Page 1 of 2 1 2 LastLast
Results 1 to 10 of 12

Thread: Rename register.php by BOP5

    1. Rename register.php by BOP5 Details »»

      Rename register.php by BOP5

      Version: 1.1.5, by (Administrator) BirdOPrey5 is offline
      Developer Last Online: Mar 2019 Show Printable Version Email this Page
      Category: VB3 & VB4
      vB Version: 3.x & 4.x Rating:  (2 votes - 5.00 average) Installs: 5
      Released: 05-04-2013 Last Update: 05-10-2013 Downloads: 52
      Not Supported Uses Plugins Code Changes

      It's great when you stop spam bots during registration but this mod gives you a chance to stop them BEFORE they even attempt to register.

      I have received multiple reports from people who say their "register.php" was getting hammered with spam requests- so much so it was like a denial of service attack. Even if they disabled registration they would waste so much resources their site was slow or worse- had to be taken offline.

      What this mod does is allow you to rename the register.php file- my theory is many of the vBulletin spamming bots are hard coded to look for register.php. Using a unique name will throw them off, at least for a while.

      To manually change the name of register.php would have meant dozens, maybe hundreds of manual edits to files and templates previously.

      This mod makes it as simple as possible. At worst you will need to edit 2 phrases and 1 file, and some people don't need to edit anything at all.

      Compatible with VB 3.8.x (and 3.7, and 3.6 probably too) and all VB 4.x.x versions.

      Basic Instructions
      1) Import XML File
      2) Go to mod settings in Admin CP
      3) Rename your register.php file via FTP or some other means- make it a unique value but only use basic letters, numbers, underscores, or hyphens. Something like "joeregister999.php"
      4) In the mod settings, set the value of register.php to the new file name you chose.
      5) If you require email verification during registration follow the next setting in the Admin CP and edit the phrases listed (activateaccount and activateaccount_chnage phrases in Email Body)
      6) Finally, if you use Facebook Connect on your forum make the manual file edit of class_bootstrap.php as instructed.

      Now enjoy your new filename for register.php, I hope it reduces server load and spam in general.

      Donations Always Appreciated

      Download Now


      Screenshots

      bop5_rr_settings.jpg  


      Show Your Support

      • If you like this modification support the author by donating.
      • This modification may not be copied, reproduced or published elsewhere without author's permission.
  1. #2
    Junior Member
    Join Date
    Apr 2013
    Location
    A, A
    Posts
    3
    Version
    1.1.5
    good good

  2. #3
    Updated - New Version 1.1.0 - Added plugin to fix Who's Online display for people registering.
    -Joe

  3. #4
    Updated to 1.1.5 - Fixes Admin CP bug when re-sending email activation codes.
    -Joe

  4. #5

  5. #6
    Sometimes the simplest ideas are the most effective. I like this solution, thanks BOP5!

  6. #7
    What a coincidense... I have been thinking about doing this to stop xRumer and told myself, today is the day... I was about to start programing this when I stumbled across your product.

    Yours definitely works but, I'm still seeing the bots trying, even using the renamed register.php. They were hitting it within 2 minutes of me making the name change.

    I'm thinking that the bot is probably scanning the homepage looking for the actual link to register, searching for vbphrase['register'] in the navbar. So I changed navbar and hard-coded "Sign UP".

    I'll know in the morning if this helps.
    Last edited by PATTYCAKE; 01-10-2014 at 09:15 PM.

  7. #8
    Well, it's been almost 4 hours, and not a single BOT attempt... when I was getting about 10 per hour attempts after the rename of register.php (about the same as before the rename).

    I usually get a couple of dozen through the night so, if there are none in the morning, I'd have to say that changing the name of register.php AND,changing the "display" name of the link in navbar has done the job.

    btw: I have been using IS BOT for over a year, and the bad guys might try to get in, but not a single one has ever made it past IS BOT. The changing of the name register.php is just another added level of protection.. anything and everything reduce their bandwidth usage

  8. #9
    Well... that didn't work - I had 20 bots this morning get past the rename of register.php and the hard coding of the display name to SignIn

    Back to the drawing board

  9. #10
    Now we are getting somewhere... changing the name of the register.php will not help in the slightest. How do I know? I ran a copy of xrummer myself on my own forum and saw that he reads the html of the site to get the actual registration program.

    I'll know more in a bit... I'm running the program now with a sniffer and will be able to see exactlt what he is sending, and receiving.

Similar Threads

  1. install.php - The missing config.php configuration builder/editor for vBulletin!
    By BirdOPrey5 in forum Free vBulletin Mods (3.x and 4.x)
    Replies: 5
    Last Post: 01-09-2016, 01:25 PM
  2. PHP Code Test
    By BirdOPrey5 in forum Testing
    Replies: 1
    Last Post: 04-15-2013, 09:51 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •