Forum Spams

All news regarding the website or the forum will be posted here. This will include website updates, features and anything else considered suitable. Only Forum Moderators may make new posts here, but all registered users may reply.

Moderators: XtC, BuZz, menace

Post Reply
User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Forum Spams

Post by BuZz »

There has been an increase in spam on the forum recently. Mostly from a user called Pepotamo1985. I have currently disallowed this username as an initial measure. There is obviously some kind of phpbb Spam script being used. Search on google for that username and you will see what i mean.

As a last resort I can remove guest posts, but for now the username ban should help for now (fingers crossed). I don't really want to force people to register to post on the guestbook/site problems/feedback areas as it may dissuade them from posting bug reports etc.

I have also enabled visual confirmation when registering, so avoid any automated scripts opening accounts. This requires entering of some alphanumeric values from an image on the registration page.

It has come to my attention that some recently registered users are likely to be the result of scripts, and are there to get additional traffic to their sites or improve search engine ranking by adding a www link on the userinfo. I will go through and delete all the users who have not made a single post, and who have what i consider, a suspicious www link. The changes to registration mentioned above should stop more registrations. It's possible that as exotica uses email verification, that the accounts were created for spamming the board, but were unable to without working verification. I will check into this also.

User avatar
XtC
Posts: 628
Joined: Wed Jun 12, 2002 6:26 pm
Location: Rossendale, England
Contact:

Re: Forum Spams

Post by XtC »

Ey up!
BuZz wrote:I will go through and delete all the users who have not made a single post, and who have what i consider, a suspicious www link.
Just noticed, it's been over a year and those deletions you mentioned ain't happened yet. :wink:
Cheers!

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

I can't be arsed eight now :-)

Maybe once i've moved the site. I have to install an admin mod to do this also.

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

I have now deleted the users who did not activate their account after signing up. This includes I think all the ones with dodgy URL's.

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

I had added a registration mod to help stop the spam accounts.

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

I have also added a mod to enable a captcha for "guest" posts. Hopefully this will stop the remaining guestbook/site problems forum spams.

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

Still getting spams/spam registrations. Changed the registration mod. When registering, new users will not be able to enter any details like web address/icq number etc until they have made at least 10 posts. Hopefully this will deter spammers/spambots from registering. If any of the fields are posted automatically, registration will fail.

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

And the spam keeps coming. The website one is no longer catching many signups. Either the bots are not filling this information out now, or they are manual spams.

I have installed some more protection. Let's see. Next step will be to change the captcha from the phpbb one which is obviously hacked completely (not very hard to ocr it) to something with a question like "are you a bot" or "is the sun yellow" etc.

Stupid spamming w*nkers though. It makes me waste so much time :/

User avatar
alexh
Posts: 112
Joined: Thu Sep 19, 2002 11:16 am
Location: Oxford, UK
Contact:

Post by alexh »

They are at it again.

I reckon 5 or 10 not so hard Exotic music multi-choice questions.

Q1) Complete this Sentance. Commodore:

A) Spectrum
B) QL
C) Amiga

Q2) The name of this website is?

A) Exotica
B) Erotica?
C) MILFs are US

Q3) The animal in the Psygnosis Logo is?

A) A skunk
B) A Ferret
C) An Owl

You'd need 20 or so questions and 10 minutes PHP.

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

Good idea. Actually my last change has significantly reduced the amount of bot signups. However as the guestbook pages require no login to post, they are still vulnerable.

I could disable anonymous posting I guess, or make anonymous posting also need to answer one of those questions.

User avatar
XtC
Posts: 628
Joined: Wed Jun 12, 2002 6:26 pm
Location: Rossendale, England
Contact:

Post by XtC »

Yeah, make anonymous entries answer some questions.
Cheers!

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

I decided to try first a graphical captcha switch. Only because it was easier to incorporate. Let's see what happens.

User avatar
alexh
Posts: 112
Joined: Thu Sep 19, 2002 11:16 am
Location: Oxford, UK
Contact:

Post by alexh »

They've beaten it :(

User avatar
BuZz
Site Admin
Posts: 569
Joined: Mon Jun 10, 2002 12:52 pm
Location: Didcot, Oxfordshire
Contact:

Post by BuZz »

I don't think it has been beaten, just that quite a lot of spam I think is only "part" automated. Some chinese guys doing the captcha or whatever :) I was reading an article about this the other day.

Post Reply