Advice on cutting down phpBB spam
Found this:
Good advice on combatting spam on phpBB forums. There’s an option to use a captcha for signing up as well, right?
My experience, is that spammers register, then post once. More and more will never bother to post again. So banning isn’t so much the solution as making it difficult for them to register.
September 14th, 2006 at 12:09 pm
The PHPBB captcha is ineffective. I still get several bogus signups a day. I removed the website from the signup and bots will still sign up.
I ended up adding a cron job to delete members who don’t activate within 48 hours:
http://boonedocks.net/mike/archives/124-PHPBB-Fake-Members.html
From the article you linked:
That’s what it comes down to. I’m still getting bogus users who sign up, actually activate their account, and them come back a few days later to post spam.
One solution I haven’t yet tried is to go through the code and rename the registration script, so bots looking for the typical URL will not see it. If that doesn’t work I will resort to approving new accounts manually.
It’s very frustrating and I hope the new version of PHPBB has some changes to deal with these problems.
September 14th, 2006 at 9:57 pm
Any clue about preventing SPAM on SMF forums?
September 15th, 2006 at 2:19 am
One solution I’ve been pondering is a service a-la URIBL/SURBL that could be hooked in to any forum signup method. The forum code would just need to check any of the fields for domains (like Spamassassin does), and deny signups for spammed URLs/email addresses (domain based, whitelist things like gmail unfortunately). Build in a reporting mechanism for when an admin manually deletes a user, and use a spamcop-type mechanism where multiple hits are needed to get an entry listed.
Oh well, it’s a dream. For the phpBB forum I manage, I removed the ‘our latest member is’ link, simply to stop the spammed URLs getting crawled into google/yahoo/other.
September 15th, 2006 at 2:58 am
For bots, the only effective way of stopping them is to use email verification. They bypass the captcha in Invision, too. Verification just holds them until I can delete them from the queue. It wastes a few minutes of my time, but keeps the board clean.
I’ve only had a couple get past that and they were human spammers.
September 15th, 2006 at 3:09 am
Ducan: Try to check existing blacklisting services. Since a large amount of bots are on compromised Windows machines or use those machines as proxies, checking the IP of anyone trying to sign up agains a service like the spamhaus.org sbl-xbl is worth a try.
On the other hand, I have been thinking about setting up a RBL for webspam. It would only work for domains, but it could easily be implemented in any wiki, forum, blog, etc.
September 15th, 2006 at 4:12 am
Another thing that may help is set up blacklists of offenders, and put it on the website so the information can be shared between site owners, and the information used to block known spammers / offending IP Addresses, such as this one I’ve prepared earlier (and just updated less than 10mins ago):
http://www.jdaltpol.co.uk/forum_spammer_blacklist.html
Also, if your smart enough modify the board so e-mail addresses from certain domains are refused sign-up…… at the moment the most commonly used appear to be: @cashette.com / @gawab.com / @mail.ru / @list.ru / @inbox.ru / @mail15.com
September 15th, 2006 at 7:37 am
I’ve taken the banlist approach like John D. Mine’s published at http://www.littleblackdog.com/viewtopic.php?t=39177 and everyone is welcome to it. I seem to be updating it a lot lately. One problem is a lot of these spambots are through random botnets and are hitting us via Verizon or Comcast or some other big consumer-side netblock. It’s easier to ban some Chinanet class B because I know they aren’t supposed to be visiting our forums. It’s certainly taking a lot more effort than it did even a year ago. Without the banlist I can’t imagine how much spam I’d be getting, we only really get 2 or 3 member list spam and maybe one a week gets registered and posts. They don’t last long.
September 18th, 2006 at 6:37 am
I posted this in an older thread today, but figured I would post it here as well. I run Invision, but this simple mod can be applied to any software really:
I have the same problem, so I decided to implement 2 changes in the signup process, and it is catching them all so far (100%, for about 2 months now):
1) Ask the question “Are you a bot? (do NOT answer this)”. 90% of these bots will enter their location in this field, so the signup processes gets exited, no database space has been wasted.
2) I also have a question asking “How did you find this site?” since I am interested in this. Most bots put their signup name in there, so I simply cancel the signup process if this field is the same as their nick.
It’s pretty interesting to see how all these bots have the same profile (user agent, same type of password generation), and would love to know what software these spammers are running, since there are so many out there, but all the same profile.
