Hi all, I am having problems keeping my phpbb forum clean. Somehow spammers have found my little place on the web and leave their erection problems and all the other "good" stuff on my forum. How can prevent this and fix this??? regards btw this is my little forum
I can recommend spamark (http://www.stud.uni-karlsruhe.de/~uxhz/spamark/). This has saved my lots of time and I can even allow guests to post to my forum and 99,9% of the spam is filtered once you've trained it. It works like email based spam filters.
Have you switched on the image verification for user sign up? Does anyone else know if there are any other config settings that can help prevent spam on phpBB? Rgds
@accel, yep I have done that. But I didn't have http://www.marshalrusty.com/phpBB/spam/activation.gif turned on. I am in the midst of http://www.phpbb.com/phpBB/viewtopic.php?t=427852 tx to albemarle24 for the link. I just don't know/decided which mod to use. I have also installed Admin Toolkit and it does delete the users, but it sets their posts to deleted. How can I delete these posts called DELETED all at once????
123 Let's see how this works out for each of us. I have visual confirmation and admin approval on and spammers still get in by using a script that bypasses the normal process and writes directly to the database. All they can do is create a profile, not post, but its still a major problem. I too am in the process of installing one of those mods. I will try to update as progress is made.
Thanks to albemarle24 for posting that link to the Preventing SPAM - Bots and Humans thread at phpbb.com. Ideally, phpbb would have made that thread sticky, but they didn't...
LOL, I just noticed the list of thread links at the bottom of this thread: Drawing Site (Similar to Draw a Pig) Draw a pig type site wanted Advice for farm on sale blog Another example of DMOZ pig-headedness im a pig
Add a hidden field, this will stop many bots. Open up your profile_add_body.tpl and add the following on line 3 (just below the <form> command): <input type="hidden" name="mysecretvariable" value="1"> Next, open up includes/usercp_register.php and find this bit around line 255: $passwd_sql = ''; if ( $mode == 'editprofile' ) { if ( $user_id != $userdata['user_id'] ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Wrong_Profile']; } } else if ( $mode == 'register' ) { Just below that, add these lines: //First, weed out any remote register scripts. Easily identifyable since they have no mysecretvariable set if( !isset($_POST['mysecretvariable']) ) { message_die(GENERAL_ERROR, 'Die, you F__king spammer '); } You should replace 'mysecretvariable' with your own variable name.
@albemarle, I too visual confirmation on with user approval and I have toolkit to delete all bots at once. But as you pointed out spambots can directly access our db. I am going to try napaspa suggestion.(tx for the little mod) btw: Still haven't decided which other mod is usefull for my forum.
I tried so many things to stop spam its a pain in the a$$, I ended up switching to myBB to solve the problem. Hope you get it sorted.