phpbb spamming hitting my loose nerves!! HELP!!

Discussion in 'vBulletin' started by blogster, Apr 26, 2007.

  1. #1
    hey guys,

    my phpbb board has been attacked severly by spam bots in past 1 week.Earlier i had disabled activation of accounts thru emails.But since the spammign started i have enabled email activation still no joy.The verification code on registrations is already enabled.Spam Bots are replying and creating new topics in all sections.There are many mods available.But i want sum experienced phpbb admins to reffer me a mod THAT REALLY WORKS!.
    This is very very urgent my board users are goin crazy there's spam alll over HELPPP PLZZ!!!

    :( :( :( :(
     
    blogster, Apr 26, 2007 IP
  2. 1EightT

    1EightT Guest

    Messages:
    2,646
    Likes Received:
    71
    Best Answers:
    0
    Trophy Points:
    0
    #2
    The software that is spamming you is called xrumer. It's created by some guys in russia and it drives me crazy as well. I build black hat software, but would never consider spamming public forums and other places that are in such plain view.

    As far as what you can do about it, very little at this point. I've seen ban lists full of e-mail addresses. This helps cut back on them registering since most use free e-mail services. You've already seen how ineffective captcha's are. If you require activation to post the software will actually go in and activate the account. I was lucky since they were only spamming a single news forum on my site. I just enabled moderation on that forum so no posts are posted unless approved by me first. It's not a solution, but it keeps it out of my forum members view.
     
    1EightT, Apr 26, 2007 IP
  3. blogster

    blogster Peon

    Messages:
    290
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #3
    oh man..i can't put the posts on moderation for 2 reasons..Firstly i don't have time to moderate posts eveyrday...Secondly the members wont like it....This bot spams ADULT links all over the board.I'm tired of banning them manually cuz they wont stop! my banlist is filled as u mentioned.i am goiz crazy deleting the spam posts and replies.If you wana have a look at the spam posts here's my url

    http://www.chillnrock.com/

    just go to ANY section u will see alot of Adult spamming posts.... :(
     
    blogster, Apr 26, 2007 IP
  4. 0lgi

    0lgi Notable Member

    Messages:
    2,743
    Likes Received:
    131
    Best Answers:
    0
    Trophy Points:
    220
    #4
    Thats happening to me to , the best solution would be you manually activate new members !

    In that way im not sure whether they will join or not !

    Olgi
     
    0lgi, Apr 26, 2007 IP
  5. blogster

    blogster Peon

    Messages:
    290
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #5
    i can't do that man....members will run aways and again time is the biggest constraint for me.

    i hav just installed this mod called "The Humanizer". It adds a questions on the registrationf orm asking R U HUMAN? ...will this work???
     
    blogster, Apr 26, 2007 IP
  6. dalster44

    dalster44 Active Member

    Messages:
    722
    Likes Received:
    18
    Best Answers:
    0
    Trophy Points:
    60
    #6
    That is exactly what I have done but it is a pain, but at the same time keeps your board clear of spam.
     
    dalster44, Apr 26, 2007 IP
  7. ruby

    ruby Well-Known Member

    Messages:
    1,854
    Likes Received:
    40
    Best Answers:
    1
    Trophy Points:
    125
    #7
    I have had similar experiences with my phpBB forums, and I run 3 of them. On one of them I made account activation up to admin, the other two are still activated by email so spam bots ave a field day.

    My question is how are they getting past the captcha??? Are they actually figuring out the combination or are they bypassing it? Surely it must be a bypass or any captcha out there is vulnerable to an attack.
     
    ruby, Apr 27, 2007 IP
  8. 1EightT

    1EightT Guest

    Messages:
    2,646
    Likes Received:
    71
    Best Answers:
    0
    Trophy Points:
    0
    #8
    CAPTCHA's aren't that difficult to read with a decent php script. People think they are the answer to security, but there are several scripts out there to read and break them.

    I found a solution for my vbulletin forums yesterday that seems to work. Someone made a mod that looks for certain key phrases in posts and puts them in moderation if it finds them. You can add new phrases as spammers hit your site. So far today it has caught all new spam messages on my largest forums.

    I would look for something similar for phpbb or suggest it if no one has created such a script. Here is a link to the vbulletin version. http://www.vbulletin.org/forum/showthread.php?t=131568&page=9

    Hope that helps guys :)
     
    1EightT, Apr 27, 2007 IP
  9. buyingwebsites

    buyingwebsites Well-Known Member

    Messages:
    219
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    108
    #9
    I think rather than freak out about you, you should use it. On my last forum before I sold it, I used phpbb and I had a huge issue with spam. Instead of freaking out, I made it a challenge for moderators to find and modify the spammer posts. This made spam entertaining for the different members. In fact, spam became part of the board culture because of it and really increased forum posting and visitation, because users were waiting to see the next spam modification. I even started doing spam contests.

