You are not logged in.

#1 2011-09-15 7:00 pm

itgeekazoid
Member
Registered: 2011-09-15
Posts: 2

Im new!!

Hello everyone

I have an IT forum powered by PhpBB3. Spamming is a nightmare, I can not believe how many people post spam.

When you register to the site you have to click a link in an email to activate and I also have capthca enabled on it too but they still spam me.

I have noticed this particular email domain - @dhbusinesstrade.info loads of people use this but just put numbers at the start like 341@dhbusinesstrade.info and so on.

Also IP address that start with 46.109.196

Is there anything else I can do.

My forum link is www . itgeekazoid . com

Please remove link if not allowed

Regards

Paul

Offline

#2 2011-09-15 7:06 pm

Cyberfreak
Spam Buster
From: UK
Registered: 2010-02-19
Posts: 423

Re: Im new!!

What version of phpBB3 do you have?  If you have phpBB 3.0.6 or later, use the Q & A on the registration page.  You are using a very old CAPTCHA at the moment that was used back in the phpBB2 days.  It is next to useless at the moment.

Once you have done that, I recommend Anti Spam ACP - http://lithiumstudios.org/forum/viewtop … f=31&t=941

That should massively reduce the amount of spammers you are getting.

Offline

#3 2011-09-15 7:10 pm

itgeekazoid
Member
Registered: 2011-09-15
Posts: 2

Re: Im new!!

Hi

I am using 3.0.9, I will have a look through the Q&A page and also will check the link out.

Thank you.

Paul

Offline

#4 2011-09-15 8:23 pm

OnThePike
Member
From: Long Island, New York
Registered: 2010-12-30
Posts: 1,977

Re: Im new!!

(This is a boilerplate I'm working on, but all apply to you)

First, collect your API keys from the most common and used database resources:
API Key from Stop Forum Spam
API Key from Bot Scout
API Key from Project Honey Pot
API Key from FSpamList
API Key from IPinfoDB
Note, all above keys may be obtained via FSLC below if desired.


Which can then all be queried by one awesome spam lookup and submission tool:
Gunner's Forum Spam List Checker

Forum Spam List Checker is the Big Gun of choice for seeking out and destroying spammers. Even though it has "Forum" in the name, it can be used on any website that allows posting messages/comments, links or has members. FSLC is a very powerful tool, but, it was designed with a shallow learning curve, which makes it a perfect fit for everyone from the new website owner to the seasoned veteran.  Even though FSLC is rather easy to use, you may still have questions or maybe would like to know about the "hidden" features.  So, we have broken down each "Tab" into it's own page. You can use the links on the right for more information.


Then, head to Lithium Studios and grab EXreaction's Anti-Spam Admin Control Panel Add-On:
Lithium Studios PHPBB3 Anti-Spam ACP (phpBB 3.0.6+ ONLY. For other software, see bottom)

Anti-Spam ACP adds many powerful anti-spam features to your forum such as an IP Search tool, Spam Word list, control over profile fields, flagging suspicious users (for logging their actions), and an easy one click ban link from their profile which clears out their profile and posts. Current features include spam Log, IP search, spam word catcher, disabling of certain profile fields, Stop Forum Spam integration, one-click ban and more.


After that has been installed and configured, head over to Zap's for ZBBlock:
Zaphod's ZB Block

This php security script is designed to detect certain behaviors detrimental to websites, or known bad addresses attempting to access your site. It then will send the bad robot (usually) or hacker an authentic 403 Forbidden page with a description of what the problem was. If the attacker persists, then they will be served up a permanently recurring 503 overload message with a 24 hour timeout. ZB Block is Excellent at reducing hacker bandwidth usage, strengthening your site against defacement, preventing PHP script exploitation, ending Remote File Include (RFI) exploits, protecting against directory traversal attacks, stopping MySQL database injection and tampering, removing access from known bad addresses and domain names and blocking access from top level domains, like .cn (China) and .kp (North Korea).  ZB Block is Good at avoiding website scraping/content theft, deterring bad user agents, halting referrer spam and impeding some Cross Site Scripting (XSS) attacks.


