’re wondering, ya great, but now what?  No one can register now.  True.  Let’s fix it so that only
browsers can register.
At the bottom of your registration page add this:
<script>
jQuery(document).ready( function() {
var my_html = jQuery("#signup_form").html();
jQuery("#signup_form").replaceWith('<form action="" name="signup_form" id="signup_form" method="post" enctype="multipart/form-data">'+my_html);
});
</script>

Now what that does is find the contents in between the old div and saves it off.  Then we replace the DOM element div with the form we used to have AND the previous div contents which was our valid form.  The browser will then go and replace all of this for you.  But our bad guy bot script will fail miserably.

This isn’t all encompassing, but for many of the bot scripts I encounter this stops them dead.   Yes, there are multiple ways around this, but this stops the novice – senior level developer out there.

I hope you all find this helpful :)



May 14, 2010   Tags: , , , , , ,   Posted in: Theme, Uncategorized, buddypress  One Comment

Buddypress Event Plugin For 1.2 +


Hi,

Dave's Buddypress Events Plugin Example Event

Dave's Buddypress Events Plugin Example Event

Here’s a modified version of the Buddypress Events Plugin that works with Buddypress 1.2 +.  It is based on Erwin Gerrits bp-events plugin.  I plan on adding Geo location to it soon and I’m working with Erwin to get this released in to the community again, but for now download it bp-events-dave-aubin-1-2 :)

Thanks,
Dave



April 21, 2010   Tags: , ,   Posted in: Events, Plugins, Uncategorized, buddypress  5 Comments