FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Spams hacking my forum!





OutwardBound
Dear guys, there are lots of spams in my forum these days, all of them promoting the adult website Sad . Although I need email configuration before establishing the accounts, the spammers just open hundreds of them (seems to be automatic, no one can open accounts arround the clock!). Deleting & banning these spammers just cost me a lot of time! Evil or Very Mad
Annoying spammers Evil or Very Mad Mad !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Can anyone of you suggest a QUICK way banning them?
ncwdavid
Maybe you could ban there ip address if you havent already done that or else set it up so that you must manually acivate their account. That might take a bit of time at the start but it should stop the spammers abit more then the email thing is.
MYP415
Also, you can create some sort of "trap" for the bots such as a harder captcha or something like type the name of this site backwards. The bots will have no idea what to do and it won't work. Then, you'll just have to deal with spammers who do the work manually (which you can't stop) but the numbers wont be as high.
{name here}
ncwdavid wrote:
Maybe you could ban there ip address if you havent already done that or else set it up so that you must manually acivate their account. That might take a bit of time at the start but it should stop the spammers abit more then the email thing is.

It doesn't work. I tried that at a site that got spam accounts registered everyday, and it doesn't matter how many subnets you ban they're still going to come at the expense of possible bannings of users. The only foolproof way I've found to stop spam from spambots is to hide a static verification code somewhere in an image, either with the directions in the image with no distortion plus non literal values(one for 1) or without but with some distortion. I never got spam on that site since I did that.
aningbo
OutwardBound wrote:
Dear guys, there are lots of spams in my forum these days, all of them promoting the adult website Sad . Although I need email configuration before establishing the accounts, the spammers just open hundreds of them (seems to be automatic, no one can open accounts arround the clock!). Deleting & banning these spammers just cost me a lot of time! Evil or Very Mad
Annoying spammers Evil or Very Mad Mad !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Can anyone of you suggest a QUICK way banning them?


i had a similar experience too and these are the few stuffs i did and now the spam is ZERO!!!

firstly: remove that 'website' registration field from the registration form.
secondly: use "are you human" question...
thirdly: use robots.txt at your root server.

more such stuffs available at http://phpbbhacks.com

my spam is zero at the moment Smile guud luck.
Snakez
What is the URL of your forums? ill take a look
aningbo
with -105.99 Points, i dont think he will ever bother to care to reply lolz
welshsteve
I had trouble with my forum like this. I use phpBB. I decided to set the "enable account activation" to Admin, and turned on the visual confirmation.
GB
good info here. I hadn't thought about some of those ideas before.
{name here}
welshsteve wrote:
I had trouble with my forum like this. I use phpBB. I decided to set the "enable account activation" to Admin, and turned on the visual confirmation.
]
Most spambots can get through that thing because the visual confirmationd doesn't distort the lettering.
welshsteve
{name here} wrote:
welshsteve wrote:
I had trouble with my forum like this. I use phpBB. I decided to set the "enable account activation" to Admin, and turned on the visual confirmation.
]
Most spambots can get through that thing because the visual confirmationd doesn't distort the lettering.


Yes, but they can't get through the admin bit, which requires an admin to manually activate accounts.

This works for my forum, because it is only open to people who's e-mail domains I am aware of. Any I don't recognise I can refuse, delete, ban or whatever. Smile
Dragate
Like name here said...

Good way is to do directions by image.
They're not going to develop such a complex program to detect image and decrypt them...

Some people have, but as soon as you throw in those extra pixels randomly or lines, the bots go nuts.

Yeah, he's not going to reply anytime soon, but it's good reference for other users.~
{name here}
welshsteve wrote:
{name here} wrote:
welshsteve wrote:
I had trouble with my forum like this. I use phpBB. I decided to set the "enable account activation" to Admin, and turned on the visual confirmation.
]
Most spambots can get through that thing because the visual confirmationd doesn't distort the lettering.


Yes, but they can't get through the admin bit, which requires an admin to manually activate accounts.

This works for my forum, because it is only open to people who's e-mail domains I am aware of. Any I don't recognise I can refuse, delete, ban or whatever. Smile

Well, when they're registering accounts every day in the dozen that isn't really a practical solution because your inbox is repeatedly clogged with junk.
xorcist
i think he fixed the problem though because I checked his website by looking through his posts and it looks like he deleted all the other spam users.
OutwardBound
xorcist wrote:
i think he fixed the problem though because I checked his website by looking through his posts and it looks like he deleted all the other spam users.

Well yes, I've deleted the spams A/c together with those may not be a spammer. That was a hard time for me. Before the spammers started their attack, I've got 100 active A/c, but as I've backup the forum, no one want to come back when they heard of the spammers. I have to start all the things again!
Second, I love this forum continue to talk about the spams, and suggest the FRIHOST open a new forum fighting against the Spammers & Hackers!
ywc1818
{name here} wrote:

Well, when they're registering accounts every day in the dozen that isn't really a practical solution because your inbox is repeatedly clogged with junk.

I agree with name here. The spams are so annoying and even that they sometimes register manually. If you want your forum to be open and popular, I don't think there is a way to stop these spams. Moreover, forums allover the world are fighting against them too, but I can't see any of them succeed.
OutwardBound
Right! The spammers are annoying, and I found them they're more than spams! They spams up my forum and re-direct to an adult website. The website will automatically download a suspected file(s) to your computer. I am 100% sure that is a virus Exclamation
cavey
This hack for phpBB will help you:
phpBBHacks.com - Anti Bot Question Hack

Upon registration and guestposting (if you allow that), the user must answer a question that you have made. Unless it's a mathematical or similar question, bots won't be able to answer the question, and you won't be bothered with them.