As a reference, you might want to compare your problematic IP's with this list of blacklisted server CIDR's:
My List of "Bad Servers"

While compiling this list for my main htaccess file, I thought I'd share it with you guys in the hopes we could compare blocked web servers and come up with a stronger list for everyone. I've done my best to check, and re-check these, but of course there may still be errors, so please verify if you decide to use any. Also, please post omissions and corrections so we can help each other compile a more complete listing.


Lastly, dump Captcha and instead use Question and Answer during the registration process.

For software add-on modifications unrelated to phpBB 3.0.6 or higher, please see:
The SFS Mods and Plugins Resource Center

Currently, anti-spam add-on tools are available for phpBB, vBulletin, Simple Machines (SMF), MyBB, PunBB, PHP Fusion, Xen Foro, Elgg, Wordpress, Symphony, UBB and Pligg. If your software is not listed here, please inquire about the use of ZB Block along with your software's platform and version.

Using the above tools and techniques will eliminate the overwhelming majority of your spam (and in the case of ZB Block, dramatically increase your security against potential attack at the same time). The rest of your spam would be that human spammer posting "topical back links" (or similar).

Offline

#5 2011-09-16 12:17 pm

jonboat
Member
From: NY
Registered: 2011-01-18
Posts: 177
Website

Re: Im new!!

+1

Great boilerplate write-up OTP!!!!  I think you pretty much covered all bases in one, well thought out post!!!!

Kudos!

Offline

#6 2011-09-17 1:30 am

Wizzle
Member
From: USA
Registered: 2010-02-14
Posts: 659
Website

Re: Im new!!

+2
Veeery Nice!
I like it. smile

Offline

#7 2011-09-17 1:33 am

zaphod
Jägermonster
From: USA
Registered: 2008-11-22
Posts: 2,985
Website

Re: Im new!!

Kinda funny... thanks to ZB Block, I am estimating the other tools will see very little use.

Zap big_smile


Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.

Little boxes in the server farm, little boxes running php...

Offline

#8 2011-09-17 2:41 am

Wizzle
Member
From: USA
Registered: 2010-02-14
Posts: 659
Website

Re: Im new!!

There you go again Zap, stating the obvious. wink

Offline

#9 2011-09-17 2:44 am

Gunner
Dude
From: In my head
Registered: 2010-09-12
Posts: 292
Website

Re: Im new!!

Eh, he never gets tired of hearing the horn toot big_smile

But it is a great boilerplate for the newbs

Offline

#10 2011-09-17 4:15 am

qu.dawei
Member
From: Beijing, PR China
Registered: 2011-01-10
Posts: 42
Website

Re: Im new!!

Oh how I wish I had sight of a document like that a number of months ago when I was first starting out at running a forum!

I think it is a good resource that should be quickly put "out there" for new forum administrators and even just run-of-the-mill webmasters to find and use.


QU Dawei (family name is QU). Chinese name used by a British person currently living with his family in PR China.

Offline

#11 2011-09-17 12:38 pm

OnThePike
Member
From: Long Island, New York
Registered: 2010-12-30
Posts: 1,977

Re: Im new!!

The idea behind this was exactly that -- a reference "FAQ" for our newest members to jump right into what we're doing here with information (and suggestions) all in one place. I'm glad that some of our seasons veterans also appreciate it :-)

Really, the only thing that doesn't need to be there is my own list of servers, but I thought it was a good idea to give the new users something to reference (names to IP blocks, something to compare to their own log files, etc).

Thanks for the positive feedback. Appreciated :-)

Offline

#12 2011-09-17 4:51 pm

Wizzle
Member
From: USA
Registered: 2010-02-14
Posts: 659
Website

Re: Im new!!

Really the only thing I would change is the order of tools.
A lot of folks that find us are in a state of frustration or panic and want a fast effective answer. Which your BP will do.
I'd move
The SFS Mods and Plugins Resource Center
to bullet point #2
So.. quick fix...
Grab api keys, install mod/plugin...
Then.. on to the kicking arse and "reporting" names. LOL!

Offline

#13 2016-01-05 1:54 pm

Sludge
Member
Registered: 2016-01-05
Posts: 3

Re: Im new!!

Hello,

I'm the admin a  (website name /url removed )   We have a big amount of robots registering to the forum. I'm trying new ways to block them. Thanks.

Do you know if FunCaptcha is compatible to vBulletin 3.X ? We still have to update it to the last version of vBulletin3 (I just got the credentials to do that).

