There will forever be this continuous war between spammers, and spam-blockers.
Spammers trying to find ways around the security precautions, and Security always trying to find new ways to block the ever evolving Spam... and it's still not illegal.
So the best method of defense? Uniqueness...
If every board had a tough new unique way of blocking the spam registration attempts, it makes it very difficult, and not worthwhile for programmers to create methods for bots to attempt to register on those boards... they would end up waisting their time... this is what we hope for, of course. What could be better than spam programmers waisting time.
But spam methods are always evolving, so as site/forum administrators, you must also evolve to keep a step ahead and keep spam out.
It is indeed a good method to create a script or MOD that randomizes the registration process... do this, and you make it very difficult for bots to register.
But always keep users in mind... if you make it so difficult to register, that not even humans can get in, you are going to lose a large potential userbase.
I always try to "keep my grandma in mind" when building scripts for spam-blocking.
This is the one reason logic-puzzles are at the top my list of spam-prevention pet-peeves.
Unless you want to make sure your userbase is of high IQ status, it does not make much sense to use such systems.
Then you also have to keep the color-blind in mind when creating CAPTCHA's... there are actually quite a few color blind computer users out there, and you don't want to alienate them either.
So this means, everything should be done on the back-end if possible... hidden and underneath... this is the best theory for blocking spam, the trick is "good" implementation of it.
We are working on it, however...
And I'm sure you will see many spam prevention MODs become available for phpBB3, and I would recommend picking one up when you can.
8)
Better Spambot Protection in phpBB3?
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
- Highway of Life
- Registered User
- Posts: 1399
- Joined: Tue Feb 08, 2005 10:18 pm
- Location: I'd love to change the World, but they won't give me the Source Code
- Contact:
Re: Better Spambot Protection in phpBB3?
I installed this mod recently...
http://www.phpbb.com/phpBB/viewtopic.php?t=472940
Not had 1 spam user sign up since and normal users are registering fine.
http://www.phpbb.com/phpBB/viewtopic.php?t=472940
Not had 1 spam user sign up since and normal users are registering fine.
- Highway of Life
- Registered User
- Posts: 1399
- Joined: Tue Feb 08, 2005 10:18 pm
- Location: I'd love to change the World, but they won't give me the Source Code
- Contact:
Re: Better Spambot Protection in phpBB3?
phpBB2 MODs won't work for phpBB3 and vise-versa...
Though, I have a feeling you knew that already, and were just making a side comment.
Though, I have a feeling you knew that already, and were just making a side comment.
Re: Better Spambot Protection in phpBB3?
Good point, sorry wasn't very clear was it.
Yea, I was just pointing out that particular mod has been the most effective spam prevention I've come across.
Yea, I was just pointing out that particular mod has been the most effective spam prevention I've come across.
Re: Better Spambot Protection in phpBB3?
I always try to "keep my grandma in mind" when building scripts for spam-blocking.
So very true. I work at a place that creates software for home inspectors and they may know a lot about the construction of a house, but are doing really good if they can even tell us what a forum, message board or blog are, much less sign into one and post to it. I don't know how those guys get around with stuff like "Crapcha" about.
All hail the mighty principle "K.I.S.S."
Re: Better Spambot Protection in phpBB3?
But you could define something with the "custom profile fields" I think. Choose the "dropdown box" here, then define a question and give two options, define one as wrong and make the whole as "Required field". Of course the mod for phpBB2 is a bit more comfortable and more safe, but it could work I think.
EDIT: Also possible with numbers. E.g.: Write the number 16532. And only allow this number.
Or with single textfield/textarea. E.g.: Write an alpanumeric word with 15 letters.
Of course boolean E.g.: Are you human? Yes/no. (Ah, not possible with boolean, but "dropdown" is of course even more difficult for bots I think.)
EDIT: Also possible with numbers. E.g.: Write the number 16532. And only allow this number.
Or with single textfield/textarea. E.g.: Write an alpanumeric word with 15 letters.
Of course boolean E.g.: Are you human? Yes/no. (Ah, not possible with boolean, but "dropdown" is of course even more difficult for bots I think.)
I don't like these cold, precise, perfect people, who, in order not to speak wrong, never speak at all, and in order not to do wrong, never do anything. (Henry Ward Beecher)
Die Stifthelden
Die Stifthelden
Re: Better Spambot Protection in phpBB3?
Tienchen wrote: But you could define something with the "custom profile fields" I think. Choose the "dropdown box" here, then define a question and give two options, define one as wrong and make the whole as "Required field". Of course the mod for phpBB2 is a bit more comfortable and more safe, but it could work I think.
One option that could be good, is if you answer wrong that the user becomes approve only by admin, if he gets it right a confirmation email is sent, just a thought.
Re: Better Spambot Protection in phpBB3?
This is pretty relevent to this topic..
Is there some function in Olympus where if the user didn't activate their account via email (if this is set, of course) with X number of days, the unactivated username is deleted from the database? or will this have to be a mod?
Is there some function in Olympus where if the user didn't activate their account via email (if this is set, of course) with X number of days, the unactivated username is deleted from the database? or will this have to be a mod?
- Highway of Life
- Registered User
- Posts: 1399
- Joined: Tue Feb 08, 2005 10:18 pm
- Location: I'd love to change the World, but they won't give me the Source Code
- Contact:
Re: Better Spambot Protection in phpBB3?
First off... no, there is no default function that would do this.
Second, it doesn't really make sense, since the spambots can automatically, and instantly activate their accounts from the emails...
So bots would still easily get by this sort of limitation.
Second, it doesn't really make sense, since the spambots can automatically, and instantly activate their accounts from the emails...
So bots would still easily get by this sort of limitation.
Re: Better Spambot Protection in phpBB3?
oh..i thought the spambots used fake emails..srry lol