I am not to savvy on the exact bot methods for registering accounts on website, and I have implemented an image verification system on a phpbb website once that would send the admins emails of unsuccessful attempts at bots/users that would attempt at deciphering an image, and get several letters/numbers wrong. I am wondering what rock-solid image verification mods can be installed in nuke in replacement of its standard image verification tool, to try and step away from the default method, as I am sure that tool has been cracked by serious bots now a days. Are there any mods to replace the standard system set in place for PHPNuke v7.9?
On the same note, talking about bots, I have a question as far as NukeSentinel's capabilities. From what I have experienced, bots are using some sort of anonymizer that will produce a random IP at the website to attempt to bot it. With every IP, there is a matching country that it is originating from, and anonymized IP's will present a false country. With NukeSentinel, if I am not too interested in drawing legitimate viewers from say.... the middle east, say I did a blanket ban for all the middle eastern nations known IPs, in turn, would the random IPs, from bots, that just so happened to match up to a middle eastern country at the time be banned by this blanket ban that NukeSentinel has enforced? Am I even in the ball park with my thinking?
I am trying to investigate and gauge the nationality of my viewers on my website so that I can figure out which countries NOT to ban with NukeSentinel's IP2country feature. If I do not care to draw visitors from several countries that primarily do not speak English, would I be safer from the random IPs bots generate by just banning the minor countries that I do not have visitors from? Or am I just completely misunderstanding everything? Thanks for the support in this!
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12482
Posted:
Wed May 30, 2007 5:27 am
RavenNuke does replace the default phpNuke veritication with a better CAPCHTA.
Hackers will use proxies, as well as a army of bots. Feel free to block any countries that you want - just remember to keep Sentinel's IP2Country data updated.
Strange, I wiped the site clean and installed NukeRaven, but I am not sure of how to activate the CAPCHTA on the website... I set the value to "6" in the config file, but I am not exactly sure on how to activate the image verification past that. Would someone be so kind as to correct my misdoings?
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12482
Posted:
Thu May 31, 2007 5:56 am
What version are you using? The latest RavenNuke should have it on if you've enabled it in config.php
Can we see on your site where this is occuring?
Come to find out, it was the fact that the PHP configuration provided by my hosting company had the GD extensions turned off, and so it would never even display an option for the security code, despite the fact that I had it configured to in my config.php file. So now my questions are: I switched back to v7.9 (no RavenNuke), and I would like to increase the security of it. From what I have read, the CAPTCHA code for the standard PHPNuke isn't the strongest, are there any mods known to help with modifying the standard Security Code to make it stronger? Also, obviously the PHP configuration information is stored to the php.ini file. Where is this file stored in relation to my FTP access for the webdomain? Is it normally stored in the root directory, because I don't see it. I will be working on a different domain that unfortunately doesn't have any sort of Cpanel that I know of, and in this case, how I won't be able to easily configure the php.ini file, I would like to know where it can be located on the web domain so I can configure the GD extension in case it is not enabled. Thanks again!
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12482
Posted:
Fri Jun 01, 2007 9:16 am
There are no current mods for phpNuke that I have seen.
php.ini is a server configuration file - it is generally not accessible through your FTP account. You will have to ask your host about it
So correct me if I am wrong, but in my situation, where I am moving the (PHPNuke) website over to a pre-existing website that only has phpBB, it already has the CAPTCHA code enabled and working, which means that the php.ini file has GD extensions enabled, when I reconstruct the site with PHPNuke, CAPTCHA coding should be enabled, therefor the security code on the newly constructed PHPNuke site should work... correct?
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12482
Posted:
Fri Jun 01, 2007 4:16 pm
If phpBB uses the GD library, yes I would guess so.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
