FRIHOSTFORUMSSEARCHFAQTOSBLOGSCOMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Spammers on FriHost





Possum
Hi

I have my own phpBB forum. I get people who join for no other reason than to promote products that fortunately I don't need. In other words, Spammers.

I delete them of course. Do the FriHost forums webmasters have similar problems.

If so how many do you get.

What method do you use to delete or ban them..

Cheers possum..
Azmo
alot of those are bots registrating and spam posting, set the option so you have to do the "type the letters u see in the box" when u register, and that you must confirm your email, that removes some of the spam atleast.. and IP ban everyone.. should get rid of some spammers atleast..

but I don't know what frihost does to keep their forum so nice and clean tho.. impressive work Smile
ninjakannon
I have this problem on my forum too, Possum.

It's a real nuisance, especially as I have got a 'type the letters you see in the box' thing on my registration form and you have to activate your account by email before posting. What also baffles me is how the posts appear in the correct forum - first they posted in the 'Advertise Your Website' forum and now (as I've locked that) they post it in another relevant forum. This leads me to believe that they are not bots, unless they are amazingly clever bots.

I ban the domain names they sign up with, unless it's from Hotmail or something similar. But I can't work out how to IP ban people.
friuser
Have any of you looked into the http:bl (honeypot) , akismet, and bad behavior mods for whatever cms/forum you are using? I think they are pretty awesome and work insanely wel.
Bondings
Rename the url of the registration page. Use a different catchpa than the default one. Block email addresses like mail.ru that are mostly used for spam. Also the user agent and referrer string can help to block the bots.

Most of the spam is automated to semi-automated. Some are completely manual and those are very hard to avoid.

By the way, I had to implement a few harsh mod_security rules on server 2 to prevent all the hacking attempts. Those are blocking a lot of spam too (and probably a lot of legitimate accesses, but I had no choice).
babumuchhala
Well while I had my forum, had removed the WWW link from the member list and profile view, which is where the bots are supposed to pick up the links of their sites.

Plus all the steps Bondings has mentioned are the best, plus check out frihost logged out and u don't even get to see a single damned link, so that's a big disappointment 4 d spammers
Bondings
babumuchhala wrote:
Well while I had my forum, had removed the WWW link from the member list and profile view, which is where the bots are supposed to pick up the links of their sites.

Plus all the steps Bondings has mentioned are the best, plus check out frihost logged out and u don't even get to see a single damned link, so that's a big disappointment 4 d spammers

The problem is that removing the links won't stop the spammers. It will only prevent the links from being seen/followed, especially by the search engines.
Possum
Hi

I use the Starfoxtj mod to delete spammers.

Also new members must fill out Graphics numbers by hand. So its almost under control..

I guess we all are in the same boat..

Good advice to block mail.ru

cheers Possum..
Agent ME
Get the Textual Confirmation mod and the auto-remove-user-mod-for-unactivated-users (can't remember URL).
Bondings
I forgot to mention a few useful links to prevent spam on phpbb forums.

http://www.phpbb.com/community/viewtopic.php?t=393503
http://www.phpbb.com/community/viewtopic.php?t=427852
soulman
Quote:
I forgot to mention a few useful links to prevent spam on phpbb forums.

http://www.phpbb.com/community/viewtopic.php?t=393503
http://www.phpbb.com/community/viewtopic.php?t=427852


ah, this is really usefull... I hate the spammers too.
Josso
I've been fighting a constant battle against spambots since the huge explosion of them in 2006. BB2 users will notice this a lot more than others I think...

1. Install a free CAPTCHA mod
2. Also install a humanizer mod for extra protection
3. If it's not already, turn activation by email on
tefa_taftaf2010
Bondings wrote:
Rename the url of the registration page. Use a different catchpa than the default one. Block email addresses like mail.ru that are mostly used for spam. Also the user agent and referrer string can help to block the bots.



it's agood way and will reduce this problem

i'll try to do it in my site

thanks for this idea Wink Wink Wink
desertwind
Bondings wrote:
Rename the url of the registration page. Use a different catchpa than the default one. Block email addresses like mail.ru that are mostly used for spam. Also the user agent and referrer string can help to block the bots.

Most of the spam is automated to semi-automated. Some are completely manual and those are very hard to avoid.

By the way, I had to implement a few harsh mod_security rules on server 2 to prevent all the hacking attempts. Those are blocking a lot of spam too (and probably a lot of legitimate accesses, but I had no choice).


