Send SpamBots to Purgatory!

[Malenfant]

*shrug* I don't know... a few of the most recent registered users seem a bit fishy. Websites with a .ru address.

Yeah, stroitelis, vafel, and AlexeyStphov seem a bit suspicious.

[Adirondack]

*shrug* I don't know... a few of the most recent registered users seem a bit fishy. Websites with a .ru address.

Do we have to put down our glasses?
The TLD do not have to mean anything (we have some real users from Russia here).
If this is a spam-user, maybe this is a real spammer and no robot (or a very new mutation that knows the fix)?

Adirondack

[t00fri]

...I'll upgrade phpBB, but image confirmation is already turned on for the Celestia forums, and the spambots seem to have no trouble defeating it. But maybe phpBB 2.0.20 has an improved version?

--Chris

Not really, I fear.
But there is a way to fix it by modifying three files.
I will send you a PM with more information.

Adirondack

Since I modified the forum's php scripts as described in that fix, I've seen no spambots register. In fact I haven't seen any new users register except for the test user I created. Let's hold off on the victory drinks until another non-spambot user registers.

--Chris

Unfortunatley, the new Russian user stroitelis
http://www.celestiaproject.net/forum/profile.p ... ile&u=5223
is presumably a spammer. Whether he/she is a BOT, I don't know.

How about a glass of warm milk ?

Bye Fridger

[Adirondack]

Code: Select all

How about a glass of warm milk  ?

Okay, I will do that to your health!

@ Chris:
I will send you another PM to fix the fix a little bit more.
Then let's see if this helps...

Adirondack

[chris]

Code: Select all

How about a glass of warm milk  ?

Okay, I will do that to your health!

@ Chris:
I will send you another PM to fix the fix a little bit more.
Then let's see if this helps...

Adirondack

I think the problem is that smart bots can request the registration page and parse it to find which the right string to send--changing the value of string again probably won't help. I have some other ideas however.

I modified the memberlist query to ignore inactive users, so the ones that haven't been approved won't show up. I think I'll go a step further and make it omit all users with one or fewer posts.

--Chris

[Bluespace]

just a low poster here after a long time, and trying to catch up with the forum

I think hiding the memeber list for guests will be good, just beause the spammers, need therr website to be viewed by , users who looks at the memberlist (what i did in my forum, because of the spammers was i banned viewing memeber list and also put a category for them , "Spammers Paradise) maybe not a wise thing to do

the more and more usage of phpbb forum is really making this like Microsoft OS, there's so many vulnerabilities, and site defacements and spamming is now more common, and easy to do!

i find http://www.phpbbhacks.com to be a really great source for patching up the forum using security mods, eventhough some of it is time cosuming,

security section http://www.phpbbhacks.com/category/10/

we can put options

like

letter case sensing
word identification for registering and to do first post
spam website filter
hide users who are not active
delete users with low post if they are not active for a certain time
complete security mods
all of this will be avialable as mods,

etc. etc , i'll look at more options to suit the need, only problem is that someone should get forum admin right, (if chris hasn't got time) and have to spend so many times, adding and deleting the lines to the original phpbb files

omitting user with 1 or 2 posts requires care with the date function, cause if its done without date function, the new members will also be deleted, sorry i know you peoles already know that, but just