1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

My phpBB forum receiving spam - help!

Discussion in 'phpBB' started by BRUm, Aug 5, 2011.

  1. #1
    Hi there,

    I've started up a phpBB forum and have started to receive spam from China and Latvia. It's currently a small forum with only two moderators, while spam posts average only a few per week it's starting to piss me off. They not only manage to get around phpBB default captcha but also one with my own personal questions, which leads me to think that these spammers may be taking the time to manually sign up.

    What's the best way to prevent this? I'm contemplating blocking all IPs from these two countries as experience shows me that I had few if any actual players from there (my forum relates to a browser game I created and am reviving); what would be the best method to do this? I am a competent programmer so if anyone could point me in the direction of some PHP or JS libraries that can do the job, I'd be grateful.

    Cheers.
     
    BRUm, Aug 5, 2011 IP
  2. PHPGator

    PHPGator Moderator Staff

    Messages:
    4,436
    Likes Received:
    133
    Best Answers:
    0
    Trophy Points:
    210
    #2
    Yeah, you might block them especially if you think that you probably won't ever have anything relevant. Another thing you should probably do is add a CAPTCHA to the registration process. There are several good options from the PHPBB forums that can probably help you out.

    PM me if you need help!
     
    PHPGator, Aug 5, 2011 IP
  3. BRUm

    BRUm Well-Known Member

    Messages:
    3,086
    Likes Received:
    61
    Best Answers:
    1
    Trophy Points:
    100
    #3
    Thanks for your comments. I've already tried two variations of captcha. The original obfuscated letters and my own custom question and answers - both have failed!
     
    BRUm, Aug 5, 2011 IP
  4. PHPGator

    PHPGator Moderator Staff

    Messages:
    4,436
    Likes Received:
    133
    Best Answers:
    0
    Trophy Points:
    210
    #4
    Hmmm, that's odd... it might be manual but if you are getting a ton of spam, then that's unlikely. It does sound like you need to just ban those IP's that are abusing your forum.
     
    PHPGator, Aug 5, 2011 IP
  5. petertdavis

    petertdavis Notable Member

    Messages:
    1,494
    Likes Received:
    158
    Best Answers:
    0
    Trophy Points:
    235
    #5
    Yea, captcha's not going to help, the spam bots already cracked them all.  What you have to do is customize the registration process somehow.  I'm not too fond of phpbb, personally, I think it's a spam/hack magnet, but there should be some way you can customize the registration, and if you make it custom enough it will trip up most of the spam  bots.  
     
    petertdavis, Aug 5, 2011 IP
  6. BRUm

    BRUm Well-Known Member

    Messages:
    3,086
    Likes Received:
    61
    Best Answers:
    1
    Trophy Points:
    100
    #6
    Cheers PeterDavis. I've customised the Q&A captcha somewhat. I do actually have my own captcha system I created for blog software I'm working on, so I suppose is this continues to fail I'll have to mod phpBB to use it.
     
    BRUm, Aug 6, 2011 IP
  7. ApocalypseXL

    ApocalypseXL Notable Member

    Messages:
    6,098
    Likes Received:
    101
    Best Answers:
    5
    Trophy Points:
    215
    #7
    Just block China's subnet simple as that , that cuts a lot of the spam .
     
    ApocalypseXL, Aug 6, 2011 IP
  8. BRUm

    BRUm Well-Known Member

    Messages:
    3,086
    Likes Received:
    61
    Best Answers:
    1
    Trophy Points:
    100
    #8
    How would you go about that mate?
     
    BRUm, Aug 6, 2011 IP
  9. Andre91

    Andre91 Peon

    Messages:
    197
    Likes Received:
    1
    Best Answers:
    1
    Trophy Points:
    0
    #9
    Hey OP. I've received tons of spam on my past PHPBB. I don't know why on PHPBB only, as I've also owned vBulletin and never had the problem. But as soon as I discovered I can set my own Q&A to prevent spam (which I clearly didn't realize before), that solved the problem forever and regained my trust towards PHPBB. :)

    I don't now how they're possible getting around your own custom Q&A. Are you creating question and answers such as:
    Question: What's 22+33?
    Answer: 55
    :D

    Cuz the simplicity of that is not gonna cut it when it comes to spam bots. Also, set the registration attempts to 5 or something, cuz I've created bots in the past that scrolled through an array of letters forming thousands of words in a matter of seconds to bypass Q&A spam measures on certain popular sites. If only they'd limit the registration attempts, that would have raped the the bot.

    Try to make your Q&A complex, such that the answer to a question would most like be a phrase and not a common, short-lettered word.

    Also, if you're getting tons of spam accounts, obviously someone isn't registering accounts manually per se, but if the person(s) are specifically targeting your site, they can easily check the answer to you question once in PHPBB registration page and code their bot to answer your question correctly.

    That's what I hate about PHPBB question and answer. It doesn't allow you to create multiple Q&A and have them selected randomly upon registration. Don't know if that changed or there's any plugins. That's the only thing CAPTCHA has over Q&A.

    Your best bet would be to change to change your COMPLEX Q&A regularly per day, and allow the admin to verify accounts for the while, disallow multiple accounts (several accounts from one IP), and if all fails.... yup, range ban the whole of CHina or wherever the spam originates from, although that should be the last solution IMO.

    GL raping those spammers!! :)

    Oh and to answer your question on range banning a whole country, in PHPBB, just ban the IP's using wild cards (using the * character).
    For example, if all the spam IP addresses start with 190.32.....then in PHPBB, ban the IP 190.32*.... Cuz IP's from the same area usually start with the same numbers, so any IP starting with those numbers will be banned.

    But any n00b hacker can get around that. Still worth a try.

    Put all measures together and see how things go.
     
    Last edited: Aug 8, 2011
    Andre91, Aug 8, 2011 IP
  10. Mr. BreeZy

    Mr. BreeZy Peon

    Messages:
    19
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #10
    I would try to install the MOD sortables. I have used it before and it works wonders for me. Since it takes a bit more effort to solve, it will be harder for the spam bots to get through.
     
    Mr. BreeZy, Aug 8, 2011 IP
  11. BRUm

    BRUm Well-Known Member

    Messages:
    3,086
    Likes Received:
    61
    Best Answers:
    1
    Trophy Points:
    100
    #11
    Thanks for all your comments. I've changed the Q&A captcha now and since then s'all been perfect.
     
    BRUm, Aug 9, 2011 IP
  12. Alex210

    Alex210 Well-Known Member

    Messages:
    214
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    100
    #12
    This can help. I installed the MyBB mod on a forum of mine and it dose very good what is supposed to.
     
    Alex210, Aug 10, 2011 IP