homepage Welcome to WebmasterWorld Guest from 54.146.190.193
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
2006, a spam odyssey
open the spam bay doors, HAL
linear

10+ Year Member



 
Msg#: 3041578 posted 6:16 pm on Aug 10, 2006 (gmt 0)

My little forum is 19 months old. Thanks to a couple popular pieces of linkbait and judicious use of internal links, I've gotten a solid PR for a small forum and am currently getting substantial referrals from search engines for a wide variety of queries. All is well with the engines.

My reward for this modest success is an steady stream of spam account signups. I have email activation enabled for account signups, and very few of them complete this successfully (say 1 in 10), so I figured this was a script that kept track of throwaway free email addresses and automated account signups. My presumptions were supported I thought by account signups coming from a cluster of IP addresses that belongs to servers at a large hosting company known for cheap dedicated servers. They also used a few telltale domains in their throwaway emails, akaing them easy to spot.

At this point in my quest, I figured that I was needing countermeasures against scripted signups. So the low-hanging fruit was to alter the URL that is associated with signups, so that a script that searches for targets and automates submissions with a hard-coded URL particular to a certain forum software would break (due to intentioanl violation of its assumptions).

So a quick bit of PHP hackery ensued, and I sat back to watch the results. No change. I had previously disallowed the signup page in robots.txt, and was highly confident that page was not indexed by the major engines. So it was not a cached version of the script either.

My conclusion: humans, probably assisted by scripts, are signing up to my forum with the express intent to post spam.

If it's happening to me, it is almost certainly happening to you. I am in no way a high-value target. I get a paltry few thousand page views a day. My topic is a narrow niche, and hte spam is entirely off-topic, consisting of the usual porn, pills, and casinos fare.

I post not seeking tech help (I am formulating further technical countermeasures, and I'll share once I have some sense of their effectiveness), but seeking the benefit of the community's collective experience. I'd like to understand the problem better to fight it more effectively. (Nods to IncrediBILL.)

My questions for the esteemed forum103 audience:
1) Is this happening on your boards? (Maybe at a level beneath your awareness)
2) Did you take countermeasures?
3) Are the countermeasures effective?

Fun metric: my last 50 signups comprised a minimum of 45 spammers. 90% bogus signups since the beginning of the month. One account has not conclusively proven genuine, so I call 90% a conservative estimate. Anyone else got it this bad?

 

rogerd

WebmasterWorld Administrator rogerd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3041578 posted 2:29 am on Aug 11, 2006 (gmt 0)

90% bogus sounds very high. Are you doing image verification during the registration process?

linear

10+ Year Member



 
Msg#: 3041578 posted 2:44 am on Aug 11, 2006 (gmt 0)

Nope, just requiring email validation. I didn't want to make it too difficult to join. I'm now 100% convinced that CAPTCHA won't matter since it's humans doing the registration. The spammers mostly can't close the loop before I nuke the account. I just want better automation, and I want to make sure I'm solving the right problem here.

fabricator

5+ Year Member



 
Msg#: 3041578 posted 3:06 pm on Aug 13, 2006 (gmt 0)

Bound to be lots of ways to automatically filter out the scum spammers. How about banning that block of IPs for those problem servers you mention, or better still just pretend to sign them up but don't actually do it.

I've been considering a few measures for my own messageboard system, and also for a friends PHPBB. Spammers want to post links, where as normal people will post real messages.

Of late I've seen the following.
1) obscene (and badly spelled) rubbish message with a single link.
2) a member with a url in and 'dating' as interests (the idea is search engine finds the member list).
3) Long posts with dozens or even hundreds of spam urls in one post! Typically posted a a reply to an existing thread.

Deal with 2 and 3, you can manually ban #1 without too much effort.

Ban/moderate anyone posting more than say 5 links that aren't images. Remove the urls from interests or hide the members list.

rogerd

WebmasterWorld Administrator rogerd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3041578 posted 9:23 pm on Aug 13, 2006 (gmt 0)

I'd probably turn on image verification (if that's an option) just to see if it cuts the flow of spammers at all. That's a LOT of human spammers who seem to be working for very little gain (since you neutralize them quickly anyway).

bhonda

5+ Year Member



 
Msg#: 3041578 posted 9:59 am on Aug 17, 2006 (gmt 0)

I agree with the whole image verification thing...my forum was absolutely hammered by spam, etc, before I took over and enabled the image verification, amongst other things - now, 2 weeks on, I've only had one spam account created. Hurray!

You may think I've cracked the spamming issue - trust me, I haven't - this is the advantage of having a TINY forum where it wasn't long ago when I could count the number of members on one hand!

adamas

10+ Year Member



 
Msg#: 3041578 posted 9:43 am on Aug 18, 2006 (gmt 0)

I had previously disallowed the signup page in robots.txt, and was highly confident that page was not indexed by the major engines. So it was not a cached version of the script either.

linear: I didn't find it clear from the original post but have you changed the URL of the signup form or the URL to which the signup form submits? Or are they one and the same?

linear

10+ Year Member



 
Msg#: 3041578 posted 12:47 am on Aug 20, 2006 (gmt 0)

I changed both of these.

uhwebs

5+ Year Member



 
Msg#: 3041578 posted 11:33 pm on Aug 23, 2006 (gmt 0)


Image verification cut my spam down a lot, but like you I still have some problems with humans signing up... I guess you just have to delete them? Or have board moderators help you keep the spam under control?

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved