Send SpamBots to Purgatory!

The only place for all Non Celestia Discussion/Stuff
Malenfant
Posts: 1412
Joined: 24.08.2005
With us: 19 years 3 months

Post #81by Malenfant » 16.05.2006, 13:43

Johaen wrote:*shrug* I don't know... a few of the most recent registered users seem a bit fishy. Websites with a .ru address.


Yeah, stroitelis, vafel, and AlexeyStphov seem a bit suspicious.
My Celestia page: Spica system, planetary magnitudes script, updated demo.cel, Quad system

Avatar
Adirondack M
Posts: 528
Joined: 01.03.2004
With us: 20 years 8 months

Post #82by Adirondack » 16.05.2006, 13:51

Johaen wrote:*shrug* I don't know... a few of the most recent registered users seem a bit fishy. Websites with a .ru address.
Do we have to put down our glasses?
The TLD do not have to mean anything (we have some real users from Russia here).
If this is a spam-user, maybe this is a real spammer and no robot (or a very new mutation that knows the fix)?

Adirondack
We all live under the same sky, but we do not have the same horizon. (K. Adenauer)
The horizon of some people is a circle with the radius zero - and they call it their point of view. (A. Einstein)

Avatar
t00fri
Developer
Posts: 8772
Joined: 29.03.2002
Age: 22
With us: 22 years 8 months
Location: Hamburg, Germany

Post #83by t00fri » 16.05.2006, 14:32

chris wrote:
Adirondack wrote:
chris wrote:...I'll upgrade phpBB, but image confirmation is already turned on for the Celestia forums, and the spambots seem to have no trouble defeating it. But maybe phpBB 2.0.20 has an improved version?

--Chris

Not really, I fear.
But there is a way to fix it by modifying three files.
I will send you a PM with more information.

Adirondack

Since I modified the forum's php scripts as described in that fix, I've seen no spambots register. In fact I haven't seen any new users register except for the test user I created. Let's hold off on the victory drinks until another non-spambot user registers.

--Chris


Unfortunatley, the new Russian user stroitelis
http://www.celestiaproject.net/forum/profile.p ... ile&u=5223
is presumably a spammer. Whether he/she is a BOT, I don't know.

How about a glass of warm milk ;-) ?

Bye Fridger
Image

Avatar
Adirondack M
Posts: 528
Joined: 01.03.2004
With us: 20 years 8 months

Post #84by Adirondack » 16.05.2006, 15:32

Code: Select all

How about a glass of warm milk  ?
Okay, I will do that to your health! :wink:

@ Chris:
I will send you another PM to fix the fix a little bit more.
Then let's see if this helps...

Adirondack
We all live under the same sky, but we do not have the same horizon. (K. Adenauer)

The horizon of some people is a circle with the radius zero - and they call it their point of view. (A. Einstein)

chris
Site Admin
Posts: 4211
Joined: 28.01.2002
With us: 22 years 10 months
Location: Seattle, Washington, USA

Post #85by chris » 16.05.2006, 21:10

Adirondack wrote:

Code: Select all

How about a glass of warm milk  ?
Okay, I will do that to your health! :wink:

@ Chris:
I will send you another PM to fix the fix a little bit more.
Then let's see if this helps...

Adirondack


I think the problem is that smart bots can request the registration page and parse it to find which the right string to send--changing the value of string again probably won't help. I have some other ideas however.

I modified the memberlist query to ignore inactive users, so the ones that haven't been approved won't show up. I think I'll go a step further and make it omit all users with one or fewer posts.

--Chris

Bluespace
Posts: 75
Joined: 19.09.2005
With us: 19 years 2 months
Location: Cosmos - MilkyWay- Solar System- Earth- Asia- India- Kerala- Kochi (All Aliens R Invited)

Post #86by Bluespace » 17.05.2006, 10:00

just a low poster here :) after a long time, and trying to catch up with the forum

I think hiding the memeber list for guests will be good, just beause the spammers, need therr website to be viewed by , users who looks at the memberlist (what i did in my forum, because of the spammers was i banned viewing memeber list and also put a category for them , "Spammers Paradise) maybe not a wise thing to do

the more and more usage of phpbb forum is really making this like Microsoft OS, there's so many vulnerabilities, and site defacements and spamming is now more common, and easy to do!

i find http://www.phpbbhacks.com to be a really great source for patching up the forum using security mods, eventhough some of it is time cosuming,

security section http://www.phpbbhacks.com/category/10/

we can put options

like

letter case sensing
word identification for registering and to do first post
spam website filter
hide users who are not active
delete users with low post if they are not active for a certain time
complete security mods
all of this will be avialable as mods,

etc. etc , i'll look at more options to suit the need, only problem is that someone should get forum admin right, (if chris hasn't got time) and have to spend so many times, adding and deleting the lines to the original phpbb files

omitting user with 1 or 2 posts requires care with the date function, cause if its done without date function, the new members will also be deleted, sorry i know you peoles already know that, but just :)


Return to “Petit Bistro Entropy”