Last edited by Sludge (2016-01-05 2:02 pm)

Offline

#14 2016-01-05 3:55 pm

Papa Parrot
Member
From: Mexico
Registered: 2011-08-19
Posts: 1,826
Website

Re: Im new!!

According to what the "Funcaptcha" site says, it can be used for vbulletin.
Funcaptcha setup

Offline

#15 2016-01-05 7:44 pm

NeoFox
Member
From: WI, USA, Earth
Registered: 2013-09-26
Posts: 830
Website

Re: Im new!!

Nice necro action.  4 years! Lol.

Offline

#16 2016-01-05 9:43 pm

Papa Parrot
Member
From: Mexico
Registered: 2011-08-19
Posts: 1,826
Website

Re: Im new!!

Do you know if FunCaptcha is compatible to vBulletin 3.X ? We still have to update it to the last version of vBulletin3 (I just got the credentials to do that).

Well the question is legit enough, but it also would have been easy enough for the OP to just check with "Funcaptcha" to see if they support "Vbulletin" .

I did edit the OPs post, the website name is not relevant any way, again, my apology for some other comments I made, which have now been removed.
This is a good thread to introduce your self as well.

Offline

#17 2016-01-05 10:05 pm

Sludge
Member
Registered: 2016-01-05
Posts: 3

Re: Im new!!

Oh, I found the link to this topic in another and thought it was the actual topic to introduce ourselves. My post was mostly to do that, not to ask for funcaptcha.

GarryRicketson: Never read something so paternalistic. It's a website about information and harm reduction processes, not to "promote" using of drugs. But please, stop.

Sorry everyone, just wanted to be polite and introduce myself and talk about spam and robots blocking (because we have a f***g lot of it). But I followed some advices and I think I managed to get over it.

Last edited by Sludge (2016-01-05 10:08 pm)

Offline

#18 2016-01-05 10:57 pm

Papa Parrot
Member
From: Mexico
Registered: 2011-08-19
Posts: 1,826
Website

Re: Im new!!

Sorry everyone, just wanted to be polite and introduce myself and talk about spam and robots blocking (because we have a f***g lot of it). But I followed some advice and I think I managed to get over it.

Thanks, for the apology, I also am sorry,  for the way I said some things,..I am going to edit my post, all of that really is another topic, and "out of scope", or not relevant to Stop Forum Spam,..my apology.

Well, ok any way, no problem posting in this topic, it is appropriate for some one "new" to the forum,..
and there is some other use full information in the thread, so it is a good thing that it got "bumped".
I use "Funcaptcha"  and it is very good, as, I said, they do support Vbulletin.

Offline

#19 2016-01-06 7:23 am

Sludge
Member
Registered: 2016-01-05
Posts: 3

Re: Im new!!

Yes, I know, but I think our version is so outdated that it's not possible to install it on. We have a licence that I need to get back to update the forum to the last 3.X version. But I fear that funcaptcha is not supported before 4.0. I will see that. But for now, I managed to stop the robots by adding another field to the registration form, and blocking some e-mail domain names.

I also got API keys, which brought me here.

Last edited by Sludge (2016-01-06 7:25 am)

Offline

#20 2016-10-27 8:56 am

macalime
Member
Registered: 2016-10-27
Posts: 2

Re: Im new!!

Hello!
I have a wordpress blog/website for recipes and I've been experiencing some issues with spammers for a few months now and I'm receiving emails related to a new trackback on the post from strange IPs .....

The message says:

Website: cheap NBA 2K17 MT XBOX ONE for sale (IP: 36.57.139.55, 36.57.139.55)


I'm new to the forum and not quite sure where to find a solution. Can you explain me what is this and how to deal with it? Thanks

Offline

#21 2016-10-27 9:39 am

Maikuolan
Member
From: Perth, Western Australia
Registered: 2011-08-09
Posts: 799
Website

Re: Im new!!

macalime wrote:

Can you explain me what is this and how to deal with it? Thanks

What you're seeing there is known as trackback spam, ping spam, or sping.

The simplest and easiest way to deal with this would be to just disable trackbacks entirely, if you don't need them for any reason. Alternatively, if you need trackbacks, you could try blocking the IPs of the offending trackbacks/spammers by integrating a plugin for leveraging the SFS database, or by integrating an IP blocking plugin (CIDRAM is my own approach to this problem, which you're welcome to try if it interests you; there are plenty of different solutions available, of course, too).

