What's new
  • Due to abuse, self-registration is disabled.

    Registration is only required for posting topics or replies. To register, make a request on any of the PIVX social media or chat channels.

    NOTE: To enhance forum security, new accounts that have no posts within a 30-day period are subject to being deleted.

Due to abuse, registration is disabled.Registration is only required for posting topics or replies. To register, make a request on any of the PIVX so

Gerrald

Active Pivian
What is this? Not noticed it before? Basically cutting off forum chat. Moderate it not cut off. I would be happy to delete shit for free if it's spam when I'm on. Don't cut it off. Some people don't post they lurk.
 
Forum admins were being interrupted multiple times every single day, to clear out spam. Some of it was pretty graphic. That opens us up to legal issues. The forum app version is current, and the spammers still get past the protections.

Options are:

1. Find and migrate to a new forum app.
2. Post the notice and allow manual registrations. (We did this.)

Option 1 would be best, but that takes time, with no guarantee the result won't be worse.

Option 2 took seconds to implement, and does not restrict anyone from being able to post. They just need to request an account if they don't already have one.

I am not aware of anyone moving forward on Option 1. But maybe someone is? If not, and someone else wants to do that research, and get Community consensus on the change, that would be great.
 
What is this? Not noticed it before? Basically cutting off forum chat. Moderate it not cut off. I would be happy to delete shit for free if it's spam when I'm on. Don't cut it off. Some people don't post they lurk.
Part 1 of 2: Over 20,000 fake accounts (which have been removed) were using this and many other forums as free link farms to increase their websites SEO. Most mainstream forums must deal with this. They use specialty software (XRumer, GSA Search Engine Ranker, Money Robot, Seo Autopilot, and Seo Neo) which utilizes AI technology to create spam content, solve graphical CAPTCHAs, answer questions, and other automated tasks. They are able to register and post to forums (forum spam) with the aim of boosting search engine rankings. The program is able to bypass security techniques commonly used by many forums and blogs to deter automated spam, such as account registration, client detection, many forms of CAPTCHAs, and e-mail activation before posting.
 
Part 2 of 2: I created a simulated "Register Account" page that captures and logs user registration attempts. This monitoring system has provided valuable data over the four-month period since new registrations were disabled.

Key Metrics:
Total registration attempts: 3,719
Direct access attempts (non-referral): 600+
Automated bot attempts: 120
Unique IP addresses: 796
Successful attempts: approximately 40

Security Mechanism:
The registration process requires users to provide the current PIVX block number as a CAPTCHA verification. Successful completion of this challenge indicates sophisticated automated software capable of:
  • Real-time blockchain data retrieval
  • Automatic credential management
  • Distribution of access methods to other users utilizing the same software platform

Threat Evolution:
Initial attempts showed a zero percent success rate during the first two months. However, I have observed a trend of increasing success rates over time, suggesting continuous refinement of the attacking software. Without intervention, these automated systems will eventually achieve consistent success rates.

Broader Impact:
Regarding the previously mentioned option 1, this invasive software represents a systemic threat affecting all major forum platforms, not just our installation.

Investigation Effort:
Significant resources have been allocated to this including extensive personal time investment, solution research, custom script development, and comprehensive data logging.


Here are a few screenshots, images that show log entries are in reverse order, newest entries on top)

Fake registration page:

Screenshot_2025-07-28_09-00-28.png


Sample log entry where a user eventually succeeds, notice how many attemps and that it only took about 6 minutes to succeed:

Screenshot_2025-05-23_07-19-48.png
 
Last edited:
Wow. I suspected this type of activity was the issue, but had no clue you went to this much effort to prove it. Thank you so much for doing this.

The 'Work-around' of asking people to manually request an account be created, should dramatically lower the number of bots (for now) and give us time to adjust, with near zero impact to real people's ability to comment on the forum.

The only constant is change.
 
What is this? Not noticed it before? Basically cutting off forum chat. Moderate it not cut off. I would be happy to delete shit for free if it's spam when I'm on. Don't cut it off. Some people don't post they lurk.
No account is needed to "lurk". Everything is open for everyone to see. There is no benefit to having an account other than to actually post or reply to posts. In fact, it is my opinion that any new account that has never posted after 30 days should be deleted for forum security.
 
I'll be removing the fake registration link soon. Some (not all) things used for this experiment:

  • Forced Cloudflare CAPTCHA on every access attempt
  • Real URL location changed 25 times during the test period
  • Link to register was obfuscated with JS - the real link and redirect only revealed when button was clicked
  • Direct link to page would fail, referer must have been from "forum.pivx.org" otherwise form would not load
  • Forum cookie must be within x minutes old
  • Form was rejected if filled in to quickly (considered a bot)
  • Form would timeout if submitted too slowly
  • Form contained a "HoneyPot" field and if filled, was considered a bot
  • Repeat offenders IP adddress were blocked so logs only showed new offenders
 
Forgot to mention that the original forum registration URL is blocked by Cloudflare. Even after being blocked for 4 months there have been over 600 requests to a non-existant page in the past 24 hours.

Screenshot_2025-07-30_14-54-40.png
 
Top