    For actual control of the spam... i'm not really sure what you can do as none of the modifications seemed to really help. What I would do that seemed to make a difference was to change up the forums. I don't know why this worked, but I guess if you move your forums up or down or whatever or slightly changed the title, the forum software must have to readjust or something... but doing this every few days was easier than removing the spam and stopped it almost altogether. Not sure why it worked, but it did.
     
    buyingwebsites, Apr 27, 2007 IP
  10. allout

    allout Prominent Member

    Messages:
    5,000
    Likes Received:
    461
    Best Answers:
    2
    Trophy Points:
    340
    #10
    I switched to Yabb which seems to cut down on spam. I used phpbb but I was so overrun with spam that I just cshut down the forum. Yabb mails a randon password through email and they have to use that to log in and then can can change if they want. The negative thing is they still show up as members even if they don't log in, but I still haven't got any spam.
     
    allout, Apr 27, 2007 IP
  11. blogster

    blogster Peon

    Messages:
    290
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #11
    the Humanizer mod worked for me! Since i hav installed it i hav'nt seen any spam bots around.I have also installed this mod which i got from phpbb.com.It adds extra field to the registration form and ask the HUMANS to leave that particular field BLANK.Spam bots ALWAYS fill the field and registration fails.And it also sends me an email telling me of a spam bot registration attempt.The combo of both these mods have worked for me. :)

    I have also used wildcard in the ban control to ban the email host they were using.All of those bots were using host is banned now.
     
    blogster, Apr 27, 2007 IP
  12. clancey

    clancey Peon

    Messages:
    1,099
    Likes Received:
    63
    Best Answers:
    0
    Trophy Points:
    0
    #12
    This topic gets discussed frequently. I discussed a hack to prevent newly registered members to include URLs in their posts. It is in the thread:

    http://forums.digitalpoint.com/showthread.php?t=229761

    The hack is helpful.

    The problem points out that coders need to develop better strategies for dealing with robots. None will be fool proof, but a multi layered approach will make it harder.
     
    clancey, Apr 28, 2007 IP
  13. Jackuul

    Jackuul Well-Known Member

    Messages:
    2,972
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    180
    #13
    There are, of course, many other ways too. The humanizer mod is one, along with a user cp mod that makes certain fields required. The bots love to add ICQ addresses for some reason - so I make other fields a required too. I don't care if a member puts their real AIM or MSN - but the bot can't, for now. There's a few others that I installed but have forgotten about - thus far the bots I get on the forums I am actively working on are minimal.
     
    Jackuul, Apr 29, 2007 IP
  14. buyingwebsites

    buyingwebsites Well-Known Member

    Messages:
    219
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    108
    #14
    I looked at your forums and they don't even seem to be populated. What forum is having this problem? Generally bots hit the forums that have more traffic and are higher ranked in search engines.
     
    buyingwebsites, Apr 29, 2007 IP
  15. Le GoogelGuRu

    Le GoogelGuRu Guest

    Messages:
    864
    Likes Received:
    20
    Best Answers:
    0
    Trophy Points:
    0
    #15
    Interesting method! I'll have to try that myself.
     
    Le GoogelGuRu, May 1, 2007 IP
  16. bigp

    bigp Peon

    Messages:
    293
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    0
    #16
    Another medhod you can use is to ban different time zones. Since your focus is likely in the US, why not ban time zones for places like Nigeria and Russia, where the bulk of these SPAMMERS are coming from?

    Here is a mod that should help:
    phpBB Forum Spammer Registration Mod - Kill the SpamBots!

    It has worked for quite a few people that I know of. Give it a shot!
     
    bigp, May 9, 2007 IP
  17. ThatForumPlace

    ThatForumPlace Peon

    Messages:
    201
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #17
    See my "Forum Owners and Programmers" topic. An effective out of the box solution may be at hand.
     
    ThatForumPlace, May 9, 2007 IP
  18. QiSoftware

    QiSoftware Well-Known Member

    Messages:
    805
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    158
    #18
    I corrected this problem by requiring an administrator to okay new members on my forum.

    Q...
     
    QiSoftware, May 10, 2007 IP
  19. Le GoogelGuRu

    Le GoogelGuRu Guest

    Messages:
    864
    Likes Received:
    20
    Best Answers:
    0
    Trophy Points:
    0
    #19
    There still might be visitors from foreign countries, though.
     
    Le GoogelGuRu, May 11, 2007 IP
  20. batting

    batting Peon

    Messages:
    27
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #20
    go to phpbb's own forum and get a spam mod. They work, always work..
     
    batting, May 13, 2007 IP