I get about 5-6 failed registrations a day now (I have the Invision software e-mail me). So nice!
September 18th, 2006 at 12:46 pm
There’s several ongoing threads on the vbulletin.com and theadminzone.com forums about the recent jump in forum spam. Those using vBulletin 3.5 and earlier seem to be getting hit the hardest, even with CAPTCHA verification turned on. Those using vBulletin 3.6.*, with extensive email domain filters (the usual *.ru, gawab.com (and hundreds of other domains offered by Gawab, cashette.com, and others) seems to stop it cold.
There seems to be a vocal minority viewpoint that banning gawab.com and the like are “throwing out the baby with the bathwater”, and that one should tolerate hundreds of spammers, because there is the remote chance that a legitimate user with a gawab.com address should register.
Some vBulletin users are reporting that banned users are re-registering under the same name. Actually, the name is different; a Roman character is replaced by an identical-appearing Cyrillic letter, which fools vBulletin into thinking it’s a different username.
Yes, I ban Yahoo addresses. If a Yahoo user wasn’t a spammer, there were more often than not problems with validation emails ending up in junk mail boxes, full mailboxes, inactive accounts, and other things causing bounces and general mayhem. It was just too much work. Banning Yahoo eliminated Nigerian 419, cell phone/Nokia and private message spam, human-generated spam by small businesses, and much of the Fanscape-type “street team” guerilla marketing spam. Most of my users have access to alternative email addresses — their work or ISP address — so they have options. Blocking Yahoo didn’t hurt membership; the rate of new members remained about the same both pre-ban and post-ban.
September 19th, 2006 at 7:43 am
My method of asking the bot question seems to work 100% so far, and I am not relying on ANY banning/filtering of domains, so I hope people will look into this method. CAPTCHA is useless in most versions of the Invision software as well, so I decided it is time to actually challange the bots, with great success.
September 28th, 2006 at 11:05 am
Dan,
I’m assuming you have a phpbb forum. Where do you add the extra questions?
September 29th, 2006 at 3:04 pm
Forum spam stopper:
http://www.tfbw.com/archives/20
I got this by e-mail, and the guy wanted me to post it. But it would get more attention here, so I’m putting it here.
Basically, this thing could be used in forum software or guestbook software. Maybe other type of submit software as well. Like mailforms? Anyway, hopefully it’ll stop spam for a long time.
September 30th, 2006 at 1:55 pm
As admin of a PC gaming website, I have been “invaded” by a bunch of these the last couple of weeks. Use an earlier vB 3 for the forums. Since we do not allow automatic registering with immediate posting, this has kept active text spamming to a minimum. Only from a few human spammers that get through the checks.
There are so many legitimate email addresses you cannot ban them all. The “Throwing out the baby with the bathwater” syndrome is not always viable option. So, outside of the more blatantly used ones, the rest you end up going by search and “gut feeling”. However, turning off the “automatic activation” options works best. Then go in and delete the user and stick their emails into “Ban”. As an earlier poster pointed out, it means a few more minutes of an Admin’s time but better security for the forums.
October 2nd, 2006 at 6:03 am
Read somewhere else that putting a hidden form field value in the new user form cut down the spam registrations. I have email verification turned but still getting spam so probably going to try the field next as I think they’re using an automation script to register.
October 2nd, 2006 at 7:40 am
Rita,
I am using an old version of invision, but it shouldn’t be hard to make this change to phpbb. I simply modified the registration php file, and that was it. You’ll have to find the phpbb version of this file (check the phpbb help forums), but if you need help once you located it let me know. I get about 6 attempted signups a day now, so it’s definitely working.
I am not sure if I would implement the cookie ban method mentioned by admin. This would block people who disable javascript (i.e. the popular NoScript Firefox extension), and maybe even search engine bots? Definitely sounds interesting, but needs to be tested for sure.
October 2nd, 2006 at 4:01 pm
Thanks Dan. That sounds like the easiest fix.
October 15th, 2006 at 4:27 pm
Try prprbl http://phprbl.init1.nl/ It is very easy to implement (copy one file, add one line of code). It is an open source solution RBL solution for Mambo, Joomla, phpBB, and any other kind of php software with referrer spam problems.