This is much better than writing text from an image. Bots can use programs to recognize text from images, even distorted ones.
{name here}
cavey wrote:
This hack for phpBB will help you:
phpBBHacks.com - Anti Bot Question Hack

Upon registration and guestposting (if you allow that), the user must answer a question that you have made. Unless it's a mathematical or similar question, bots won't be able to answer the question, and you won't be bothered with them.

This is much better than writing text from an image. Bots can use programs to recognize text from images, even distorted ones.

I did a few nasty little tricks with undistorted with text from an image for osFree's MyVIPCode system when registering:
1. I inserted it several fields higher
2. I inserted the directions on the image
3. The real verification code was a combination of letters and numbers spelled out rather than just inserted onto it.
No spammer can get through that unless a human is registering an account.
Heart Ticket
OutwardBound wrote:
Dear guys, there are lots of spams in my forum these days, all of them promoting the adult website Sad . Although I need email configuration before establishing the accounts, the spammers just open hundreds of them (seems to be automatic, no one can open accounts arround the clock!). Deleting & banning these spammers just cost me a lot of time! Evil or Very Mad
Annoying spammers Evil or Very Mad Mad !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Can anyone of you suggest a QUICK way banning them?


Its a bit drastic way of doing it but shut down your forum lol!
No real way of banning spammers quick as far as i know, sorry.

James
pyapplico
Try banning their I.P addresses from your site.
aningbo
if the ip address is of LAN then be ready to lost a lot of users from the area. Laughing
cavey
There is no use banning their IP-addresses. Next time they visit, its from another IP-address. Does not even have to be from the same country.
rafifaisal
Put your preferences on "activation by Administrator"
This way the admin of the forum will receive a mail, saying that a new user account has been created. Unitill you have activated this account the user/spammer will not be able to post anything.

Now you can see at his profile first before activating it.

Secondly put all your forums on private. No public posting available. Only registered users can post.

In your registering page, put the humanizer hack. This hack asks a simple questions to the user like " are you human?" This also stops a lot of spammers.

Last but not least, keep your forum up to date to the latest version.Most of the updates are security linked so very important to do it.

Good luck and let us know what worked best for your site
regards
cavey wrote:
There is no use banning their IP-addresses. Next time they visit, its from another IP-address. Does not even have to be from the same country.

Right! IP address is changing all the time, in every minute and every second. No hackers will be too stupid to use a fixed IP address!
It is really non-efficient and non-effective for us with simple computering knowledge to fight against the hackers. People want their websites to be famous & open to public, possible for visitors to response, and prevent the hackers at the same time! Wouldn't this be possible? No, unless money is spent for the security of the website. Google have their own team to manage hackers, and so do Yahoo!. The FBI have a special team of experts to fight against hackers and virues spreading throughout the Internet. These just proves money have to be spent on security like the real world. There is no charity in the world to help you fight against hackers, if so, I'd like to hear from it. The simpliest way to fight against hackers is to set up a firewall in your host, to filter the commands to clients. Frequent monitoring of your website is also as important. You won't lose your website to hackers if you cares it, and provides securities to it.

Wink Regards
coreymanshack
what you can do is this... directions in image....

Directions: Put the first 4 numbers of this captcha in the first box such as one=1 two=2 and so on. The last after the numbers will be 5 letters and two numbers, these will be in regular format such as... asdf123=asdf123.

captcha

box1

box2

I think that would hurt any bot or any person making a custom bot for that site.
KMKM
You can also try and create a short gateway, which will require human clickings. Like make three links to rotate their order, and make one of them take the user to the desired page and two of them to google ( Razz I know you are doing google a favour )



Regards,
~KMKM
the Civilian
Make sure that new registrations need to validate their e-mail address, and other security measures your forum has.

Another suggestion; you can try using Askimet, although I'm not particularaly sure if you can use that on forums yet...
panic15
Turn on the admin validation option, and the image comformation.

If its a free website that really has no significance on the web no one will care, no one will develop or go hunting for a workaround to that.
rafifaisal
panic15 wrote:
Turn on the admin validation option, and the image comformation.

If its a free website that really has no significance on the web no one will care, no one will develop or go hunting for a workaround to that.


Well if you turn on the admin validation option your forum will stay clear of all spam posting BUT your mail inbox will get flooded.
This does not realy solve the issue.
First of all you have to delete all the messages that a new account has been opened on your forum. Secondly you still have to delete all the spam accounts from your forum as they show in the memberslist.

I suggest to go for the anti spam modification. There are a lot of good ones.
have a look at following link Anti spambots mods
regards
Quote:
I suggest to go for the anti spam modification. There are a lot of good ones.
have a look at following link Anti spambots mods

I've take a look of it. Really good stuff, I think. But apart from that, do you think a humanizer help?
I've install the humanizer mode for several weeks,though not large amount of spammers appear, there are still some rubish account registered. I can't tell if it is spammers now, as they write some posts but also some advertisement. Again, do you think a humanizer help?

With thanks,
Wink Regards
Related topics
Reply to topic    Frihost Forum Index -> Webmaster and Internet -> Design Tips

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.