Loading...
 

How to Ban many IP from fake registrations

1.1. Why this page

Since July 2012 many tiki-powered websites which allowed free registration of new users experienced a massive amount of registrations, most of which looked like fake users. In many cases, those fake users started to add spam to those tiki sites (in those cases of collaborative web sites allowing plain registered users to add content).

Therefore, the goal of this page is to serve as a quick & dirty Tutorial for others suffering from the same spam registration wave started for many of us in Summer 2012.

For extended information on how to manage the Action log or Banning features, see Action Log and Banning.

Action log feature
Action log feature
Admin Banning feature
Admin Banning feature

1.2. How to avoid getting massive spam fake registrations

Tiki9.1 allows the prevention of those massive fake registrations with the features:

  • Admin home > Login > Registration & Login > "Registration referer check" .
  • Setting up a "User tracker" linked to the Registered group, requiring nw users to fill in some mandatory fields (some checkbox, some text area, etc).


For earlier sites (Tiki6 LTS, for instance), or new but without those features enabled, there is a fairly easy way to control that amount of potential spammers getting into your site.

  1. Add "Admin home > Login > Registration & Login > Require validation by admin" , and add your email at the field provided.

1.3. How to ban ip's massively from records at the Tiki action log

  1. Go to Admin users and select to sort users by created_desc order, for instance, and a big amount of records per page like 100 ( tiki-adminusers.php?numrows=100&sort_mode=created_desc )
    1. revise whether there are valid registration requests there:
      • check that name and email have some relation. Most fake users have names that have no relationship with the email. For non English countires & sites, it's quite easy to find out the fake registration attempts since they are not using the local language nor local names, but usually English ones.
      • write down the username and date of any non-fake registration request
    2. Go to "Admin > Action log"
      • To to the "Settings" tab, and uncheck all checkboxes from the column "Reported", except "* System", and save your changes. Of course, you need to keep that line as "recorded"
    3. Go to the "Report" tab, and select your time frame, no user nor group, no category, and under the section "Misc > Search", type: created account, and click at the button "Report"
      • You will see a paginated list of records as a result. Select with the checkbox at the left of each record which ones do you want to select for banning their ip's (you can select all as a starting point with the first checkbox at teh top).
      • Once finished your selection, click at the bottom of the table where an icon of a locker is shown next to where it says: "Perform action with checked".
        You will be sent to admin banning interfcae, with the preselection of the ip's of the chosen records pre-added to the interface
    4. Once at the admin banning interface, review the default settings for the "Multiple IP banning" you can add a Custom message to the user. like: "Access from your localization was forbidden due to fake user registration". When done, click at Save


Repeat the last steps (selection of records from the action log interface) as many times as needed to have the IP from all your fake registrations banned.

Once finihsed, you can export your banning list as csv file, and import it to another Tiki site, so that you can reuse your effort to identify banning ip's.

1.4. Some real data from fake user registrations


This is a list of 800+ banned IP data exported from "Admin > banning > Export as csv" and compressed as zip file. Collected mostly from July 1st 2012 until October 13, 2012 in a local non-English semi-inactive site where it was fairly easy to identify fake user registrations from just a few good ones. Provided here by Xavi just in case this is useful to anyone else.


Do you want to share yours? Add you file here.

1.5. Improvements? Comments?

Improve this tutotial as you wish (add screenshots if you follow this steps in your tiki site to help making this tutorial more visual :-) )

And any feedback will be welcome: you can send me a message at xavi (a) tiki.org (and user "xavi" at tiki.org)

Alias names for this page


BanFakeRegistrations | Ban Fake Registrations | MultipleBanning | Multiple Banning | Ban by IP | BanByIP

doc.tiki.org

Get Started

Admin Guide User Guide

Keywords

Keywords serve as "hubs" for navigation within the Tiki documentation. They correspond to development keywords (bug reports and feature requests):

Accessibility (WAI and 508)
Accounting
Articles and Submissions
Backlinks
Banners
Batch
BigBlueButton audio/video/chat/screensharing
Blog
Bookmark
Browser Compatibility
Link Cache
Calendar
Category
Chat
Clean URLs
Comments
Communication Center
Compression (gzip)
Contacts (Address Book)
Contact us
Content Templates
Contribution
Cookie
Copyright
Credit
Custom Home and Group Home Page
Date and Time
Debugger Console
Directory of hyperlinks
Documentation link from Tiki to doc.tiki.org (Help System)
Docs
Draw
Dynamic Content
Dynamic Variable
External Authentication
FAQ
Featured links
File Gallery
Forum
Friendship Network (Community)
Gmap Google maps
Groups
Hotword
HTML Page
i18n (Multilingual, l10n)
Image Gallery
Import-Export
Install
Integrator
Interoperability
Inter-User Messages
InterTiki
Kaltura video management
Karma
Live Support
Login
Logs (system & action)
Look and Feel
Mail-in
Map with Mapserver
Menu
Meta Elements
Mobile Tiki and Voice Tiki
Module
MultiTiki
MyTiki
Newsletter
Notepad
Payment
Performance Speed / Load
Permissions
Platform independence (Linux-Apache, Windows/IIS, Mac, BSD)
Polls
Profiles
Profile Manager
Report
Toolbar
Quiz
Rating
Feeds
Score
Search engine optimization
Search
Search and Replace
Security
Semantic links
Shadowbox
Shadow Layers
Share
Shopping cart
Shoutbox
Slideshow
Smiley
Social Networks
Spam protection (Anti-bot CATPCHA)
Spellcheck
Spreadsheet
Stats
Surveys
Tags
Task
Tell a Friend, alert + Social Bookmarking
TikiTests
Theme CSS & Smarty
Tiki Manager
Trackers
Transitions
User Administration including registration and banning
User Files
User Menu
Watch
WebDAV
Webmail
Web Services
Wiki History, page rename, etc
Wiki Syntax
Wiki structure (book and table of content)
Workspace
WSOD
WYSIWYCA
WYSIWYG
XMLRPC

Tiki Newsletter

Delivered fresh to your email inbox!
Newsletter subscribe icon
Don't miss major announcements and other news!
Contribute to Tiki