Is there perhaps some sort of way we can block this increasing flow of spam?
Quote from: "TordelBack"Is there perhaps some sort of way we can block this increasing flow of spam?
I guess it's the downside of using commercial message board software.
Just send me a PM or email as soon as a spammer is spotted and I'll remove them. Please don't just assume that I'll notice the thread. No one should be allowed to advertise off-topic stuff on their first post on the board.
Och, wasn't criticising the management, Wake, just the spammers themselves - I know all too well how hard it is to stop the buggers, adn I usually drop you a line when I spot one.
I didn't take it as a criticism, but usually by the time someone emais me about a spammer several other people have already responded to the thread. To keep the board spam-free I need to be notified as soon as possible. Probably the easiest way is to 'report' the offending post, since that will notify all moderators.
Quote from: "Wake"I didn't take it as a criticism, but usually by the time someone emais me about a spammer several other people have already responded to the thread. To keep the board spam-free I need to be notified as soon as possible. Probably the easiest way is to 'report' the offending post, since that will notify all moderators.
I think what we all really want to know is can we find out where they live and send Mek-Quake round to "sort them out" with "Big Jobs"?
Thanks to whoever just reported those runequest money posts. I looked at 'active topics' and the top 5 all had an excalamtion sign on them and all had the same user as the most recent poster.
Cheers,
Wake
Quote from: "Wake"Thanks to whoever just reported those runequest money posts.
You're welcome.
...And now it is time for...
(//http://bp2.blogger.com/_6rF2PP4knJE/Rf0a1Yw-jnI/AAAAAAAAABE/ZEKb_Gl5wPo/s320/mek3.jpg)
Does anyone have any thoughts about whether it's better to ban by username, email address or IP address?
Email address would be usefully, as if username is banned, they could created other new username, but same with new email address? IP would be good, but then they access at other computer e.g. internet cafe? work desk?
sorry can't help much, is there more spam as thought last one was last week?
oh shite, I sounds like ThryllSeekyr!
there was a giant spam attack this PM but the mighty Wake knocked em back!
Spammers seem to be joining and posting on a daily basis at the moment.
really? where?
Wed Nov 19, 2008 9:48 am Deleted user cshaobu288235
Tue Nov 18, 2008 2:51 pm Deleted user wecaonimabb789
Tue Nov 18, 2008 12:35 pm Deleted user dadohx08
Mon Nov 17, 2008 10:49 am Deleted user Zumba2
Sat Nov 15, 2008 3:56 pm Deleted user jack19780605
Thu Nov 13, 2008 5:43 pm Deleted user shufei2228516
Thu Nov 13, 2008 11:36 am Deleted user afeishisb69840
Thu Nov 13, 2008 10:34 am Deleted user feimotion334
Mon Nov 10, 2008 10:35 am Deleted user johnronald
Fri Nov 07, 2008 11:52 am Deleted user littlecat
Fri Nov 07, 2008 11:46 am Deleted user homeca
Mon Nov 03, 2008 6:15 pm Deleted user rumbos
oh not nice, how you notice it?
Quote from: "Goaty the Zombie"oh not nice, how you notice it?
Seeing several threads at the top of the active topics view, all last posted to by the same previously unheard of username, probably with the 'reported post' exclamation mark drawing my attention to the thread tends to do it.
Quote from: "Wake"Spammers seem to be joining and posting on a daily basis at the moment.
Is the board 100% up to date in terms of version and patches? PHPBB is extremely susceptible to spam when it's even slightly out of date. I moderate the Retro Gamer forum, and the admin had to seriously lock that one down, to stop (most of) the spam.
No, it isn't up to date. Current version 3.0.1; Latest version 3.0.3
I'll ask Julian if he can do the update.
Cheers,
Wake
Also, what's the sign-up process here? If it's not set to an email-based confirmation (i.e. that you sign-up but then have to click a link in an email to activate your account), make sure that setting's changed. Of course, manual spammers or bots using manually set up accounts can never be entirely stopped, but entirely automated systems largely can be. While RG still gets hit irregularly, we've seen a drop from a situation significantly worse than the one here to the very occasional post or three every week or so.
Heh, the crime is spam, the sentence is Wake!
Yikes!
The board update ...
1) Looks horrible
2) Appears to have broken the 'SPOILER' tag.
Cheers
Jim
there one spam person on this site!
The update doesn't seem to haev stopped the spammers either
Do you think it's a bot or human? If it's a bot we could always mod the way posts are submitted so they need someone to post an answer to a really simple question each time or something along those lines...
Gonna sort the spoiler now btw...
Quote from: "w3b-B0Tv2"Gonna sort the spoiler now btw...
Some of you colours are also broken—the heading and text blue isn't how it was before the change.
