Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: rogerd
I have this one person (who I delete every day) sign up under 5-6 different user names...the funny thing is that there is no way I contact him/her because the e-mail keeps bouncing back...
The websites he promotes are affiliate scum sites w/ no contact option as well...
So frustrated, I wish I had hacking skills...well just getting things off my chest.
But the funny thing is, is that (unless I'm mistaken) a link doesn't count in Google when it is an image link right? And the profile in phpbb forums have a WWW button for a person's website. So essentially, this nimrod is wasting both his time as well as mine.
If the swear filter won't work, it would probably be a simple hack to look for your spammer's domain(s) and replace them with some other text.
We finally beat the whole problem by doing two things:
1. Guest posting got completely eliminated (eventually)
2. We used a phpBB hack so that you have to type in one of thos graphically rendered codes before creating an account. This effectively eliminated Bot sign-ups, which is most likely what's happening to you.
And as for BBS urls and SERPS, who knows? The board it happened to with me has a main page PR5, and many of the inner pages float between PR3 to PR4, so having your URL show up on those pages might do it some good. In theory, Google and other engines screen against this. But In Theory, Google and other Engines do a lot of things that in practice we know they don't.
For example; www.randombluewidgets.com
Filter mblu to come out as ****. Chances of someone else saying something with those 4 letters.....
Never tried it with PhPbb - I guess it will work. :)
EDIT: Hmm how I missed Roger's post I do not know! Just ignore me! :P
I also placed the memberslist page in my banned pages on robots.txt to make sure no bad site penalty might hit me before I deleted the member.
PHPBB has a pretty serious bug in it that allows a user to signup, with email confirmation, and adds the user profile to the members page even if they don't finish the email confirmation.
To actually stop this you have to go in and change the www field name in the form, change it in the programming of the site, then the bot won't know what to look for I think, and also delete the www field.
This is definitely a should fix for phpbb at least, members shouldn't be listed until after the email confirm is processed.
google follows image based links fine, it just doesn't give you the link text value you normally gets.
most of the first ones I got were russians, this is obviously a sleazy SEO outfit, link builder campaigns, the best thing you can do is ban members page from search engine spiders, if enough people do that, it won't be worth their while to even set up the automated process.
1. It's standard SEO junk, link building. This is taken care of by the robots.txt in terms of possible bad neighborhood penalties.
2. This one is much worse, I believe that some of the sites being linked to are in fact malicious websites, designed to install malware on visitors pcs. So the idea is to add these websites to the memberlist pages, and have people click on the links to check them out.
The spamming I'm seeing falls about 50-50% into category 1 or 2. My suspicion is that lists of phpbb and other boards are being bought and sold just like spam email lists are being bought and sold.
I'm not running phpbb 2.0.10, so I don't know if the bug with adding a user before email confirmation happens has been fixed yet, can anyone confirm this, if it hasn't this issue needs to be addressed by the phpbb community fairly soon, this is a potentially serious problem.
I could obviously solve it by simply changing the field name and then do a mod on the programming, I'll also see if I can find where if the IP's are related, but I really hate going through logfiles to find the IP, another option is to add a mod that will email me the user IP address when they sign up, not too complex I think to do, but a pain.
joined:Apr 22, 2004
Ban the IP for good measure. Also I wrote a mod to check reverse dns black hole lists of open proxies and block users. If you would like it sticky me.