The Last Horse Forum Index
Author Message

<  The Server Room  ~  Idea to stop the spam on the boards

Mynthis
Posted: Thu 08 Mar 2007 6:29 pm Reply with quote
Joined: 24 Jul 2005 Posts: 145 Location: Rockville, MD
Neni,

As a method to reduce the spammers posting things on the boards, is it possible to implement a little thing on the "new thread" or "reply" screens where you have to answer a simple question for your message to be posted?

For example... you type in your message, and then at the bottom, there is a simple question like "What class is Mynthis?" or "Who is the last boss in BWL?". If you type in the right answer, then your thing is posted. If you get it wrong, it reloads the page (saving your typed in message!) and asks you another question.

Of course this is similar to those swirly-letters images but easier to set up I think. (?)

Anyway, do you think that this is worth the effort?
View user's profile Send private message Visit poster's website AIM Address
Rylle
Posted: Thu 08 Mar 2007 6:44 pm Reply with quote
ZOMG! Orange Hammer! Joined: 22 Jun 2005 Posts: 3574 Location: THE DUNGEON OF BEARS
It'd be sufficient to only ask that sort of a question when registering a new account, really. It'd have to be something non-LH-specific, though, because otherwise new people to the boards would be SOL. Either that or they'd have to do research, and, um, that's not really necessary.

But Neni doesn't code this stuff, she uses a pre-packaged board system, so custom things to that extent are beyond our means, I believe.
View user's profile Send private message
Apho
Posted: Thu 08 Mar 2007 7:07 pm Reply with quote
Joined: 18 Apr 2006 Posts: 848 Location: Tampa, Florida
Can you setup a "copy this useless jumble of letter down so we know you arent a bot" field?

_________________

View user's profile Send private message Visit poster's website MSN Messenger
Crytin
Posted: Thu 08 Mar 2007 7:45 pm Reply with quote
Batman™ of the Internet Joined: 23 Jun 2005 Posts: 2950 Location: homeless
Neni's so liberal she won't delete posts, won't ban traitors(HI TEEHEE AND RITHNY I KNOW YOU'RE READING THIS NOW THANK YOU. AND I'M PRETTY SURE GANELON IS YOU DELAW.) and let's merciless robot overlords run our shit

Well I WON'T TAKE IT ANYMORE

_________________

View user's profile Send private message AIM Address
Rylle
Posted: Thu 08 Mar 2007 8:25 pm Reply with quote
ZOMG! Orange Hammer! Joined: 22 Jun 2005 Posts: 3574 Location: THE DUNGEON OF BEARS
Crytin wrote:
Neni's so liberal she won't delete posts


dude i thought you were the one that thought the spam was fun and got pissed when all the other dudes deleted it dude
View user's profile Send private message
Crytin
Posted: Thu 08 Mar 2007 9:10 pm Reply with quote
Batman™ of the Internet Joined: 23 Jun 2005 Posts: 2950 Location: homeless
Did I mention i'm liberal Cool

_________________

View user's profile Send private message AIM Address
UncleBeuford
Posted: Fri 09 Mar 2007 7:08 am Reply with quote
Needs to Put On Some Clothes Joined: 18 Jul 2005 Posts: 2619
I dont think any custom antispam is really called for, when there are alot of tools freely available for phpbb.

http://72.14.203.104/search?q=cache:xwDfFaN_ALYJ:www.phpbb.com/phpBB/viewtopic.php%3Ft%3D427852+phpbb+stop+spam&hl=en&ct=clnk&cd=1&gl=ca


Quote:

Section 1: Introduction

Lately, a few topics have been started with suggestions for preventing SPAM on phpBB boards. After reading through some very incorrect information, I present you with what I hope is a factually correct, informative and easy to follow guide. It is important to note that SPAM is not a security threat; at worst you will have to go through your board and delete some topic/users. Rather than install every MOD you come across, you should first try using the built in SPAM protection features that come with the latest version of phpBB 2.0.x. Then, if necessary, install a MOD or two until you find the combination that best works for your board.

One thing I would like to add is that you should always take other people's posts with a grain of salt. If someone writes "it doesn't work" or "my suggestions are the best", don't just assume that's the case. Not all boards get hit with the same bots and not everyone knows how to follow installation instructions Wink


Section 2: Using what you already have

1. Update Update Update!
With each new version of phpBB, security is improved and bugs are fixed. If you're not running the latest version, you should update as soon as possible. Before updating, it's a good idea to check out the updating guide: http://www.phpbb.com/kb/article.php?article_id=271.

2. Set activation to 'user' or 'admin'
This feature sends an activation email to either the user registering or the administrator. Unless you plan on activating all members personally, you should leave this set to 'user'. Many bots use fake emails when registering, so this will stop them from activating the account. It will also discourage some human spammers, since they will need to provide a valid email account each time they register. Not only does this stop some spam, it also helps make sure that all members have valid email accounts on file (which will prevent emails from bouncing back when you send mass emails). You can activate this option in the 'configuration' section of the administration panel.


3. Enable visual confirmation
This is the image with the numbers/letters you had to enter into the box when registering on this site. While doing nothing to prevent human SPAM, it should block most of the bots. This feature has been improved in recent versions and even further improvements are in the CVS (will be in the next release). You can activate this option in the 'configuration' section of the administration panel. If you are using the latest version of phpBB, but do not see this option in the administration panel, your template is likely out of date. See this article by espicom for more info and the fix: http://www.phpbb.com/kb/article.php?article_id=329.


