Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Latest post by dunwin on Monday, 13 March 2023 12:42 CDT
Please look at the bottom of this page (under Support Policy Summary) for our support policy summary, containing important information regarding our working hours and our support policy. Thank you!
We are having problems with fake registration from Spam Bots. We have Google Recaptcha active, but we still get bursts of 30+ regsitrations.
Is there anything in Admin Tools we can use to help?
Thanks in advance for any help or advice
David Unwin - London UK
You can't stop bots, they are not under your control.
If they act maliciously, they trigger security exceptions and their IPs are auto-blocked. See Auto-ban in https://www.akeeba.com/documentation/admin-tools-joomla/web-application-firewall.html#waf-configure-autoban
If you have specific user agents you want to block, you can do that in the .htaccess Maker.
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Thanks for the information
Kind regards
David
David Unwin - London UK
You're welcome!
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Nicholas,
Just a quick question in relation to this.
In the HTAccess Maker, there are a number of user agents blocked by default, which I assume you at Akeeba have identified. See screen shot.
Is there an internet site or source where these and newer user agents are listed. And if so, how would you access these and put them into the list?
Kind regards
David Unwin - London UK
These are a collation of user agents I found on different sites over the years, plus Wget and cURL. The latter two are not bots per se, they are both legit command line software and programming libraries. Unfortunately, many idiots use them for their "hacking" scripts so blocking them by default is easier.
Please remember that the user agent protection is weak by definition. Anyone can set whatever user agent they want to a request they make to your site. This feature is just to stop annoying crawlers and the dumbest of the dumb script kiddies who can't figure out the hacker's equivalent of not pissing their pants.
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Thanks for the 'heads up'
I have now modified our Account Registration form to include a 'captcha' with 4 numbers which is easy for the end user to enter, but hopefully, stop some of these automated scripts??
Kind regards
David
David Unwin - London UK
Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.
Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!