Code Examples

Russ · 2008-01-10 9:24 pm

Here's a little details on what I've been doing to automagically detect and report spammers. I do some mods on the registration page to detect first, by including some hidden form elements. They're usually hidden by HTML comments. This ensures they won't be seen in visual browsers but a dumb spambot that just sucks the HTML down and parses out fields can't tell the difference.

This is all done on PunBB, but it would be similar with other board software.

So in the HTML section of register.php I include this inside an HTML comment.

<!-- Spam control
<div class="inform">
    <fieldset class="profile-extra">
        <legend>Profile Info</legend>
        <div class="infldset">
        <label><strong>Real name</strong><br />
        <input type="text" name="realname" size="50" maxlength="50" /><br /></label>
        <label><strong>Interests</strong><br />
        <input type="text" name="interests" size="50" maxlength="50" /><br /></label>
            <label><strong>Website</strong><br />
        <input type="text" name="website" size="50" maxlength="50" /><br /></label>

</fieldset>
</div>
            
-->

They're also things that spammers typically can't resist filling out, too, especially website.

Now, when the form is posted I added a little bit to check if these fields are filled out. If they are, I know it can't be a legit registrant.

if($_POST['realname'] != '' || $_POST['website'] != '' || $_POST['interests'] != '')
{
        
    function PostToHost($host, $path, $data_to_send) {
    $fp = fsockopen($host,80);
    fputs($fp, "POST $path HTTP/1.1\n" );
    fputs($fp, "Host: $host\n" );
    fputs($fp, "Content-type: application/x-www-form-urlencoded\n" );
    fputs($fp, "Content-length: ".strlen($data_to_send)."\n" );
    fputs($fp, "Connection: close\n\n" );
    fputs($fp, $data_to_send);
    fclose($fp);
        }

    PostToHost("www.stopforumspam.com", "/post.php", "username=" . $_POST['req_username'] . "&ip_addr=" . $_SERVER['REMOTE_ADDR'] . "&email=" . $_POST['req_email1'] . "&api_key=ZZZZZZZZZZZZZZZ");
        
    echo "bye";
    die();
}

There's a little function in there that opens up a socket connection to the site on port 80 in order to post the form, obviously my API key isn't ZZZZZ but this is just an example. After that's done, the script is killed.

This is how 100% of my entries are handled. If you feel like modifying your own boards to do the same, feel free.

the123king · 2008-04-03 6:21 pm

I've modified the Anti-Spam ACP for my forums to incorporate an easy-upload feature that inputs info coutesy of your little bit of PHP. All i have to do now is click "Report Spammers" and it sends all the entries to your database without any hassle from me

Thanks for that Russ

rtiredsarg · 2008-04-05 4:26 am

I'll need to work on adding that to my site.

Your database has been very useful, I got about 50 bad new users in the last 3 days.

Sarg

kurtcobainvn · 2008-04-06 6:48 am

Hi Rush and the123king, could you please see if you can give me some detail instruction how to make a 'button' that can automatically upload spammer details into this website data base?

Currently I have to copy and paste everything by hand. It is ok, I can overcome the tiredness to fight those moron spammers. But if there is a quicker way to do it, that would be so great.

I am using IPB forum. I know nearly nothing about coding stuffs but if you can give some easy instructions I am sure I can follow.

the123king · 2008-04-06 9:05 am

kurtcobainvn wrote:

Hi Rush and the123king, could you please see if you can give me some detail instruction how to make a 'button' that can automatically upload spammer details into this website data base?
Currently I have to copy and paste everything by hand. It is ok, I can overcome the tiredness to fight those moron spammers. But if there is a quicker way to do it, that would be so great.
I am using IPB forum. I know nearly nothing about coding stuffs but if you can give some easy instructions I am sure I can follow.

I know absolutely nothing about the code of IPB, sorry.

UK Debate · 2008-04-06 12:51 pm

Just like to thank Russ for the function.

I run SMF forum software and have just added an include to the members profile page containing the (slightly modified) function in conjunction with a form for the necessary info and made accessable to Admins only.

I chose this method because I do not allow moderators to delete accounts, only to ban members.

Again, thanks Russ.

wildfiction · 2008-08-26 6:21 am

I've just created a C# version of this, hopefully it helps someone:
http://guyellisrocks.com/coding/stop-forum-spam/

PHProgramming · 2008-09-05 11:26 am

Lol, that's a great way to detect spammers! :-)
Value less hidden fields... haha.

pedigree · 2008-09-08 8:47 pm

Russ - have you addressed the glaring bug that I emailled you about, the one that allows a user to completely bypass checking on emails when submitted to the API for testing?

