recent spambots

Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
Forum rules
Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
Pond Life
Registered User
Posts: 11
Joined: Sun Feb 01, 2009 11:48 pm
Location: http://127.0.0.1/
Contact:

Re: recent spambots

Post by Pond Life » Tue Feb 03, 2009 2:28 pm

Don't forget that not all spammers are bots. I have got a custom profile field but my forum was still hit by four Russian pron spammers last night and one of them even added an avatar to their profile. I am considering the moderation queue option if it gets worse but that has a possible negative effect on genuine new users too.

ukjim
Registered User
Posts: 7
Joined: Fri Jul 11, 2008 11:26 am

Re: recent spambots

Post by ukjim » Tue Feb 03, 2009 2:42 pm

I think the post count moderation technique will probably only frustrate genuine new members who wonder why their post is not appearing yet (particularly if they are used to posts appearing immediately on other forums they use).

I use Admin activation of new accounts on our forum only. I think the topic of our forum is fairly niche (quiet), and not public enough (ie low level of registrations) to warrant open User reg+activate. I prefer tight control of registration, which is seldom enough to make overseeing it manageable. (This might not be the case for other forum admins?).

Anyway, so I've implemented just today the suggestions in this thread of increasing the CAPTCHA graphic background noise, and adding Custom Profile Fields to ask additional anti-spambot questions at registration time (thanks for the ideas and links).

I will see how it goes. My attitude is that if a new user is genuine, interested and wants to contribute and receive help from our forum, they will understand and take the time to fill the extra (easy) questions. I have also phrased the wording and questions of the custom profile fields to make them light-hearted and fun to fill, and likely more difficult for bots to figure out (spambots seem to have no sense of humour :?: :lol: how odd) !

Edit: Oh and I also wildcard Ban some emails, like *@*.ru to prevent registration by Russian spammers at the front door (no doubt the list will grow over time)

Billd
Registered User
Posts: 2
Joined: Tue Feb 28, 2006 9:14 pm

Re: recent spambots

Post by Billd » Tue Feb 03, 2009 5:38 pm

I have to say, I am a bit behind here. I am running the original 3.0.0 and I have just started getting these spam bots so this is not related mirely to 3.0.4. I can see, this is going to be a real pain.

User avatar
EXreaction
Registered User
Posts: 1555
Joined: Sat Sep 10, 2005 2:15 am

Re: recent spambots

Post by EXreaction » Tue Feb 03, 2009 5:59 pm

I've only had one person keep coming back and posting the same garbage (bunch of links to some mcdir.ru site). But I found out the reason they could do that was from a bug in the currently released version of the Anti-Spam ACP mod. I fixed the bug yesterday and they'll no longer be able to post anything with mcdir.ru appearing in the post more than once. :)

Other than maybe once a month I get pretty much no spam.

I have noticed more that people like to post legitimate looking posts asking for help, then days later editing the post to have spam in it. But I've caught most if not all of those who are doing that. Any post that looks suspicious I just flag the user for and then get notified if they alter their profile, edit posts, add posts, or send PM's.

johnsemple
Registered User
Posts: 23
Joined: Sun Feb 01, 2009 10:42 pm

Re: recent spambots

Post by johnsemple » Tue Feb 03, 2009 6:02 pm

We used to get 2 or 3 from China untill last week now as has been reported here they are from .ru.... also I am beginning to get some using a "shared network device" one using this had an IP from Switzerland then when I saw them online about 20 minutes after activation the IP was from Ireland..

Daworm
Registered User
Posts: 10
Joined: Mon Jan 08, 2007 4:51 am

Re: recent spambots

Post by Daworm » Tue Feb 03, 2009 9:45 pm

Can you do the Custom Profile Field (or a variant of it) for guest postings?
As I said, we do allow guest postings (with Captcha, but I think I've made it too complex), for my forum setup this is ideal as we only manually activate accounts once approved to join (it's a guild forum for Age of Conan).

bsmither
Registered User
Posts: 8
Joined: Tue Feb 03, 2009 11:17 pm

Re: recent spambots

Post by bsmither » Tue Feb 03, 2009 11:46 pm

I agree with Gideon5L2F: I think the GD-based CAPTCHA has been figured out.

Analyzing my server logs for the most recent 5 registrations shows that within just a few seconds, those visitors GET/POSTed up to seven times - presumably fetching CAPTCHA images until one was delivered that could be recognized.

Daworm
Registered User
Posts: 10
Joined: Mon Jan 08, 2007 4:51 am

Re: recent spambots

Post by Daworm » Wed Feb 04, 2009 2:00 am

ChrisRLG wrote:It has been noted that changing the noise level to both the foreground and background of the CAPTCHA is holding them off.

They are probably only breaking the default noise levels.

Do note that changing those levels can make it harder for humans too, so it is a trade off.

One other option, in the KB's is an article where you can use the custom profile fields as an anti-spammer system.
A copy of the KB is here for while phpBB.com is down.
I must say... Thank you MUCHLY for the copy of the KB. I was trying to do a couple of things and using google to find the cached versions of that while phpBB.com is down... is a pain :)

cglazier
Registered User
Posts: 1
Joined: Wed Feb 04, 2009 2:52 am

Re: recent spambots

Post by cglazier » Wed Feb 04, 2009 3:36 am

In the last 72 hours I have been hit by 12 new user registrations, two of whom posted pornography on my forum. This has nothing to do with an upgrade, I am still using phpBB3 3.01. Normally I get a new user every few days.

Thanks to the suggestions above I will try to tighten up the registration CAPTCHA and maybe take other steps mentioned above. I have temporarily turned off new user registration entirely.

C Glazier

User avatar
James N
Posts: 143
Joined: Thu Jun 29, 2006 7:35 pm

Re: recent spambots

Post by James N » Wed Feb 04, 2009 10:42 am

Daworm wrote:Can you do the Custom Profile Field (or a variant of it) for guest postings?
As I said, we do allow guest postings (with Captcha, but I think I've made it too complex), for my forum setup this is ideal as we only manually activate accounts once approved to join (it's a guild forum for Age of Conan).
The Prime Anti Bot mod (mirrored on my website) works for guest posting as well

Locked