October 16th, 2006 at 4:12 am
I had maybe ten or twelve spammers joining the phpbb2 forum I administrate every single day of the week which drove me nuts trying to combat the knobs. However - now I don’t have a single one. I have cracked the problem.
How? you ask. Kittenauth. Very little trouble to install, and easy to customize. Haha, sorry if this sounds like an advert, but I’m trying to spread the word.
November 4th, 2006 at 3:50 pm
Although my main work is the development of my email spam protection system, my wife and I also run a small dog forum with phpBB. And we got hammered more and more by these spam registrations while the phpBB CAPTCHA does not work anymore. Looking for a solution with Google, I came across a modification for the usercp_confirm.php script, that thakes a background image and then writes the code on that image. And while experimenting with it (I’m used to beat spammers with unusual but highly effective methods), I found a solution that worked great for weeks now:
On the background image, spread fake codes allover the place. In a particular place, easily definable to humans, place the real code. In a text on the background image indicate to the subscriber, which of the codes to enter (in my case the one in the voice bubble).
This fools out the bots as they don’t know which one is the good one. They usually pick the fist one if they figure one at all. You may see my implementation here:
http://hundeforum.buddyshare.org/phpBB2/profile.php?mode=register&agreed=true
December 4th, 2006 at 9:36 pm
“I came across a modification for the usercp_confirm.php script”
Manfred where did you run across it at. How would you write the code for that?
December 30th, 2006 at 4:46 pm
Hi!
I have added one lable with variable.
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) || $HTTP_POST_VARS[’new_variable’] != ‘123456′ )
I think it will help
December 31st, 2006 at 6:15 pm
Definitive Guide to phpBB Spam Control:
http://www.linux.org.bd/russelljohn/journal/index.php?itemid=93
Happy new year!
January 8th, 2007 at 11:55 am
We were also getting hit with spam-bots, beginning mainly around last August. At first we banned the members and deleted their messages, but I got fed up with it and changed the board so I have to approve all new memberships.
We are running vbulletin 2.2.8. Stop laughing at me!
We just topped 4,000 members, and we typically get 10 - 20 new members per day, of which approximately 1/3 are spammers. I realized these were bots because of the way they would populate the registration fileds - we have a field named Your Car, which most bots populate with “1″
If I’m suspicious, I’ll google the username or email address. Usually the bots have been signing up to ~50 boards within the last week, and I’ve learned to spot phrases in the results such as “___ is not a member of any groups yet” (in any of several languages).
We have a “Bad-Kicked” member category that I change these applicants to. So, technically, they are still members and they add to our total count, but you would never know they are there because they can’t post. I checked today, so far we have 109 of these.
Man, sometimes just out of curiosity I follow a link or two in the google results and find boards so completely choked with spam that you can’t tell what the original purpose was!
This is a tedious process, but it has completely stopped all of our spam. So far we mainly get online meds and a few porn spammers; we got out first mortgage refinancer last week, but so far no poker or other gaming, or stocks, etc.
February 3rd, 2007 at 10:58 am
i want to go on record as saying that manfred’s suggestion was a lifesaver! my bostondog.org forum was getting slammed w/ at least 8-10 bogus registrations per day and i was ready to throw in the towel. manfred helped me implement his mod to the usercp_confirm.php script and we haven’t had a single bogus registration on over a week! Bravo, Manfred!
February 10th, 2007 at 2:36 am
Manfred that is a good one! There is another problem and that is just posting link spam. I dont get much anymore but out of desperation I removed the profile page and the URL for the websites during signups. I will give you one a try next.
March 6th, 2007 at 4:55 pm
I still haven’t seen a link to manfred’s mod. Can some one post it.
Thanks
August 23rd, 2007 at 2:58 pm
I use the spam protection from www.xmonitor.net, which works fine.
August 23rd, 2007 at 11:09 pm
The phpBB team recently published official recommendations:
http://www.phpbb.com/community/viewtopic.php?f=1&t=427852
March 3rd, 2008 at 2:47 pm
Hi,
I run an automobile forum using phpBB. Spamming was off the hook. Around 20 registration per day and nasty posts. Looked for solution for ever on google. with no luck i tried this myself and reduced spamming 99 % for phpBB. Adding to what Mike at the top does this solution has few more steps. Check it out at http://appleicase.com/board.htm
Cheers