Erik · 2008-09-18 3:14 pm

here's another one through PHP and cURL

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"http://www.stopforumspam.com/post.php");
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS,"username=" . $_POST['username'] . "&ip_addr=" . $_SERVER['remote_addr'] . "&email=" . $_POST['email'] . "&api_key=your_key_here");
curl_exec ($ch);
curl_close ($ch);

Notes

1)This code deals with stopforumspam.com only ...
2) be carefull with $_SERVER['remote_addr'] that you do not submit your own ip to the blacklist !!
3)this code needs the cURL extension for PHP if a phpinfo(); call mentions a cURL section you have it otherwise you don't and this code won't work.To enable cURL PHP must be recompiled with appriciate options to enable cURL

Last edited by Erik (2008-09-18 3:37 pm)

diabolic.bg · 2008-11-09 2:18 pm

Hi, Russ!
I have a question for your code in the first post. Does it work in phpBB2? I have tested many variants but it don't send nothing.
I have installed Stop Spambot Registration mod - works like your first <!-- Spam control

MOD Description: This MOD stops spambots that provide Profile Information during registration in spite of a message saying "leave the Profile Information blank". An e-mail notification will be send every time there was a spambot registration attempt.
## NOTE: the e-mail notification can easily be left out if you wish.

I remake a little your second code and place it in my usercp_register:

if($_POST['icq'] != '' || $_POST['aim'] != '' || $_POST['msn'] != '' || $_POST['yim'] != '' || $_POST['skype'] != '' || $_POST['website'] != '' || 

$_POST['location'] != '' || $_POST['occupation'] != '' || $_POST['interests'] != '' || $_POST['signature'] != '')
{
        
    function PostToHost($host, $path, $data_to_send) {
    $fp = fsockopen($host,80);
    fputs($fp, "POST $path HTTP/1.1\n" );
    fputs($fp, "Host: $host\n" );
    fputs($fp, "Content-type: application/x-www-form-urlencoded\n" );
    fputs($fp, "Content-length: ".strlen($data_to_send)."\n" );
    fputs($fp, "Connection: close\n\n" );
    fputs($fp, $data_to_send);
    fclose($fp);
        }

    PostToHost("www.stopforumspam.com", "/post.php", "username=" . $_POST['req_username'] . "&ip_addr=" . $_SERVER['REMOTE_ADDR'] . 

"&email=" . $_POST['req_email1'] . "&api_key=Here is my API");
        
//    echo "bye";
//    die();
}

I commented the last two lines because Stop Spambot Registration give similar message "Die, robot!"
I make my codes with Zend Studio 5.5 and it don't find error in code but the mod don't send nothing in your DB.
Maybe function PostToHost don't work in phpbb2 or ... I don't know.
Help me please!
Thanks in advance!

P.S. I don't want to use cURL - it works but my cURL .dlls are from version with security problems and I don't want to risk.

Last edited by diabolic.bg (2008-11-09 2:28 pm)

HarshReality · 2009-02-05 9:16 pm

OK, so without sounding ignorant.. Im using an SMF forum and plan to put an administration entry for my API key so whats the URL syntax (long form) so I can simply add a link to a profile and have it pull the data from the database?
example:
stopforumspam.com/submit.php?uname=yadda&email=yadda&ipaddress=yadda&API=mine

MysteryFCM · 2009-02-05 9:49 pm

http://temerc.com/forums/viewtopic.php?f=71&t=6180

HarshReality · 2009-02-08 4:56 am

Well, there was an SMF mod for 117 that had the switches to enable/disable. Since Im using Beta 4 I had to 'alter it' Which I got done with minimal issue.

I then went a step further and added a counter in the header for guest viewing so every time you guys flag a sh*thead the counter goes up. This way we know its effectiveness.

Today I got a little trickier and added the tracking section of the profile so it runs independent of the original mod for the purposes of checking members post registration.

What Im missing is a direct link for the purposes of submission so I can add a section to the administration area to enter your/my API information and then at the bottom of the tracking page have a submission button (not viewable if its your own profile obviously or a moderator).

IF they are of interest and Im sure the code COULD be cleaner..

Never the mind.. I use the submit form and load the variables from the profile.

Last edited by HarshReality (2009-02-08 5:13 am)

kpatz · 2009-02-08 3:32 pm

I like the hidden field idea.

