https://proxy2.de/forum/posts/list/5.php JForum - http://www.jforum.net Can someone help me plz,i am getting between 80 and 100 messages a day on my guestbook,i am using AdvancedGuestBook 2.3.3 version.
I have tried to block ip address but there are too many but some of them are like [code]Host: localhost [/code]
Thanks in Advance]]> https://proxy2.de/forum/posts/preList/5087/18369.php https://proxy2.de/forum/posts/preList/5087/18369.php GMT https://proxy2.de/forum/posts/preList/5087/18370.php https://proxy2.de/forum/posts/preList/5087/18370.php GMT
I'm sorry, I've searced for the first thread in this forum, but I really couldn't find it. Where can I find it? I have the same problem as zaki and I really want to solve it.....]]> https://proxy2.de/forum/posts/preList/5087/18619.php https://proxy2.de/forum/posts/preList/5087/18619.php GMT http://www.freerelationshipadvice.com/downloads/guestbook27.zip]]> https://proxy2.de/forum/posts/preList/5087/18658.php https://proxy2.de/forum/posts/preList/5087/18658.php GMT https://proxy2.de/forum/posts/preList/5087/18659.php https://proxy2.de/forum/posts/preList/5087/18659.php GMT - Distinguishing between real and fake IP
- enforced delay for posting
- protection against fake of significant form data (such as form load timestamp)
- 2 level human verification: User must enter a value shown in an randomly chosen image at display time. Plus optional approval mode (Guestbook Administrator must approve new incoming messages). All these options (and many more) can be turned off and on at any time through the Administration panel

Additional convenience feature for the Administrator:
- necessary database upgrades are automatically discovered upon upload of a new version (no matter which version you are on currently)
- /admin/config.inc.php no longer needs to be saved away and restored

Full list of features: http://www.freerelationshipadvice.com/guestbook/whatsnew.txt]]> https://proxy2.de/forum/posts/preList/5087/18660.php https://proxy2.de/forum/posts/preList/5087/18660.php GMT
Any spammer who is actually going to go to the bother of spoofing the [b]HTTP_X_FORWARDED_FOR[/b] header is not going to be stopped by IP banning. As you have now implemented you need to stop the spam from getting posted in the first place otherwise you will end up having to go in and delete the spam entries that get made before your auto ban kicks in.

Advanced Guestbook has come with a required field/time limit since version 2.3.3.]]> https://proxy2.de/forum/posts/preList/5087/18661.php https://proxy2.de/forum/posts/preList/5087/18661.php GMT
As the validation value is a mandatory field, spam posted by bots will be rejected. As an additional security feature, a validation mode is in place (as mentioned before), so that new posts will not show up unless they're authorized. Since the introduction of the user validation field, my spam rate dropped by 100% !!

Your comment re non-banning of spammers using the [b]HTTP_X_FORWARDED_FOR[/b] header is not quite correct. In my version, users are banned based on their real IP address ($_SERVER['REMOTE_ADDR']) while the HTTP_X_FORWARDED_FOR address is kept in a separate variable. If acceptance of faked IP addresses is disabled (default), any difference between an existing HTTP_X_FORWARDED_FOR address and the real IP address will be rejected.]]> https://proxy2.de/forum/posts/preList/5087/18663.php https://proxy2.de/forum/posts/preList/5087/18663.php GMT - Distinguishing between real and fake IP
- enforced delay for posting
- protection against fake of significant form data (such as form load timestamp)
- 2 level human verification: User must enter a value shown in an randomly chosen image at display time. Plus optional approval mode (Guestbook Administrator must approve new incoming messages). All these options (and many more) can be turned off and on at any time through the Administration panel

Additional convenience feature for the Administrator:
- necessary database upgrades are automatically discovered upon upload of a new version (no matter which version you are on currently)
- /admin/config.inc.php no longer needs to be saved away and restored

Full list of features: http://www.freerelationshipadvice.com/guestbook/whatsnew.txt[/quote]


Hi there i'm trying to install this version & i'm running in some problems at this page mydomien/guestbook/install.php :


Warning: main(/admin/ctl.inc.php): failed to open stream: No such file or directory in /home/sites/webhosting/jufkrista/jufkrista/www/guestbook/install.php on line 3

Warning: main(): Failed opening '/admin/ctl.inc.php' for inclusion (include_path='.:/usr/lib/php:/home/sites/webhosting/uvmb/uvmb/phpincludes:/home/sites/webhosting/vbp/vbp/phpincludes') in /home/sites/webhosting/jufkrista/jufkrista/www/guestbook/install.php on line 3


I'm installing from scratch.