Last edited by Maikuolan (2016-10-27 9:40 am)

Offline

#22 2016-10-28 8:08 am

macalime
Member
Registered: 2016-10-27
Posts: 2

Re: Im new!!

Thank you very much for your reply Maikuolan.
I'm not sure whether I need them, but if disabling trackbacks is gonna stop spammers, I'll try what you say.

Is there anything that I'm doing wrong so they've started spamming me or it's something from the wordpress?

Offline

#23 2016-10-28 8:30 am

Maikuolan
Member
From: Perth, Western Australia
Registered: 2011-08-09
Posts: 799
Website

Re: Im new!!

You're welcome; Happy to help. :-)

Spammers will try everything they can to spam whoever, wherever they can. It's nothing personal against you, or against anyone else that they spam; If you get spammed, 99% of the time, it's simply because you've provided an avenue for the spammers to send their garbage to you and your website, which, with zero scruples about doing so, they've opted to take advantage of. For that matter, even if you *don't* provide an avenue for them, they'll try to send you their garbage to you and your website anyway, because that's just what they do. Unfortunately, so far as spammers are concerned, it's the way of the game: The moment your website is online, and from the moment it can be found (eg, the moment that someone, somewhere, links to your website, the moment it gets listed on a search engine, or the moment that something or someone happens to stumble across it), it'll be only a matter of time before spammers target it, so, there's not really any point in trying to blame yourself, or find someone or something else to blame for your website being targeted; So far as protecting our websites against spammers goes, we've all just got to do our best to keep them out and to protect our websites as best we can. ;-)

Certainly though, you can discourage spammers; From past experiences, although I've found it tends to pretty much be impossible to keep them from trying at all (short for taking everything offline entirely), I've found that they tend to target your website far less, if your website doesn't already contain any spam, and if you minimise the avenues available for them to drop their garbage onto your website (occasionally, some of the less dumb spammers out there will make a point of avoiding websites that they know they can't penetrate, or will target websites that they know or think they can penetrate by targeting websites already containing spam); For this, you'll just need to keep on top of things, delete any undesirable crap that appears on your website and either disable unregistered users from posting anything to your website or require that unregistered users complete some manner of authentication process (such as completing a CAPTCHA before being allowed to post anything, or by being made to verify their email address before they can post anything, for example).

Of course, there are plenty of tricks you can implement to your Wordpress to help keep them at bay, too; Many of the more active members here have got various creative solutions to help with that. :-)

Offline

#24 2016-10-28 12:18 pm

kpatz
Member
Registered: 2008-10-09
Posts: 1,437

Re: Im new!!

Ahh... Wordpress.  Welcome to spammer hell.  The dumbest of the dumb spammers love to spew their garbage on Wordpress sites.  Fortunately there are ways to block the majority of them using anti-bot tools like ZB Block and various WP plugins.  Bots are dumb by definition, they can only do what they're programmed to do, so it's not that hard to trip them up.  If you can stop the bots from getting in and posting, you've eliminated 99% of your spam problem.  All that remains are those much less common "human" spammers who manually go in and post their crap.  99% of them are still quite stupid.  Think of spamming as "survival of the un-fittest."  They've set the bar low enough that I bet your dog could spam, but the reason he doesn't is because he has sense.


Spam happens when greed meets stupidity.

Offline

#25 2016-11-09 3:43 pm

chrishirst
Member
From: Blackpool UK
Registered: 2011-01-22
Posts: 49
Website

Re: Im new!!

You can also use .htaccess directives to block IPs from your site, which does not add additional processing that using a plugin can.


order allow,deny
# individual IPs
deny from 2.103.45.232
deny from 31.221.99.140
deny from 77.100.121.64

# CIDR block (Mexico)
deny from 201.173.0.0/16

allow from all

And if you want to block specific countries there are lists of CIDR blocks arranged by country that can be found at this site;

ipdeny.com/ipblocks/

They are updated on a regular basis as well.

Last edited by chrishirst (2016-11-09 3:43 pm)


Indifference will be the downfall of mankind, .... But hey! Who cares.

Offline

Board footer

Powered by FluxBB

Close
Close