Chris Lloyd Posted April 27, 2018 Report Share Posted April 27, 2018 I have a couple of persistent spammers who are signing up for user accounts and although I can easily delete them (I am deleting their requests several times per week) I would like some way of blocking their email addresses or their IP from accessing my site. Any ideas please? Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted April 27, 2018 Report Share Posted April 27, 2018 Chris, Install the No Captcha reCAPTCHA Add-on The hooks for captcha have been in TNG since TNG v6 and this mod will be part of TNG v12 Quote Link to comment Share on other sites More sharing options...
Chris Lloyd Posted April 27, 2018 Author Report Share Posted April 27, 2018 Thanks Ken, I'll give that a go. Quote Link to comment Share on other sites More sharing options...
Chris Lloyd Posted April 28, 2018 Author Report Share Posted April 28, 2018 14 hours ago, Ken Roy said: Chris, Install the No Captcha reCAPTCHA Add-on The hooks for captcha have been in TNG since TNG v6 and this mod will be part of TNG v12 Tried it Ken but for some reason I only get the recaptcha input. Click continue and it comes back to the input box. Will have to revert to 'normal' however since my first post 14 hours ago I have had the same 2 applying for user accounts! Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted April 28, 2018 Report Share Posted April 28, 2018 Chris, I would report this problem to Bryan Larson using the Contact Mod Developer links. This is the mod which was incorporated into TNG v12, so if there are issues with it, they need to be resolved soon, since TNG v12 is about to come out. Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted April 28, 2018 Report Share Posted April 28, 2018 I sent a message to Bryan and the TNG v12 beta testers list. I don't use that mod, but rather use the Image Captcha Mod which uses the same TNG hooks for new registration, contact us, and suggest. Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted April 28, 2018 Report Share Posted April 28, 2018 Michael, You should be able to continue to use your preferred captcha mod in TNG v12. You will need to rename the distributed TNG_captcha.php file to something like TNG_captcha_v12.php or something like that in order to get any of the other captcha mods installed. Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted April 28, 2018 Report Share Posted April 28, 2018 Actually, the TNG hooks for captcha have been there since TNG v6. TNG v12 is the first time that TNG will actually provide a TNG_captcha.php file. In order to install a different captcha than the one provided, you will need to rename the distributed TNG_captcha.php file, so that the mod you want to use will install. In order to use the distributed captcha version you will need to request the keys, unless you are already using the No Captcha reCAPTCHA Add-on in which case you will have the keys but will need to save them in the TNG Setup > General Settings Quote Link to comment Share on other sites More sharing options...
bsl20b50 Posted May 1, 2018 Report Share Posted May 1, 2018 On 4/27/2018 at 7:58 PM, Chris Lloyd said: Tried it Ken but for some reason I only get the recaptcha input. Click continue and it comes back to the input box. Will have to revert to 'normal' however since my first post 14 hours ago I have had the same 2 applying for user accounts! Hi Chris, I was the original developer of that mod which has been integrated into TNG V12. The issue you describe has been reported before by a small number of users. It appears to be related to server configuration, but I have not been able to pin it down yet. I have reported this to Darrin, but I don't know if he has done anything with it either. For the purpose of identifying the problem a little better, could you tell me who your host is? Thanks, Bryan Quote Link to comment Share on other sites More sharing options...
bsl20b50 Posted May 1, 2018 Report Share Posted May 1, 2018 Chris, I have done some research and may have a solution to the problem with my Captcha mod. Would you be kind enough to test it for me? I need to test it on a site that is affected by the issue you described. Please replace: global $currentuser; if ( $currentuser || $_SESSION['passedcaptcha']) return; with: ini_set("allow_url_fopen", 1); global $currentuser; if ( $currentuser || $_SESSION['passedcaptcha']) return; near the top of TNG_captcha.php in the No Captcha ReCaptcha add-on. Please let me know if this resolves the issue for you. If it does, I will let Darrin know so he can update it for the TNG V12 package. Thanks, Bryan Note: Thanks goes to Oliver Schwabedissen for pointing me in the right direction. Quote Link to comment Share on other sites More sharing options...
Chris Lloyd Posted May 10, 2018 Author Report Share Posted May 10, 2018 On 5/2/2018 at 9:22 AM, bsl20b50 said: Please let me know if this resolves the issue for you. If it does, I will let Darrin know so he can update it for the TNG V12 package. Thanks, Bryan Note: Thanks goes to Oliver Schwabedissen for pointing me in the right direction. Thanks Bryan Been away for a few days - will try this edit over the weekend and get back to you. Cheers Chris Quote Link to comment Share on other sites More sharing options...
