Welcome to WebmasterWorld Guest from 54.145.136.73

Forum Moderators: rogerd

phpBB spam registrations

they're on the increase

   
12:00 pm on May 21, 2008 (gmt 0)

10+ Year Member



Haven't posted here for a while so forgive me if this has already been covered.

I manage 3 forums using phpBB and over the last month or two the spam account registrations has gone through the roof (on all 3 boards). I have two mods installed to stop the auto-bots and URL posting but still they come.

Are there any other mods you have used to stop automated registrations? Captcha doesn't seem to work and my "no profile info" registration mod is failing also.

12:35 pm on May 21, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



What kind of captcha are you using? If it's the image captcha, it is possible that this is being broken because image captchas can be cracked. As far as I know there is a mod available for a trivia captcha.

But if you've got the more recent text one already it could be that it's being broken by people paid small amounts to fill them in, people in the third world, for instance.

Have you disabled your member list so that it's not viewable to guests, and disallowed signatures from members who haven't made many posts?

The trouble is, PhpBB is always going to be targeted for spam registrations because of its popularity. The real answer is to move your board to software that makes it easy to remove footprints such as the "powered by" text and other tell-tale signs. Once you move off the beaten track by customising software your spam problem will be greatly reduced.

2:29 pm on May 21, 2008 (gmt 0)

10+ Year Member



Its the standard phpBB captcha (latest version). The registered accounts seem to be all random letters or a name followed by random numbers so it looks like bot activity.

If it is being done by people (or bots) they don't get far as you can't post URL's until ten posts and seven days membership has been achieved. Its just irritating to have all these fake spam accounts and very time consuming to delete them all individually.

Yes, all the usual steps have been taken, memberlist gone, websites and sigs banned, "powered by" removed.

8:46 am on May 23, 2008 (gmt 0)

10+ Year Member



So there is no solution to this one then and we have to live with the spam bot accounts?
3:55 pm on May 23, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The captcha I'm suggesting isn't the standard one, it's a text one rather than an image. Look up Prime Anti-bot or Anti-Bot Question on the phpbb forums. These are optional mods that might help.
4:51 pm on May 23, 2008 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



A strong captcha in combination with a question simple for humans ("What is two plus five?") should slow down the bots.
2:04 am on May 24, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Which phpbb version are you running? To the best of my knowledge the phpbb3 GD captcha hasn't been broken yet. For that matter you can turn it up to point that it becomes unreadable as its adjustable. At some point it will become useless but at the present time it should work fine. Note that I said GD, the imagemagick option only produces the phpbb2 style image captcha which is useless.

phpbb3 does take a lot of other measures to deter the spammers, by default the memberlist, profiles and I'm pretty sure signatures are hidden from guests. So that only leaves posting as a way to get a link posted.

If you're still running phpbb2 one of the question mods should stop them dead, did for me. There's a big thread on phpbb.com with a list of all the anti-spam mods and ways to stop them.

2:52 am on May 28, 2008 (gmt 0)

10+ Year Member



Thanks for the replies, I'm on 2.0.23 and have installed a basic "authorization code" mod which has slowed them down a bit.
3:06 am on May 28, 2008 (gmt 0)

WebmasterWorld Administrator martinibuster is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Try "The Humanizer [phpbb.com]" mod, it does what rogerd suggests. Be diligent and create your own question, don't rely on the stock Q&A the mod comes with, as even the mod creators suggest you change it. It's very easy to implement, took me about fifteen minutes to do.

Good luck.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month