Please help.. i really need a better version installed on my system.. too much spam.]]> https://proxy2.de/forum/posts/preList/5087/18688.php https://proxy2.de/forum/posts/preList/5087/18688.php GMT
In file install.php, replace the 2nd line to read as follows:

include_once "./admin/ctl.inc.php";

Then it should work. Please give feedback.]]> https://proxy2.de/forum/posts/preList/5087/18689.php https://proxy2.de/forum/posts/preList/5087/18689.php GMT http://lazarus.carbonize.co.uk

Looks better & is up to date ]]> https://proxy2.de/forum/posts/preList/5087/18690.php https://proxy2.de/forum/posts/preList/5087/18690.php GMT
The big break-through occurred with version 2.6 in which I added a 2 level human verification (by user and / or admin). From that time forward, the spam rate dropped to 0%.

Other than in Lazarus, the human verfication value in version 2.6 / 2.7 is not a static per site value; it is randomly chosen from a range of 255 values at display time. Also, the antibot value is not parsable by spammers, because it's displayed as a graphical image.

In version 2.7, I further added automated delta-checks for the database-structure. Any missing fields and/or tables will be added automatically, whereas existing columns and tables are NOT removed.

New in version 2.7.3:
- Language-safe: If a new value was not translated into the Advanced Guestbook target language, the English value will be displayed, along with the keyname between brackets. This helps the administrator to identify missing entries in their language file

- Graphic files for antibot values no longer contain surrounding text ("Please enter value..."). This text may now be configured via the language file

Get the latest version at http://www.freerelationshipadvice.com/downloads/guestbook27.zip]]> https://proxy2.de/forum/posts/preList/5087/18849.php https://proxy2.de/forum/posts/preList/5087/18849.php GMT i have 3 sites runing LAZARUS & have less costumers contacting me everyday ]]> https://proxy2.de/forum/posts/preList/5087/18850.php https://proxy2.de/forum/posts/preList/5087/18850.php GMT
[code]CODE REMOVED BY CARBONIZE[/code]

- It gets the entry form
- then it grabs the special value by parsing the source code and enters it into the bottest field
- then it waits for 30 seconds before it posts it to the forum

This is where the advantage of a picture display over a parsable text display shows up.]]> https://proxy2.de/forum/posts/preList/5087/19611.php https://proxy2.de/forum/posts/preList/5087/19611.php GMT Also given that the question/answer can be anything
you have to visit the site to know what to parse.

I am flattered you went to such lengths to make
a script to spam my guestbook. Note I say MY guestbook
as your script will only spam my copy of Lazarus and
therefore is pointless.]]> https://proxy2.de/forum/posts/preList/5087/19612.php https://proxy2.de/forum/posts/preList/5087/19612.php GMT
the point was to prove that Lazarus boards CAN BE spammed, which you now have admitted.]]> https://proxy2.de/forum/posts/preList/5087/19614.php https://proxy2.de/forum/posts/preList/5087/19614.php GMT
the point was to prove that Lazarus boards CAN BE spammed, which you now have admitted.]]> https://proxy2.de/forum/posts/preList/5087/19615.php https://proxy2.de/forum/posts/preList/5087/19615.php GMT
You cannot make a universal Lazarus spamming script as the anti bot question on every site will be different. Some may contain the answer in the question and some wont. Not all of them are in English for a start. The only way you could make a script to spam multiple Lazarus sites is to actually visit the site and manually put the answer into the script.

Oh and do you really think I'm stupid enough to have left the useragent exploit in place? Who do you think it was reported the exploit in the first place?]]> https://proxy2.de/forum/posts/preList/5087/19616.php https://proxy2.de/forum/posts/preList/5087/19616.php GMT https://proxy2.de/forum/posts/preList/5087/19617.php https://proxy2.de/forum/posts/preList/5087/19617.php GMT
http://www.google.com/search?hl=en&lr=&q=%22class-first-travel.50webs.com%22]]> https://proxy2.de/forum/posts/preList/5087/19618.php https://proxy2.de/forum/posts/preList/5087/19618.php GMT https://proxy2.de/forum/posts/preList/5087/19627.php https://proxy2.de/forum/posts/preList/5087/19627.php GMT https://proxy2.de/forum/posts/preList/5087/19631.php https://proxy2.de/forum/posts/preList/5087/19631.php GMT