Hi,
I'm a little confused on what modules should i enable and use in CIDRAM. There are many, so if anyone can share his / her experience with all that?
In simple words pls :)
Hi,
I would start by enabling the TOR blocker module and the AbuseIPDB module and nothing else.
In AbuseIPDB module, after getting your api key, enable only in some pages and not on every page. Use the custom pages of your site (the login, the register, the lost password and the contact). You can get 5.000 lookups from their API, if you put a logo of them anywhere on your site. 5000 connections are more than enough. Also use a lower score for block, from AbuseIPDB 50 (default) to something lower, like 30 or 40.
And see how it goes, if your spam and fake accounts are minimized and check the logs to see what is blocked.
I wouldn't suggest to enable the IPv4 signatures because of many false blocks that could hurt your site.
@fulcanelli Amazing .... As soon as i enabled the TOR module, i see tones of blocked attempts for Contact pages and some for login/register.
I haven't done yet the Abuseipdb setup, i will try all that tomorrow.
Ok, enabled AbuseIPDB but i can't find in the module settings any form for the urls of login/register etc etc. Where is that setting?
Thanks
@solar Also make sure you have "{dd}-{mm}-{yyyy}.log" in logging and rotate also to something like 7-10 days.
And inspect the logs ....
Hi,
After a week and all seems good. TOR is blocked and my contact pages are getting much less spam.
As for AbuseIPDB, i still get some fake accounts creation but checking them against Abuseipdb (manually) i see no reports or 1-2 tops. This is kind of strange.