1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Vbulletin spam attacks!! help please

Discussion in 'vBulletin' started by zxlewi, Aug 30, 2008.

  1. #1
    hey people,
    okay i own a forum and its under constant spam attack by multiple users... all posting similar content...
    SEMrush
    its stats have gone down because of that and i need to stop them... ip block dont work because its diff ip's for all of them

    okay ive been banning them and deleting the posts etc but then next day diff user same posts... and literally hundreds of posts just over night

    capatcha is enabled and so is email confirmation... however still they post

    how do i stop them and prevent this as i dont want to manually confirm every member as they have ordinary names etc and so would only know after they try and post... also cant moderate all posts either as would take too long...

    can send url upon request (dont know how you find out version)

    thank you :)
     
    zxlewi, Aug 30, 2008 IP
    SEMrush
  2. ~kev~

    ~kev~ Well-Known Member

    Messages:
    2,869
    Likes Received:
    194
    Best Answers:
    0
    Trophy Points:
    110
    #2
    ~kev~, Aug 30, 2008 IP
  3. zxlewi

    zxlewi Banned

    Messages:
    450
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #3
    thanks for that
    but is there any other way to stop them? before they post?
     
    zxlewi, Aug 31, 2008 IP
  4. ~kev~

    ~kev~ Well-Known Member

    Messages:
    2,869
    Likes Received:
    194
    Best Answers:
    0
    Trophy Points:
    110
    #4
    You can also use aggressive email banning, I have this option enabled on my site as well.

    VBulletin admin control panel - vbulletin options - vbulletin options - user banning options.

    Set "Aggressive Email Banning" option to ""Yes"

    Set "Allow User to Keep Banned Email Addresses" option to "Yes"

    What this setting does, it blocks everyone that tries to register with an email address that has part of the name in it. If the word "hot" is in the list, every email address that contains "hot" will be denied - such as hotmail. If these spammers are signing up for free accounts just to register for your site, this will prevent them from doing so.

    In the "Banned email address" box, copy and paste this list.

    @123india
    @123mail
    @aim
    @animail
    @anytimenow
    @aussiemail
    @BigString
    @bluebottle
    @boardermail
    @burntmail
    @bugmenot
    @canada
    @canoemail
    @dbzmail
    @dcemail
    @didamail
    @doramail
    @emailaccount
    @FastMail
    @fusemail
    @Gawab
    @gnumail
    @gmail
    @graffiti
    @gmx
    @hotmail
    @HotPOP
    @hushmail
    @hush
    @icqmail
    @inbox
    @indiatimes
    @kids.co.uk
    @kittymail
    @Lavabit
    @linuxmail
    @live
    @lycos
    @mail2
    @mailsecret
    @myway
    @mail
    @moose-mail
    @marmotmail
    @modomail
    @msn
    @runbox
    @s-mail
    @snail-mail
    @spambog
    @spamfreezer
    @tuffmail
    @wildmail
    @whale-mail
    @yahoo
    @Zapak
    @Zenbe

    Then, go into "Languages & Phrases" in the vbulletin admin control panel, search in phrases for "banemail" - but without the quotes.

    Edit the banemail phrase and replace it with this:

    VBulletin phrases sees the <br> as a line break, so be sure to leave those in there.

    When a spammer signs up and uses a free email service, just add it to the list. Once a domain is added to the list, that means no more spammers can ever use that domain name to register for an account on your site.

    But do not enter the full domain name. To block hotmail.com, just enter hotmail. This will block hotmail.co.uk, hotmail.cn, hotmail.tw,hotmail.ro....

    Once you have the new setting in place, try to register an account on your site. Use an email address with a domain on the list, your account should be rejected when you click the next button and you should see the error message you entered.
     
    ~kev~, Aug 31, 2008 IP
  5. Suri.CMS

    Suri.CMS Peon

    Messages:
    432
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Probably you may try this :-
    http://akismet.com/faq/

    (Personally I haven't tried it yet)
     
    Suri.CMS, Sep 2, 2008 IP
  6. munnakv

    munnakv Active Member

    Messages:
    293
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    60
    #6
    I repeat (copy paste) what I just wrote in another thread of this forum. You might find it useful.

     
    munnakv, Sep 4, 2008 IP
    ~kev~ likes this.
  7. BigMark2008

    BigMark2008 Peon

    Messages:
    33
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    There's a chance its outsourced captcha breakers though... if thats it... you are pretty much hosed...
     
    BigMark2008, Sep 4, 2008 IP
  8. viperxx

    viperxx Peon

    Messages:
    513
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    0
    #8
    Much easier solution, use recaptcha.
     
    viperxx, Sep 5, 2008 IP
  9. Endurer

    Endurer Well-Known Member

    Messages:
    1,113
    Likes Received:
    84
    Best Answers:
    0
    Trophy Points:
    140
    #9
    There is an anti-spam mod over at vbulletin.org and also the built-in akismet protection that scans posts and puts them to moderation que if deemed spam.
     
    Endurer, Sep 6, 2008 IP
  10. Logician

    Logician Active Member

    Messages:
    213
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    60
    #10
    Upgrade to vbulletin 3.7.x and enable Human Verification Library. This solves it for good.

    If you are not able to upgrade to this version yet, check vb.org for hacks which give same feature to your old vb.

    And temporarily you can turn on user moderation and put a "why do you want to join to our site" type of question into your profile fields and make it mandatory to fill in the registration which will give you an idea who is bots and who is humans when you moderate them.
     
    Logician, Sep 9, 2008 IP