Chris Lloyd Posted May 13, 2018 Author Report Share Posted May 13, 2018 On 5/2/2018 at 9:22 AM, bsl20b50 said: Chris, I have done some research and may have a solution to the problem with my Captcha mod. Would you be kind enough to test it for me? I need to test it on a site that is affected by the issue you described. Please replace: global $currentuser; if ( $currentuser || $_SESSION['passedcaptcha']) return; with: ini_set("allow_url_fopen", 1); global $currentuser; if ( $currentuser || $_SESSION['passedcaptcha']) return; Hi Bryan No joy with the change . I have cleared my cache etc as well but get the following on the contact us page: and then it reverts to the I am not a robot after checking the box. Get the same on the register for account. Cheers Chris Quote Link to comment Share on other sites More sharing options...
XerxX Posted June 12, 2018 Report Share Posted June 12, 2018 (edited) One of the ways I use to stop spam, is to remove all links from the index page. Send a form instead of using "href=" links... You can check my site: https://xerxx.se/ - lots of links but that's only what they look like. I suspect that "form-URLs" are collected by spiders and they don't find these "links" as there's no href to follow. I have had one spam application during all these years. (At another site we have had two "Advertise here" pages fully open for anyone for several years. Not a single spam ad so far... No "real" link go there) Here's the how-to if you're interested: 1. Create a .css class in mytngstyle.css: /* Class for form-links */ /* These "links" open a page by sending a form instead of a http-link */ /* Add special text-styles if your links are styled */ .formlink { text-decoration: underline; cursor: pointer; color: #000066; /* Whatever your default link colour is */ } .formlink:hover { color: #660000; /* Whatever your link hover colour is */ } 2. Create a JavaScript function and a form in index.php - place it inside a html block, almost anywhere: <script type="text/JavaScript"> function openPage(page) { var f = document.getElementById('pageform'); f.action = page; f.submit(); } </script> <form id="pageform" method="post" action="#"></form> If you want these links on all pages, I think you can place the above in the footer.php file too, immediately before or after the line <hr size="1" /> 3. Create the "links" in index.php. Basic format is: <span class="formlink" onclick="openPage('XXXXX');">YYYYY</span> XXXXX: Inside the single-quotes is the name of the page/script and all necessary parameters. YYYYY: Here is the text you want for your link. As an example, this line in index.php echo "<li><a href=\"surnames.php\">{$text['mnulastnames']}</a></li>\n"; is changed into: echo "<li><span class=\"formlink\" onclick=\"openPage('surnames.php');\">{$text['mnulastnames']}</span></li>\n"; For, f.ex, a person you add parameters like this: echo "<li><span class=\"formlink\" onclick=\"openPage('getperson.php?personID=I1249&tree=tredNr2');\">{$admtext['father']}</span></li>\n"; Some clever Search-&-Replace could do it, I guess (I use a totally customized index myself). Of course you can use it on single links - like the Contact link. Just my USD 0.02 Erik EDIT PS: To remove all links from the index page is a good way to stop spiders from crawling your tree as they find no "entrance" from index.php... Edited June 12, 2018 by XerxX Added PS Quote Link to comment Share on other sites More sharing options...
XerxX Posted June 13, 2018 Report Share Posted June 13, 2018 (edited) Michael, I think that's not an easy task: There are 18 templates... But you can start, after you have saved your original index.php, by just copy-&-paste the css-class (first code-snippet) to your mytngstyle.css and the function and form (second code-snippet) to your index.php - immediately before or after the <hr size="1" /> at the bottom of the script. Then try to edit a link like I showed above (the bold parts are to be replaced): echo "<a href=\"surnames.php\">{$text['mnulastnames']}</a></li>\n"; The part <a href=\" is replaced by <span class=\"formlink\" onclick=\"openPage(' (note the singlequote at the end). The part \"> is replaced by ');\"> (note the singlequote at the beginning). And finally the part </a> is replaced by </span> Save, clear your cache and test. The colours of the link may not be the nicest. Your original colours may be found in templatestyle.css, or if not then in genstyle.css (in your [root/]css drawer). If you want the underline to appear on hover; simply move the line text-decoration: underline; to the .formlink:hover part. Good luck! Erik EDIT: Sorry! Shouldn't hi-jack this thread. Starta new one if you want to discuss what I wrote. Edited June 13, 2018 by XerxX Quote Link to comment Share on other sites More sharing options...
