homepage Welcome to WebmasterWorld Guest from 54.196.24.103
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe and Support WebmasterWorld
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
Simple Machines Forum: How to Stop Spam/Spam-Bots?
Invasion on a new forum...
ThatsBoBo




msg:4432559
 1:41 pm on Mar 23, 2012 (gmt 0)

Hello everyone,

As I mentioned in another thread, I launched a small forum for one of my more popular sites.

Visitors have started to register and I do have legit threads going, but the invasion has begun!

Not aliens, not foreign nations, but spammers and spam-bots!

I check the boards every few hours and delete spam posts and delete spam accounts.

I have it set up to where a new user must confirm via an email. I see lots of mods for security. Any recommendations on which to use, or what to do to try and fight the spam invasion?

Thanks,

 

enigma1




msg:4433060
 7:44 pm on Mar 24, 2012 (gmt 0)

You would have to put some code to rule out the bot factor at least. Both for account registration and post submission. It will ease moderation.

Some basic ways are by using js, session renew and button click verifications so the forms are submitted only by a human. And there are way even with CSS to protect the forms like using a number of invisible buttons surrounding the form one of which is visible and active. Bots cannot tell the difference and automated submission will fail.

For the manual spam submission you could have some code to make any hard link posted into a js wrapper (spiders could not see) so spammers have no incentive messing with your forum.

thecoalman




msg:4433545
 3:06 pm on Mar 26, 2012 (gmt 0)

This is what I'm using, note this is for phpBB and has specific code for phpBB. For example the function get_remote_file is phpBB function. I didn't write it and I got it from this mod. You'd have to modify it and find where you would place it:

[lithiumstudios.org...]




if (!function_exists('get_remote_file'))
{
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
}

$stop_forum_spam_urls = array(
//'api?username=' . urlencode($data['username']),
//'api?email=' . urlencode($data['email']),
'api?ip=' . $user->ip,
);

foreach ($stop_forum_spam_urls as $url)
{
$errstr = $errno = '';
$file = get_remote_file('stopforumspam.com', '', $url, $errstr, $errno);

if ($file !== false)
{
$file = str_replace("\r\n", "\n", $file);
$file = explode("\n", $file);

$appears = $frequency = false;
foreach ($file as $line)
{
if (strpos($line, '') !== false && strpos($line, '') !== false)
{
$start = strpos($line, '') + 9;
$end = strpos($line, '') - $start;
$appears = (substr($line, $start, $end) == 'yes') ? true : false;
}
else if (strpos($line, '') !== false && strpos($line, '') !== false)
{
$start = strpos($line, '') + 11;
$end = strpos($line, '') - $start;
$frequency = (int) substr($line, $start, $end);
}
}

if ($appears && $frequency >= 3)
{
$message = $user->lang['ACCOUNT_INACTIVE'];
$message = $message . '' . sprintf($user->lang['RETURN_INDEX'], '', '');
trigger_error($message);
}
}
}



This will check the stopforumspam databas. In this case it's only checking for the IP but you can uncomment the lines for email and username.

In this line you would set the threshold for how frequently the name appears.

($appears && $frequency >= 3)


For phpBB users you in includes/ucp/ucp_regitration.php find:

// Register user...
$user_id = user_add($user_row, $cp_data);


and add the code before it. When a registration that is listed in the database is found the registration will appear to go through but they are never actually added as member and the activation email is never sent.

ThatsBoBo




msg:4433980
 4:43 pm on Mar 27, 2012 (gmt 0)

When you guys find a spammer or spam-bot account, do you "ban" then or delete their account?

Thanks,

thecoalman




msg:4434270
 6:39 am on Mar 28, 2012 (gmt 0)

I don't delete anything because I want records, spam posts go to the "trash" which is a hidden forum. For example if a moderator bans someone for spamming I can always go back and look if I get a complaint and unban if necessary.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved