Welcome to WebmasterWorld Guest from

Forum Moderators: rogerd

Message Too Old, No Replies

2006, a spam odyssey

open the spam bay doors, HAL



6:16 pm on Aug 10, 2006 (gmt 0)

10+ Year Member

My little forum is 19 months old. Thanks to a couple popular pieces of linkbait and judicious use of internal links, I've gotten a solid PR for a small forum and am currently getting substantial referrals from search engines for a wide variety of queries. All is well with the engines.

My reward for this modest success is an steady stream of spam account signups. I have email activation enabled for account signups, and very few of them complete this successfully (say 1 in 10), so I figured this was a script that kept track of throwaway free email addresses and automated account signups. My presumptions were supported I thought by account signups coming from a cluster of IP addresses that belongs to servers at a large hosting company known for cheap dedicated servers. They also used a few telltale domains in their throwaway emails, akaing them easy to spot.

At this point in my quest, I figured that I was needing countermeasures against scripted signups. So the low-hanging fruit was to alter the URL that is associated with signups, so that a script that searches for targets and automates submissions with a hard-coded URL particular to a certain forum software would break (due to intentioanl violation of its assumptions).

So a quick bit of PHP hackery ensued, and I sat back to watch the results. No change. I had previously disallowed the signup page in robots.txt, and was highly confident that page was not indexed by the major engines. So it was not a cached version of the script either.

My conclusion: humans, probably assisted by scripts, are signing up to my forum with the express intent to post spam.

If it's happening to me, it is almost certainly happening to you. I am in no way a high-value target. I get a paltry few thousand page views a day. My topic is a narrow niche, and hte spam is entirely off-topic, consisting of the usual porn, pills, and casinos fare.

I post not seeking tech help (I am formulating further technical countermeasures, and I'll share once I have some sense of their effectiveness), but seeking the benefit of the community's collective experience. I'd like to understand the problem better to fight it more effectively. (Nods to IncrediBILL.)

My questions for the esteemed forum103 audience:
1) Is this happening on your boards? (Maybe at a level beneath your awareness)
2) Did you take countermeasures?
3) Are the countermeasures effective?

Fun metric: my last 50 signups comprised a minimum of 45 spammers. 90% bogus signups since the beginning of the month. One account has not conclusively proven genuine, so I call 90% a conservative estimate. Anyone else got it this bad?


2:29 am on Aug 11, 2006 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member

90% bogus sounds very high. Are you doing image verification during the registration process?


2:44 am on Aug 11, 2006 (gmt 0)

10+ Year Member

Nope, just requiring email validation. I didn't want to make it too difficult to join. I'm now 100% convinced that CAPTCHA won't matter since it's humans doing the registration. The spammers mostly can't close the loop before I nuke the account. I just want better automation, and I want to make sure I'm solving the right problem here.


3:06 pm on Aug 13, 2006 (gmt 0)

10+ Year Member

Bound to be lots of ways to automatically filter out the scum spammers. How about banning that block of IPs for those problem servers you mention, or better still just pretend to sign them up but don't actually do it.

I've been considering a few measures for my own messageboard system, and also for a friends PHPBB. Spammers want to post links, where as normal people will post real messages.

Of late I've seen the following.
1) obscene (and badly spelled) rubbish message with a single link.
2) a member with a url in and 'dating' as interests (the idea is search engine finds the member list).
3) Long posts with dozens or even hundreds of spam urls in one post! Typically posted a a reply to an existing thread.

Deal with 2 and 3, you can manually ban #1 without too much effort.

Ban/moderate anyone posting more than say 5 links that aren't images. Remove the urls from interests or hide the members list.


9:23 pm on Aug 13, 2006 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member

I'd probably turn on image verification (if that's an option) just to see if it cuts the flow of spammers at all. That's a LOT of human spammers who seem to be working for very little gain (since you neutralize them quickly anyway).


9:59 am on Aug 17, 2006 (gmt 0)

10+ Year Member

I agree with the whole image verification thing...my forum was absolutely hammered by spam, etc, before I took over and enabled the image verification, amongst other things - now, 2 weeks on, I've only had one spam account created. Hurray!

You may think I've cracked the spamming issue - trust me, I haven't - this is the advantage of having a TINY forum where it wasn't long ago when I could count the number of members on one hand!


9:43 am on Aug 18, 2006 (gmt 0)

10+ Year Member

I had previously disallowed the signup page in robots.txt, and was highly confident that page was not indexed by the major engines. So it was not a cached version of the script either.

linear: I didn't find it clear from the original post but have you changed the URL of the signup form or the URL to which the signup form submits? Or are they one and the same?


12:47 am on Aug 20, 2006 (gmt 0)

10+ Year Member

I changed both of these.


11:33 pm on Aug 23, 2006 (gmt 0)

10+ Year Member

Image verification cut my spam down a lot, but like you I still have some problems with humans signing up... I guess you just have to delete them? Or have board moderators help you keep the spam under control?

Featured Threads

Hot Threads This Week

Hot Threads This Month