SPAMBOTS - how can we stop them - read FIRST post.

Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
Forum rules
Temporary forum to obtain support while phpBB.com is offline.
Please use the support forum on phpBB.com
Locked
User avatar
mixstar
Registered User
Posts: 27
Joined: Thu Feb 05, 2009 7:51 am
Location: The Cogan Triangle

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by mixstar »

Darcie wrote:. . . I didn't mean that to be cryptic. . .
Ha ha, no that's fine, when things are going off the boil a good old conspiracy story always sets tongues a waggin ;)

On the subject of search engines, if you ever Google 'site:yoururl.com' you will always find plenty of pages full of your information, it's not too difficult to understand how the information is gathered in the first place. Most, not all, of the people who seek to disrupt, whatever it is they want to disrupt, do it from bedrooms for fun. As such they don't have huge fortunes to spend on code cracking so they use whatever is available and Google is definitely available.

User avatar
Dog Cow
Registered User
Posts: 271
Joined: Wed May 25, 2005 2:14 pm

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by Dog Cow »

Darcie wrote:Because I can search the domain name and find it on Google? Trust me, there are no other links to the site. I've double checked in light of recent events. :)
What I meant was, how do you think Google found out? They don't have magic powers. Either you or someone you know submitted the URL, or there's a link out there, somewhere.

User avatar
mixstar
Registered User
Posts: 27
Joined: Thu Feb 05, 2009 7:51 am
Location: The Cogan Triangle

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by mixstar »

Google and the others trawl . . .

tffnguy
Registered User
Posts: 75
Joined: Thu Mar 02, 2006 5:13 am

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by tffnguy »

Can anyone tell me what I'm doing wrong here? I can NOT get this custom profile to show up on registration! When I create a bogus account to test it then only the CAPTCHA is shown and once that is filled out the account is added.

What I'm trying to do is setup a long list of what people might or might not be registering on my board for and display that list. They would then have to type in the one that best describes what the board is for. Example

This board is for: Apples, Oranges, Monkeys, Skunks, Snakes, Birds, Dogs, Cats, Weird Stuff, None of these.

Now lets say the board is about Birds so I want the user to have to enter Birds in the custom profile field.

Now with that said since I can't get it to display what the heck am I doing wrong? Do I need to refresh the themes or what?

Oh... And I've said it before and I'll say it again. I DON'T want to have to edit any code or use a MOD.

Also it would be real nice if bb codes or html codes would work in the description where This board is for: and the options could be on a separate line or at least the options be in bold.
custom.jpg
(44.42 KiB) Downloaded 734 times
For some reason the above jpg doesn't show up. :?
Plano, Texas

User avatar
DHCook
Registered User
Posts: 4
Joined: Fri Feb 06, 2009 2:40 pm

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by DHCook »

tffnguy wrote:Can anyone tell me what I'm doing wrong here?
Your screen shot doesn't look like mine - are you using version 3?

At the bottom of my screen is a button labeled "Profile type specific options." That leads to a screen where the "Save" button must be clicked to save the custom field.
Dale H. Cook, Member, NEHGS and MA Society of Mayflower Descendants;
Plymouth Co. MA Coordinator for the USGenWeb Project
Administrator of http://plymouthcolony.net

tffnguy
Registered User
Posts: 75
Joined: Thu Mar 02, 2006 5:13 am

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by tffnguy »

DHCook wrote:Your screen shot doesn't look like mine - are you using version 3?

At the bottom of my screen is a button labeled "Profile type specific options." That leads to a screen where the "Save" button must be clicked to save the custom field.
I'm using:
phpBB3 3.0.4
prosilver
subsilver2 (Default)

Overide Styles is No

and there is such a "Profile type specific options." below the image I uploaded, but changind any ot the settings in there doesn't seem to make any difference either. It just doesn't show up when registering and doesn't keep the account from being made after the CAPTCHA is entered correctly. I have the board set for activation by Admin.
Plano, Texas

Posts
Registered User
Posts: 6
Joined: Thu Feb 05, 2009 6:16 pm

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by Posts »

don't know where to do this, made this recently, first time i've posted it
Spam blacklist made simple

Purpose: Block blacklisted spam IPs from registering. With a minimalist approach.

The IPs are checked right before the new user is added to the DB, and after all the input is checked and OK.
Spam bots will see an almost blank page with: "spam, email me"

Black lists: (aimed at comment spam instead of email spam)
http://www.stopforumspam.com
http://projecthoneypot.org

Goto file:

Code: Select all

includes/ucp/ucp_register.php
Find:

Code: Select all

// Register user...
$user_id = user_add($user_row, $cp_data); 
ABOVE the code found, ADD this:

Code: Select all

include($phpbb_root_path . 'projecthoneypot_asdf.php');
include($phpbb_root_path . 'stopforumspam_asdf.php'); 
So you should end up with

Code: Select all

include($phpbb_root_path . 'projecthoneypot_asdf.php');
include($phpbb_root_path . 'stopforumspam_asdf.php');
// Register user...
$user_id = user_add($user_row, $cp_data); 
Goto file: projecthoneypot_asdf.php (created a few steps down this page)
Register/Find/replace key (Project Honey Pot)
Replace MyAccessKeyHere with your key.
Get key from here: http://projecthoneypot.org/httpbl_configure.php

Code: Select all

$h= new http_bl('MyAccessKeyHere'); // put your access key here   
No key for stopforumspam
(nothing to do)

CREATE, filename: projecthoneypot_asdf.php (same folder as index.php/config.php)

Code: Select all

<?php
/*
* Posts modified this:
* Project Honey Pot Http BlackList
* http://www.projecthoneypot.org/httpbl_configure.php
* version 0.1
* - 2008-01-18 version 0.1 by Francois Dechery, www.440net.net
* This php class is distribured under the GNU Public License ("GPL") version 2.
* http://www.gnu.org/licenses/gpl.txt
*/

if (!defined('IN_PHPBB'))
{
        exit;
}

//make sure vars don't collide by wrapping in func
blahblahblahasdfasdf();
function blahblahblahasdfasdf()
{
    $h= new http_bl('MyAccessKeyHere'); // put your access key here
    $ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : '';
    //$ip = "234"; // test
    $r = $h->query($ip);

    //echo htmlspecialchars($ip).": ";
    //if($r==2) {
    //    echo "Found a " . $h->type_txt ." (".$h->type_num .") with a score of ". $h->score . ", last seen since ". $h->days . " days";
    //} elseif($r==1) {
    //    echo "Found a Search engine (". $h->engine_num . ")";
    //} else {
    //    echo "Not Found";
    //}

    if($r == 2 && $h->type_num >= 1 && $h->days <= 20) {
        die("spam, email me");
    }
}

//**************************************************************
//**************************************************************

class http_bl{

var $access_key ="";

var $domain ="dnsbl.httpbl.org";
var $answer_codes=array(
0 =>'Search Engine',
1 =>'Suspicious',
2 =>'Harvester',
3 =>'Suspicious & Harvester',
4 =>'Comment Spammer',
5 =>'Suspicious & Comment Spammer',
6 =>'Harvester & Comment Spammer',
7 =>'Suspicious & Harvester & Comment Spammer'
);
//var $engine_codes=array();

var $ip ='';
var $type_txt ='';
var $type_num =0;
var $engine_txt ='';
var $engine_num =0;
var $days =0;
var $score =0;


// ***********************************************
function http_bl($key=''){
$key and $this->access_key=$key;
}


// return 1 (Search engine) or 2 (Generic) if host is found, else return 0
function query($ip){
    if(!$ip){return FALSE;}
    $this->ip=$ip;
    list($a,$b,$c,$d)=explode('.',$ip);
    $query=$this->access_key.".$d.$c.$b.$a.".$this->domain;
    $host=gethostbyname($query);
    list($first,$days,$score,$type)=explode('.',$host);

    if($first==127){
        //spammer
        $this->days =$days;
        $this->score=$score;
        $this->type_num =$type;
        $this->type_txt=$this->answer_codes[$type];