Thanks for the tips from guru.Wink
bulek
I also had such problems, there were many robots who were writing spam messages to public side of forum. After installation of Captcha mod, I got rid of them and since then, I have no problems with spam messages. You should really try this.
Blaster
http://www.phpbb.com/community/viewtopic.php?t=427852

we used that on our forums and it seemed to stop spam a lot. I know what your talking about. Just be careful because some are viruses and all.
Kadmium
There are lots of ways to prevent the spamming. Require everyone to register, and upon registration, let them answer a randomly selected question (from a database), like «What day comes after monday?» or «What's the color of milk?» or any other question. And you have to ban the IP's, and maybe keep a log of the banned IP's, to see if there's a pattern, and maybe you have to take to drastic measures, and ban an IP-range. The point is that there's a lot of creative ways to prevent bots spamming down your entire forum. Good luck!
Blaster
Kadmium wrote:
There are lots of ways to prevent the spamming. Require everyone to register, and upon registration, let them answer a randomly selected question (from a database), like «What day comes after monday?» or «What's the color of milk?» or any other question. And you have to ban the IP's, and maybe keep a log of the banned IP's, to see if there's a pattern, and maybe you have to take to drastic measures, and ban an IP-range. The point is that there's a lot of creative ways to prevent bots spamming down your entire forum. Good luck!

The mod i suggested above does just that. It adds a field to the registration that asks "Are You Human" and you must select that to complete the registration. It really works. It knocked our spam down by about 80 percent.
darvit
In another forum I help out at, our admin installed the Spam Words mod, and that other mod that prevented users to enter the website, hobbies and occupation fields during registration. He also did not allow anyone with less than five posts to post any URLs. Razz

It's all worked very well! I haven't seen any spam threads in ages--Okay, except for the "Hi!" ones, that look very odd. Laughing
oleszka
Possum wrote:
Hi

I have my own phpBB forum. I get people who join for no other reason than to promote products that fortunately I don't need. In other words, Spammers.

I delete them of course. Do the FriHost forums webmasters have similar problems.

If so how many do you get.

What method do you use to delete or ban them..

Cheers possum..

I think everyone who owns forum has such problem. I use mod for delete mass users. Also I disabled to put url in profile. But some of them (20%) anyway put their url... don't know how they do it... :-/
ninjakannon
Blaster wrote:
http://www.phpbb.com/community/viewtopic.php?t=427852

we used that on our forums and it seemed to stop spam a lot. I know what your talking about. Just be careful because some are viruses and all.

I believe the exact MOD you're talking about is this, unless I am mistaken.

I just installed that and it does exactly what you say it does, so I'm guessing it's the same. I just hope it's as good as yours, because even though my forum has practically become inactive now I still have to clear out the spam accounts.
justnewbie
Azmo wrote:
alot of those are bots registrating and spam posting, set the option so you have to do the "type the letters u see in the box" when u register, and that you must confirm your email, that removes some of the spam atleast.. and IP ban everyone.. should get rid of some spammers atleast..

but I don't know what frihost does to keep their forum so nice and clean tho.. impressive work Smile


Wow, great ideas.. I will try that one on my forum as well. But is there really any bots that will get through the "type the letters you see in the box"?, I wonder. Won't probably work for manual spammers I know.
ninjakannon
justnewbie wrote:
But is there really any bots that will get through the "type the letters you see in the box"?, I wonder. Won't probably work for manual spammers I know.

Well I have the 'type the letters you can see in the box' element on my forum and many bots still managed to join, and activate their accounts via email. I have no idea how they do it (well, not much of one), but the do manage it somehow.

After installing this MOD I've only had two new spam accounts, so unless this is just a natural dip in spam account creation on my forum this MOD really works! Very Happy Thanks Blaster!!
mstreet
I have to agree with the above post Textual Confirmation mod does work quite well. I don't get as many spammers as I use to.
erlendhg
Bondings wrote:
I forgot to mention a few useful links to prevent spam on phpbb forums.

http://www.phpbb.com/community/viewtopic.php?t=393503
http://www.phpbb.com/community/viewtopic.php?t=427852


I use the Spam word MOD linked to one one of those pages, on my forum.
It has stopped nearly 20,000 spam!

Still, some pass through.


ninjakannon wrote:
justnewbie wrote:
But is there really any bots that will get through the "type the letters you see in the box"?, I wonder. Won't probably work for manual spammers I know.

Well I have the 'type the letters you can see in the box' element on my forum and many bots still managed to join, and activate their accounts via email. I have no idea how they do it (well, not much of one), but the do manage it somehow.


This is also one of those things I cannot understand so clearly

On my forum, A LOT of people pass through this with their spam.
Have they really registered manually, or do the spammers have a way to crack this obstacle?

Bondings wrote:
Block email addresses like mail.ru that are mostly used for spam.


Yes, I discovered that to be one of the solutions early Razz
darrenpaul
I don't admin, but I moderate another high profile website - We also had this problem with auto-spammers, the only thing that we could do was close down email activations and let admins approve them
mathiaus
I'm working on a project called frims. For this, I have put a lot of work into keeping bots out!. I'm hoping to convert what I have into a mod which can be applied to phpBB to try to keep everyone spam free Smile

It works by providing the user with what seems like the exact same registration form though in fact it is not. To get to the registration form, you must agree to the coppa and rules through a post form (rather than get). This is ensured by testing the next page that the page has been visited by using a tracking session var. This also tracks the time to ensure the page has not been visited then the next one visited immediately. The actual registration form fields are all random, there is nothing on the page to define one field as a username field as it is completely random. This stops bots sending the registration post data straight to the server as it doesn't know what to send it as.
This page also has tracking sessions vars which monitor how long it took to fill the form out. This also stops some manual spammers who copy and paste data into the fields as this is too quick for the script to accept.