LJLachance Posted February 18, 2019 Report Share Posted February 18, 2019 Replying here because I'm not sure where else (other than start a new topic) would work. Same question - block IP address - but different problem. For the public area of my site, someone is going through individuals and clicking on "Suggest" and then submitting fictitious names and email addresses then using the "description of proposed changes" to list various websites. Any ideas on how to prevent someone (or some THING) from doing this is appreciated. There is no "captcha" associated with making proposed changes. I know I could limit access by requiring everyone to get a user name and password but I really don't want to do that. Thanks in advance Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted February 18, 2019 Report Share Posted February 18, 2019 2 minutes ago, LJLachance said: There is no "captcha" associated with making proposed changes. Captcha has been available in TNG since TNG v6, but until TNG v12 you needed to install one of the captcha mods. With TNG v12 you need to either use the provided Google reCaptcha by saving the keys in the correct Admin > Setup > General Settings area or install one of the other mods. Captcha in TNG is available for New User requests and for Suggestions and Contact Us. I personally use the Image Captcha mod Quote Link to comment Share on other sites More sharing options...
LJLachance Posted February 18, 2019 Report Share Posted February 18, 2019 Ken, thanks for the detail on captcha which I could install. I think if would be far better if suggestions were only allowed for registered and logged in users. Is this a possibility? There's really no need for the general public to suggest changes to anything because if they've gone that far, they must be related and might as well become a registered user??? Or, would there be a way to restrict/prohibit the use of url's in the comments area? Thoughts? Larry Quote Link to comment Share on other sites More sharing options...
stores Posted February 18, 2019 Report Share Posted February 18, 2019 Larry, Just my personal opinion and it is your site but if you prevent suggestions from the general public, and allow only suggestions from logged in users, then you might loose valuable clues... I say this because i make suggestions correcting entries in peoples trees and pointing them to the appropriate documentation all the time and while we might have common relations, they are usually not close enough for me to want to register on the respective site as it is just another password i have to remember and i usually stumble on these pages while searching for clues... Jim Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted February 19, 2019 Report Share Posted February 19, 2019 I agree with Jim. I chose to allow visitors to surf my site without a user name and over the years got value corrections and additions from others. My Roy ancestor only had one son who got married 3 times and had 19 children, 18 of which have descendants to today, since we are talking of the late 1600s and early 1700s there is no way that I know all current branches Logged in users who are granted the submitter role can enter corrections on the site which need to be approved before they are posted. I use that approach since my master database is on my laptop, so it needs to be updated with the changes made by submitters. Quote Link to comment Share on other sites More sharing options...
LJLachance Posted February 19, 2019 Report Share Posted February 19, 2019 To both Jim and Ken - I DO like the idea of having people being able to suggest changes, logged in or not. And I use Ken's method of registered users submitting changes as well but, someone is out there typing in data with urls for various sites. Of course I'm the only one getting it so it's not a tremendous issue. If they are taking the time to type these things then I believe they'd take the time to enter a captcha code as well. Then again, maybe bots are smart enough these days to fill in a name, two emails and a comment and press send... Maybe I'll just go ahead and put captcha on the suggest change dialog and see what happens. It would be nice to be able to block specific IP addresses from the site in general. Or maybe I'll just find the address and block it at the server level. Anyway, thanks for the thoughts, much appreciated. Larry Quote Link to comment Share on other sites More sharing options...
Ken Roy Posted February 19, 2019 Report Share Posted February 19, 2019 Larry, I would implement the TNG captcha and also Deny this user access using the .htaccess file Quote Link to comment Share on other sites More sharing options...
LJLachance Posted February 19, 2019 Report Share Posted February 19, 2019 Ken, Great advice as always, thanks Quote Link to comment Share on other sites More sharing options...
Lori Posted March 6, 2019 Report Share Posted March 6, 2019 On 2/18/2019 at 4:57 PM, Ken Roy said: Captcha has been available in TNG since TNG v6, but until TNG v12 you needed to install one of the captcha mods. With TNG v12 you need to either use the provided Google reCaptcha by saving the keys in the correct Admin > Setup > General Settings area or install one of the other mods. Captcha in TNG is available for New User requests and for Suggestions and Contact Us. I personally use the Image Captcha mod Thanks for the info. That mod works great. Hope it stops the spam emails. I even changed the email address and that did not even stop for one day. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.