Faucet Abuse

[Focus9]

Hi luxe, Is it possible for you to modify the faucet code so that it will only send to an account that has never had a transaction and also limit by IP?

[Focus9]

One more thing, possibly a cool down period of 1 minute before the faucet can send out again, that way bots can be thwarted a bit as well?

[de-luxe]

@Focus9 automated creating new accounts is no big deal, so i do not think sending out only to new accounts will solve abuse better than it is now. You can set faucet, that one account can only claim once.
burstcoin.faucet.maxClaimsPerAccount=1
IP protection is already in place.

Bots can not claim at all ... how would they solve the recapcha?!

There are many things that could be done to restrict faucets even more, like evercookies ... but the best protection from my point of view, is the setting i mentioned above. Maybe in combination with:
burstcoin.faucet.claimAmount=1

[Focus9]

Here is another one. I hope you can incorporate this. I have noticed that they bot the faucet with new accounts. The other faucet software which was around a while ago blocked the tor network. Is it possible you can do the same?

https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1 to find out the TOR exit nodes to your server and then we can block those IPs from accessing?

[de-luxe]

@Focus9 Having a ip blacklist is surely a good idea, i would rather block goverment ips than tor exit nodes ... buts thats up to the maintainer than :-) Meanwhile you can use peerblock or other 3rd party software to prevent ips or ip-ranges to access your faucet.

[eljoj]

Hi Luxe
I am very interested to use your script : it works in my computer, but i don't understand how i could transfer it on a web host. Does a php burst coin faucet script using for instance a API exist?

[de-luxe]

@eljoj does not work with php, sry ...