Detecting XRumer

[SykkBoy]

Our dating site has been getting hit pretty hard with profiles created by XRumer. I wouldn't care so much if they weren't so shitty ;-)

Is there a way to detect XRumer? I'd like to be able to autoblock as soon as we start seeing the profiles come in.

[Ferus]

Like most will say

Quote:

Take the time to create 15-20 Q/A and change them when the flood starts again.

No point in investing $XXXX, in a golden solution sold by security-pushers

[SykkBoy]

It looks like that's the way we'll be going, I was just hoping someone might have a decent blocking solution or detection solution so we can write our own blocker.

[klinton]

check out stopforumspam.org for latest XR IPs and used emails...

as someone above posted, the only efficient and smart way is to post a some specific questions and answers...and change/ modify them from time to time

[Klen]

Ferus suggestion sound quite fine to me,questions which can be answered by human only usually do the trick

[RazorSharpe]

Quote:

Originally Posted by SykkBoy

Our dating site has been getting hit pretty hard with profiles created by XRumer. I wouldn't care so much if they weren't so shitty ;-)

Is there a way to detect XRumer? I'd like to be able to autoblock as soon as we start seeing the profiles come in.

The solution we use (not a dating site):

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

[sarettah]

Quote:

Originally Posted by RazorSharpe

The solution we use (not a dating site):

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

That is quite a nice solution. Simple. Wish I had thought of that


.

[_Richard_]

Quote:

Originally Posted by RazorSharpe

The solution we use (not a dating site):

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

[HerPimp]

Captcha does not work, for a penny people will type it out. Only use Q/A and get creative.

[AmeliaG]

Quote:

Originally Posted by RazorSharpe

The solution we use (not a dating site):

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

Ooh, that is a nice elegant solution!

[SDSimon]

Quote:

Originally Posted by SykkBoy

Our dating site has been getting hit pretty hard with profiles created by XRumer. I wouldn't care so much if they weren't so shitty ;-)

Is there a way to detect XRumer? I'd like to be able to autoblock as soon as we start seeing the profiles come in.

Hi SykkBoy.
Would HTaccess work here?

>>>Winners WIN because they NEVER GIVE UP!<<<

[freecartoonporn]

Quote:

Originally Posted by RazorSharpe

The solution we use (not a dating site):

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

this

we used to do hidden field technique but very simple way.
create a hidden field name it email and check serverside.
if filled then its bot else human.

but yours looks pretty interesting., theres one downside i can think of , is that , people have to retype email at every visit.

another way use javascript to hide field

[RazorSharpe]

Quote:

Originally Posted by freecartoonporn

this

we used to do hidden field technique but very simple way.
create a hidden field name it email and check serverside.
if filled then its bot else human.

but yours looks pretty interesting., theres one downside i can think of , is that , people have to retype email at every visit.

another way use javascript to hide field

Well considering that this is a registration form, the user should essentially only be filling this form in once so "every visit" shouldn't really be an issue.

[just a punk]

Quote:

Originally Posted by RazorSharpe

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly.

Yep. I'm using the similar method on my sites since 2003. BTW, another good solution is to encrypt your signup form with JavaScript. It will stop 99% of spamboats that automatically searching for forms at your webpages.

[just a punk]

Also you can generate a special token (using the visitor's IP for example) and set it as a cookie when your registration form was visited. Then just check it when the form will be submitted. I was using this method long time ago to protect against so-called referrer spoofing. AFAIK this method is still being used by many high-trafficking websites like Pinterest.

Edit: Course ANY protection can be compromised but not by XRumer or regular spambots. The one will need to create a special software to bypass your protection. For example, this my WP plugin allows to automatically pin the post images to various pinboards including pinterest.com, sex.com and many others: http://www.cyberseo.net/xpinner/

[freecartoonporn]

Quote:

Originally Posted by CyberSEO

Yep. I'm using the similar method on my sites since 2003. BTW, another good solution is to encrypt your signup form with JavaScript. It will stop 99% of spamboats that automatically searching for forms at your webpages.

wont this stop ppl from joining if their javascript is disabled ?

[just a punk]

Quote:

Originally Posted by freecartoonporn

wont this stop ppl from joining if their javascript is disabled ?

Almost all sites now require JavaScript, so I don't see a problem with that. Even this board won't work as it should w/o JavaScript. Not even mention all these new responsive sites.

[SykkBoy]

Quote:

Originally Posted by RazorSharpe

The solution we use (not a dating site):

We create a hidden field named "email" and we generate the field name for the real email address on-the-fly. Most automated softwares will fill in the hidden field and won't know how to handle the real email field. The beauty of changing the field name per page load makes sure people can't just manually update their software. We use a combination of hash and time stamp. Works well for us ...

I like this, thanks

Also, going to test out the Q/A
captchas are pretty much useless and will just piss of actual users (although they're probably used to them by now)

we're also working with dynamic membera area/login pages.

[Klen]

Quote:

Originally Posted by SykkBoy

I like this, thanks

Also, going to test out the Q/A
captchas are pretty much useless and will just piss of actual users (although they're probably used to them by now)

we're also working with dynamic membera area/login pages.

Yeah i get pissed every time when i see monstrosity known as re-captcha.