Some things I would add to it:

1. Make one hidden field inside a comment, and another that's not in a comment, but hidden using CSS (display: none). That way if a bot is smart enough to bypass comments, the CSS hidden field will get them.

2. Make one of the hidden fields "username" and/or "email" (whatever your forum calls them), and give the real username/email fields different names. You'll have to change the code in the forum's registration page to check the correct fields for legit registrations, but a bot will always look for "username" and "email" and submit to those. A bonus, if you see those two fields populated, you can submit them directly to SFS.

3. Optional, but a good thing to have: add some kind of logging to the registration page. Have it log successful registrations, as well as rejects due to the hidden fields being populated, hits on SFS, captcha failures, etc. That way you can see how many numbskulls are trying to get in, and what techniques are most effective at stopping bots and numbskulls.

4. (For advanced coders) Have the "real" field names be generated randomly when the registration page is rendered. Then bots will never be able to figure out the real fields to fill out, unless they have advanced HTML parsers that see the field titles that are presented to the user.

Last edited by kpatz (2009-02-08 3:39 pm)

HarshReality · 2009-02-08 4:08 pm

kpatz wrote:

I like the hidden field idea.
Some things I would add to it:
1. Make one hidden field inside a comment, and another that's not in a comment, but hidden using CSS (display: none). That way if a bot is smart enough to bypass comments, the CSS hidden field will get them.
2. Make one of the hidden fields "username" and/or "email" (whatever your forum calls them), and give the real username/email fields different names. You'll have to change the code in the forum's registration page to check the correct fields for legit registrations, but a bot will always look for "username" and "email" and submit to those. A bonus, if you see those two fields populated, you can submit them directly to SFS.
3. Optional, but a good thing to have: add some kind of logging to the registration page. Have it log successful registrations, as well as rejects due to the hidden fields being populated, hits on SFS, captcha failures, etc. That way you can see how many numbskulls are trying to get in, and what techniques are most effective at stopping bots and numbskulls.
4. (For advanced coders) Have the "real" field names be generated randomly when the registration page is rendered. Then bots will never be able to figure out the real fields to fill out, unless they have advanced HTML parsers that see the field titles that are presented to the user.

1 & 2. Currently registration in 2.0 series has anti-bot questions (you determine the Q/A & Image verification on registration. The mod the Original author designed has the function executed during registration/post form so no source code is on the actual registration page. Also the default check is email when the mod is activated however there is an administration switch to enable the additional check of IP and username.

3. Spam flagged registration submit a report to the error log. My revision for 2.0 also has a hit counter guest viewable.. typically due to session expiration your guest when you come back after a time anyway so I get to whatch the idiot count go up.

4. Not to sure about that one.. although a hidden 'dum dum field' might be effective so if a bot detects and tries to answer it could flag and deny it.

I also made a separate alteration so that the tracking area for admin has a Query tab specifically for checking an individual post registration (should you not have the original mod) that is independent. Today I got froggy and added a submission button so if you have a known spammer and they are not flagged here you have the option to submit the data to the DB here (provided its not YOUR account, that you have access to the tracking are & you have an API key entered in settings). My only hitch is the glitch in submitting data that SFS seems to be having currently. I have currently chosen not to release the alterations for the appearance of the button as yet.

**Update: My hitch was my code My apologies to the administration

The image reference for this is here (no attachment options here Im afraid)

Link

Last edited by HarshReality (2009-02-08 4:29 pm)

#1 2008-01-10 9:24 pm

Code Examples

#2 2008-04-03 6:21 pm

Re: Code Examples

#3 2008-04-05 4:26 am

Re: Code Examples

#4 2008-04-06 6:48 am

Re: Code Examples

#5 2008-04-06 9:05 am

Re: Code Examples

#6 2008-04-06 12:51 pm

Re: Code Examples

#7 2008-08-26 6:21 am

Re: Code Examples

#8 2008-09-05 11:26 am

Re: Code Examples

#9 2008-09-08 8:47 pm

Re: Code Examples

#10 2008-09-18 3:14 pm

Re: Code Examples

#11 2008-11-09 2:18 pm

Re: Code Examples

#12 2009-02-05 9:16 pm

Re: Code Examples

#13 2009-02-05 9:49 pm

Re: Code Examples

#14 2009-02-08 4:56 am

Re: Code Examples

#15 2009-02-08 3:32 pm

Re: Code Examples

#16 2009-02-08 4:08 pm

Re: Code Examples

Board footer