        // search engine
        if($type==0){
            $this->days =0;
            $this->score =0;
            $this->engine_num =$score;
            //$this->engine_txt =$this->engine_codes[$score];
            return 1;
        }
        else{
            return 2;
        }
    }
    return 0;
}

} //end class
?>
CREATE, filename: stopforumspam_asdf.php (same folder as index.php/config.php)

Code: Select all

<?php
/*
* Posts modified this:
* "Smurf_Minions wrote a spambot detector in PHP using the API. 
*    The source is included as well."
* http://guildwarsholland.nl/phphulp/testspambot.php
* http://guildwarsholland.nl/
*
* black list site:
* http://www.stopforumspam.com
*/

if (!defined('IN_PHPBB'))
{
        exit;
}

//make sure vars don't collide by wrapping in func
yumyumyumyumasdf();
function yumyumyumyumasdf()
{
        $ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : '';
        //$ip = "123"; // test

        $spambot = yumcheckSpambots($ip);
        if($spambot == true){
            die("spam, email me");
        }
}
function yumcheckSpambots($ip){
    $spambot = false;

    $xml_string = @file_get_contents('http://www.stopforumspam.com/api?ip='.$ip);
    if($xml_string === FALSE) {
        return $spambot;
    }
    $xml = new SimpleXMLElement($xml_string);
    if($xml->appears == 'yes'){
        $spambot = true;
    }
/*
    if(isset($xml->frequency)) {
        $freq = (int)$xml->frequency;
        if(3 > $freq) {
            $spambot = false;
        }
    }
*/
    if(isset($xml->lastseen)) {
        $seen = substr($xml->lastseen,0,7);
        $test1 = date('Y-m');
        $test2 = date('Y-m', strtotime('-2 week'));
        if($seen != $test1 && $seen != $test2) {
            $spambot = false;
        }
    }
    return $spambot;
}
?>

User avatar
pmbinky
Registered User
Posts: 28
Joined: Fri Feb 06, 2009 1:54 am
Location: Suburb of Detroit
Contact:

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by pmbinky »

Never mind - lack of response drives ingenuity. :oops: :oops:

============================================


blessings,
Tony <><
blessings,
Tony <><

AFCW Bert
Registered User
Posts: 1
Joined: Sat Feb 07, 2009 12:42 am

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by AFCW Bert »

CTCNetwork wrote:Another problem I thing will be that with many of these spam registrations, they don't post. They don't even log back into the forum once registration has been completed. They are just filling up the member list with dead wood.
Presumably you have by user or by admin account activation, thus the spambots don't actually finalise the registration process.

What's needed is a way to easily work out exactly what's a spambot registration attempt and what's a real human attempt.

Over the past couple of years I've developed a guestbook style forum that attracts over 1000 posts per day without the requirement for registration. After many months of chasing spambots and tweaking code I came across a simple solution. I adapted this solution into phpBB2 and my spambot registrations dropped from between 20 and 50 a day to zero, and remained at zero for several months before upgrading to phpBB3 a few weeks back. Already the spambot accounts are back to 10+ a day. I've not had time to dissect the phpBBS3 code yet, but if anyone wants to have a crack at my very simple method, here it is;
  • On the user registration screen add as as the first form field a hidden (style=display:none) input text box.
  • When checking the input, if *anything* has been entered into the input box then you can guarantee it's a spambot. Appear to continue the process as normal but either don't bother saving the account or save it disabled.
  • That's it.
If I get the time I'll give it a go, but my time is short at the moment, so if anyone else wants to give it a try, please do.

tffnguy
Registered User
Posts: 75
Joined: Thu Mar 02, 2006 5:13 am

Re: SPAMBOTS - how can we stop them - read FIRST post.

Post by tffnguy »

Anyone else been having trouble staying logged in? Also any help on why the custom profile fields aren't working for me? Guess I better post this while I can. ;)
Plano, Texas

Locked