Joomla 5 Notice

We are pleased to announce that as of January 29, 2024, all of our Joomla extensions are compatible with Joomla 5.

For all who are still updateing from Joomla 3 to Joomla 4: Joomla 4 Migration instructions are available here:

There is now a separate Documentation for Visforms for Joomla 4 and for Visforms for Joomla 5!

Forum

Visforms Subscription user can ask questions in our forum. Please log in with the relevant user first.
Everybody can access the forum for reading.

Please only ask 1 question per topic.

Important information for almost every question:
V1: Which Visforms version is running?
V2: Which Joomla version is running?
V3: Which PHP version is running?

Just to say hello to the Admin

More
11 years 6 months ago - 11 years 6 months ago #123 by fuzmic
Just to say hello to the Admin was created by fuzmic
THANK YOU for your plug-in. I install v 1.1.9 in Joomla 2.5.7 and it just caught a rouge appearing in my MySQL. Great.

I have actually unpublished Kunena because of the jump in number of unrelated users. But they still came in until you came to my rescue. Aicha. Should i now publish kunena with your spambotCheck.

It will be great if you can give us an idea what happen when the rouge register; questions 1) do they physical register in the website ie type in their email address & do the recaptcha checking.
2) since my joomla require them to activate the account, do they actually do that from the email they enter, if so the email must be genuine
3) do they then log in to do what they want to do.

OR x) do they do this without physically at the site. I ask question x because can they just spam without being going through steps 1 to 3

By the way should i also use the R-Antispam with yours. Cheers!
Last edit: 11 years 6 months ago by fuzmic.

More
11 years 6 months ago #124 by Administrator AV
Replied by Administrator AV on topic Aw: Just to say hello to the Admin
Hi Mike,

the word "rouge" is a bit strange to me, never heard it before. I assume this is a registered user who acts as a spammer to your site, right?

Well I think it is possible to go through the whole registration process using really good spambots (not physically by a real person) and genuine e-mail adresses (which may change often enough). I'm not an expert about those technologie but I know there are many tools and tricks, so I think it is possible but only with a great effort and good resources. The better defined the target (a specific programm you know well, etc.), the easier it would be to develop and maintain such bots.

Nevertheless I think sooner or later those e-mail adresses and even more important the IP's of those bot are listed in the databases plugin spambotcheck relies on. Your spammer should therefore be prevented from login after a short while even if it was able to register in the first place.

Certainly there might also be the x) way, if somebody finds a breech in your website, but I think that is not very problable. In that case plugin Spambotcheck can do nothing.

Plugin SpambotCheck is all about login and registration. If you allow only registered and logged in users to post in your forum and enable the plugin for IP and e-mail (use ProjectHoneyPot.org and the other IP-related spambot databases as well) and it's not the x) way the plugin should reduce spamusers significantly. I would publish the forum again and give it a close look.

R-Antispam works in a totally different way for it examines the content of posts etc. I think those both plugins complement each other and if your are really in trouble with spam on your forum I would try to use both together.

Regards,
Aicha

:idea: I recommend you the new and up-to-date documentation for Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/en/docs/
Most of this also applies retrospectively to Joomla 3.
Please only ask 1 question per topic :-).

:idea: Ich empfehle Dir die neue und aktuelle Dokumentation für Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/docs/
Das meiste gilt rückwirkend auch für Joomla 3.
Bitte immer nur 1 Frage pro Thema stellen :-).

More
11 years 6 months ago - 11 years 6 months ago #125 by fuzmic
Replied by fuzmic on topic Re:Aw: Just to say hello to the Admin
Friend you are too king about the word rouge, what i meant was rogue or rascal. I always think something and type something else. :blush: to the level of red rouge.

For your info the latest i found was in the user registration in my inherited first cut website, it did not use ReCapta. In fact once i use in the last 24 hours, the spam registration did not even appear in your spam_attempt table; probably because they are from bots. For those who are already registered, they were blocked by StopForumSpam via yr plugin. Actually the huge number of rogue came is at the point of registration and not because of the forum; for which i believe R_Antispam have a role to play.

For my education on security issues, how do you communicate with StopForumSpam to do the job. In Kunena there is are Key involved in the configuration and because of my lack of knowledge, i cannot proceed and end up meeting you.

Currently i am looking at my htaccess and reading related articles on it to improve the security before i republished the forum. For this i am thinking of using RewriteCond. 2 questions here; of the two ways htaccess & your SpamBotCheck
1) which will act first (if pass the recapta)?
2) which will be more effective?

Look forward to your enlightenment. Aicha means what, i have heard it from my Indian friends before. I have place your ViSolutions in my website credit.
Kind Regards.
Last edit: 11 years 6 months ago by fuzmic.

More
11 years 6 months ago #126 by Administrator AV
Replied by Administrator AV on topic Aw: Re:Aw: Just to say hello to the Admin
Hi,

StopForumSpam provides developers with an API. The plugin uses that API sending a request and analysing the response.

If you have enabled "check login and registration" and "log spammer to db" every spammer, that is listed in one of the databases you enabled to check against (like stopforumspam), is prevented from the respective activity regardsless of if it is a bot or not.

If rogue is not found it is either not (yet) listed in the spamdatabase or it slips through because of the plugin settings you choose (for example not using IP checking databases).

About your questions. htaccess acts allways first. I'm not that familiar with htaccess to know every trick but I think it is difficult to stop rogues with rewriteCond in htaccess. But I may be wrong about that. I hope you find a way to further improve the security of your site.

Good Luck,
Aicha

:idea: I recommend you the new and up-to-date documentation for Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/en/docs/
Most of this also applies retrospectively to Joomla 3.
Please only ask 1 question per topic :-).

:idea: Ich empfehle Dir die neue und aktuelle Dokumentation für Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/docs/
Das meiste gilt rückwirkend auch für Joomla 3.
Bitte immer nur 1 Frage pro Thema stellen :-).

More
11 years 6 months ago #127 by fuzmic
It feel so good to read your response with all the sincere in-depth sharing in this complex and exponentially entropic explosive world. Bye till we meet again. Fond Regards.

Moderators: Administrator AVAdministrator IV
Powered by Kunena Forum