I believe if these and the other not mentioned features could be ported over, this would be a VERY popular mod download!


EDIT: Yes it's over the top, but this will work and keep on working for a good while. It saves you adding a new anti-bot mod onto your forum every six months or so.
toughtrio
I so remember those days when I had this courage to get a Forum up and running, and attracting visitors.. Yeah, those primitive (an year ago) ages used just the IP blocking and those manual code entry methods Wink

Am really surprised to see so much out there already.. This has really lighted a candle in my heart, to pursue wth a forum during the holidays.. Will really look forward to it...

Warm Regards
R2.DETARD
I have no anti spam mods installed (I've also been a bit lazy in updating phpbb) and I only get users signing up with links to moody sites. They never post. My forum is very small though, so it isn't that big of a target.
I don't know weather this is worth a new thread, but could someone explain the purpose of these users? I guarantee none of my real users are dumb enough to click on their links, so what is the point from a spammers perspective?
thanks!
ninjakannon
R2.DETARD wrote:
I don't know weather this is worth a new thread, but could someone explain the purpose of these users? I guarantee none of my real users are dumb enough to click on their links, so what is the point from a spammers perspective?
thanks!

Well some people know what the links may go to but click out of mere curiosity. I know I've done it before, just to find out what exactly what these websites are. I've found out and they're all dodgy, filled with adult content and often attempt to give you a virus / Trojan / worm of some sort. Few people click the links, but some do - usually only once. I suppose if they get links to their website on enough forums then they will get a few page visits. Furthermore, the users who are not deleted (and so still appearing on the memberlist) and/or those who's posts are left on the forum provide external links to their websites. When web crawlers find these links the 'bad' websites will have their pagerank boosted and appear higher up on searches.
squirrelmaster
Thanks for all the mod suggestions, i will try humanizer,
the mod mathiaus is making will definatly be useful. I have a suggestion to improve it, since a real person registering has to know what to put where, you would have text of "username" and so forth, now since the form fields are random the bot couldn't use those but it could work around to just use the text on the page. My suggestion is to make the text describing the fields to the user an image, much like the "type this in the box to continue".
Now that would be a VERY useful mod, as i would think only manual spammers could get through!

Anyway you guys have been much helpful and i hope i don't have to do as much manual user deletion as i have had to do Cool
ninjakannon
squirrelmaster wrote:
My suggestion is to make the text describing the fields to the user an image, much like the "type this in the box to continue".

That's a good idea, nice thought!

I also think that the 'name' and 'class' tags of each input field should have a completely random name to ensure that bots can't read this either. I don't know whether they actually do, but if they had an odd name then the bots could, I presume, find it harder to type into the text field. Although, I may be completely wrong here as I don't know how they work.
Josso
I believe all the ones I am getting now are non-automated. Well, partly non-automated. The script does everything for you in terms of login details, email verification, crawling the net but it just prompts you when you hit a CAPTCHA or something the script can't get past - that's my guess.

Anyone who has tried BB3 - has it got any anti-spam features intergrated into the default install? I really hope it does. The only reason I haven't tried that yet is because even though RC1 has been released it's still not as stable as BB2 - and probably very exploitable.
mjohnson
I hate spammers too,why they do that boring thing?I use the Discuz forum program,it is efficient for defend spammers I think.if you can understand some Chinese,you can have a try,there is English language package for foreign users and above all it is all for free,it is function is very powerful.
deanhills
Thought I would bump this thread as spamming is probably one of the greatest challenges in managing Forums. There are some really good posts in this thread and tips for dealing with spammers. Perhaps some of those who are dealing with spammers on their Forums could add updates to this thread too?
ocalhoun
Yeah... I'll add one thing.

The spam-bots have broken all the major captchas, including even recaptcha from google...
I was getting some spammers even while using that... but I changed to a question-and-answer type captcha, and haven't gotten a single spammer yet.
(Despite that being the only anti-spam measure used.)
It helps that it's a forum for fans of a show though... That way I can ask easy questions about the show and even filter out the lazier human spammers.
Related topics
Exceeded the alloted amount of posts ???
Your cpanel is http://www.danhill.frihost.net/cpanel/ .
another THATONETHING.frihost.net
Frihost banner contest
Features of FRIHOST
FriHost Spammers come out in force!
Why not have a FriHost domain hosting/registration sevice?
Frihost forum policy - harsh in all the wrong places
History of Frihost
How Does FriHost Stop Spammers
Don't waste time replying to spammers!
[COINS] Monedas y Referidos en Frihost
Recognizing Spam on FriHost
To Stop Spammers
Reply to topic    Frihost Forum Index -> General -> General Chat

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.