As for the spam, it looks like bots are causing the problem, what with the fact posts are identical and done in a single shot. If that's the case, you need to examine your sign-up process and make that tougher to breach via automated means. I think adding CAPTCHA to the post submission would just put people off using the board entirely.
QuoteIf it's a bot we could always mod the way posts are submitted so they need someone to post an answer to a really simple question each time or something along those lines...
G'wan, do it. I suggest a brief test on the correct use of apostrophes. Sure would be quiet around here...
;)
QuoteIf that's the case, you need to examine your sign-up process and make that tougher to breach via automated means
I don't think it's as straight forward as that. From what I gather they've cracked the CAPTCHA used at the start, so I could replace that - but then hey, what's to stop someone signing up for an account just to use it as a spam account?
Quote from: "w3b-B0Tv2"I don't think it's as straight forward as that. From what I gather they've cracked the CAPTCHA used at the start, so I could replace that - but then hey, what's to stop someone signing up for an account just to use it as a spam account?
Nothing, but the vast majority of PHPBB breaches are by automated bots. Do you have an authentication link thing going on here? As in, does someone have to sign-up and then authorise via a link in an email prior to posting anything?
Another possibility might be—depending on traffic—doing what I do on PinkFlag.com and having moderators have to directly authorise each account, thereby stopping bots who sign up and then immediately post. Also, having a 'fake' form that kills bots before they reach your actual one could help (this is a device I've used on several sites that were having problems with webmail forms).
A final thing would be to 'promote' a few users here to mod status (or whatever your equivalent is), which would help keep the problem to a minimum when breaches do occur and you or Wake aren't around.
Yeah might go for manually approving registrants and see how that goes. We're trying out a new forum internally that I might migrate this to as it's an easy transfer process. Will see on that one...
I'm not sure on what basis to approve memberships though. However, I've just approved "Strontium Jimmy" because he sounds like a 2000AD fan (and deleted another recent user who hasn't posted yet because they had a powerlevelling service as their website).
Quote from: "Wake"I'm not sure on what basis to approve memberships though. However, I've just approved "Strontium Jimmy" because he sounds like a 2000AD fan (and deleted another recent user who hasn't posted yet because they had a powerlevelling service as their website).
The way bots often work is to do everything at once. In my experience, even delaying the process of entry by a few hours is often enough to stop automated systems in their tracks. Other options would be to migrate to something similar but not from PHPBB, which is generally regarded as the softest target when it comes to spam. (vB is tougher, and Vanilla is rarely attacked, although probably not suitable for here).
Quote from: "IndigoPrime"The way bots often work is to do everything at once. In my experience, even delaying the process of entry by a few hours is often enough to stop automated systems in their tracks.
That doesn't seem to be what has been happening here. A spammer just posted a new thread a few minutes ago (since my last post to this thread) and they had registered over the weekend.
The firstname and surname fields are optional in the registration process so my guess is that they will be far more likely to be filled in by 2000AD fans than spammers.
Out of curiosity, have you tried putting a fake form above the one used for signing up?
<!--
<form action="./cgi-bin/email.cgi" method="post">
<input type="hidden" name="recipient" value="brian12345aazzxx@aol.com">
Email: <input type="text" name="email" value=""><br />
Name: <input type="text" name="name" value=""><br />
<input type="submit" name="submit" value="submit"><br />
</form>
-->
Some bots will parse that and then bugger off, leaving the 'real' form intact. This actually cut down the spam on one of my client sites from several dozen hits per hour to zero. However, that was for formmail rather than a forum, but it's worth a try.
I've just given up on the admin activation of accounts. It's more work than deleting spammers and isn't actually stopping them. For example, lyjg1203 registered last night around 2am. I activated the account around 9am and it was used for spam within the last hour.
Quote from: "Wake"I've just given up on the admin activation of accounts. It's more work than deleting spammers and isn't actually stopping them. For example, lyjg1203 registered last night around 2am. I activated the account around 9am and it was used for spam within the last hour.
Fair enough. Try the fake form thing—no idea if it'll help, but it's almost zero-effort and worth a shot.
Is there a row for user_agent in the DB? Just curious what user_agent appears for the spam accounts.
Quote from: "IndigoPrime"Out of curiosity, have you tried putting a fake form above the one used for signing up? Some bots will parse that and then bugger off, leaving the 'real' form intact. This actually cut down the spam on one of my client sites from several dozen hits per hour to zero. However, that was for formmail rather than a forum, but it's worth a try.
I kinda like that idea, thou it would cause problems with the visually disabled >_>.
Quote from: "V13"I kinda like that idea, thou it would cause problems with the visually disabled >_>.
Not if it's placed within comment tags.
Quote from: "IndigoPrime"Quote from: "V13"I kinda like that idea, thou it would cause problems with the visually disabled >_>.
Not if it's placed within comment tags.
Didn't think of that >_<.