4. Disable guest posting
If you allow guests to post, SPAM bots will not even bother registering. It is therefore generally recommended that you disable guest posting on your board (find out how). If you absolutely must allow guests to post, I suggest you install the Anti-bot Guest Post MOD (#2 below) by otseng or the Visual Confirmation for Guests MOD by Kanuck (#15 below).


Section 3: The artillery

If you have done everything above and are still being spammed, check out the MODs below. Like it says in the introduction, don't just install everything you see. Read the descriptions and decide which MODs look like they will work best with your board. If you have never installed a MOD, you should check out the mod installation tutorial. Always remember to make backups of any files you plan on editing (or just be like me and backup the whole directory).

If you have questions regarding a specific MOD, please ask it in that MOD's topic, not here.

1. Active members Only by defender-uk
Extremely simple MOD that prevents inactive users from showing up in the memberlist.

2. Anti-bot Guest Post Mod by otseng
If you allow guests to post on your board, this MOD will help prevent SPAM by adding a drop down to the guest posting screen.

3. AntiSpam Mod by deMone
Prevents instant registrations by checking the amount of time it took to fill in the form.

4. Block Open Proxy Registrants by TerraFrost
Blocks those attempting to register from open proxies.

5. Configure Member Profile Required Fields by ycl6
Allows the admin to set which fields are required during registration.

6. ConfusaBOT lite & ConfusaBOT ACP by espicom
This simple MOD changes the registration form URL from "...profile.php?mode=register&agreed=true" to "...profile.php?mode=register&XXX=true", allowing you to define the XXX. This will stop bots that skip the agreement and go straight to the form. The ACP version allows you to change the agreed variable in the configuration section of the administration panel, while the lite version defines the variables in the constants.php file. Which you choose to use is completely up to you.

7. Deter Comment Spam by TerraFrost
Provides a deterrence to so-called comment spammers by adding rel="nofollow" tags on a conditional basis. For a further explanation, see the "Author comments" in the install.txt file.

8. disable spambots by magenta
Checks the amount of time it took to submit the registration form. If it is less than 5 seconds, the form cannot be submitted.

9. Easy BotStopper by battye
Removes the website field from the registration form (still available in user profiles). If a bot supplies this information anyway (via a separate script), the registration will be denied.

10. Hide Zero Posters by TerraFrost
This MOD will prevent users with 0 posts from showing up in the memberlist. This is a great tool for preventing human spammers.

11. Textual Confirmation by olpa
Textual Confirmation (TC) asks newly registering user a question. If the answer is wrong, TC rejects the registration. Also, TC notifies the forum admin and the community spam database. The administrator can edit the questions and answers in the Administration Panel.

12. The humanizer by Underhill
Adds the question 'Are you human?' to the registration form which must be answered for the registration to be processed. Since this isn't a standard phpBB question, most bots will not answer it.

13. Redirect anonymous users to login by StefanKausL
Will prevent guests from getting your members' contact information by disallowing guests to view the memberlist, groups, profiles, etc.

14. Registration disable website signature by EXreaction
Removes the signature and website fields from the registration form (still available in user profiles). If a bot supplies this information anyway (via a separate script), the registration will be denied. Also has an autoban feature.

15. Spam Words by Joe Belmaati
Allows you to specify words in the administration panel that are not allowed to be used in posts. When a user tried to use a forbidden word, an error will be displayed.

16. User Shield by Wo1f
Hides usernames and corresponding profile data from all except the Administrator until activated. Manage (activate or delete) non-activated members from the memberlist.

17. Visual Confirmation for Guests by Kanuck
Adds the visual confirmation to the posting page for guests. If you enable guest posting, you can use this MOD to prevent spammers from having a field day.

18. Anti Bot Question by MagMo
This MOD replaces the standard visual confirmation with a question selected at random from a pool. You may add custom questions to the pool, which makes this MOD very dynamic.
** This MOD has not been validated by the phpBB MOD team.

19. Antispam for all fields by Ramon Fincken
This MOD uses the word replacement list to check all profile fields (website, interests, etc.) as well as the posting field. An extensive bad word list is provided. Also checks remote websites for bad words. Admin panel settings.
** This MOD has not been validated by the phpBB MOD team.

20. Anti-spam bots registration by RevJim & Anti-Spam ACP by EXreaction
Both of these MODs disable the signature and website fields for users with less than X posts. The ACP version by EXreaction adds configurable options to the administration panel.
** This MOD has not been validated by the phpBB MOD team.

21. myVIPcode - fight spam registrations by Martin Aignesberger
Requires a "VIP code" to be entered at registration. You can specify where the VIP code can be found on your site
** This MOD has not been validated by the phpBB MOD team.

22. Raven's Antispam by romans1423
Raven's Antispam is a lean but effective solution for preventing spam registrations and posts, ported to phpBB from a Wordpress plugin of the same name. By requiring an installation-unique variable to be filled out (automatically, if JavaScript is enabled), bots are simply blocked. Raven's Antispam does not require any database modifications or admin panel configuration.
** This MOD has not been validated by the phpBB MOD team.

23. Unique Registration Hash by pentapenguin
This MOD changes the "agreed=true" part of the registration form to a unique identifier to help stop spam bots from registering.
** This MOD has not been validated by the phpBB MOD team.



Section 4: Miscellaneous

SPAM removal tools
Admin Toolkit - Allows you to mass delete users. Users should never be deleted straight from the users table.

Translations
Dutch: http://www.phpbb.nl/viewtopic.php?t=31511
Dutch: http://www.phpbbservice.nl/viewtopic.php?t=2
Espaņol: http://www.tomatoma.ws/foros/viewtopic.php?t=10201

1. Other anti-SPAM threadsFight the spam registration bots! by espicom
2. Anti-Spam Thread! by EXreaction

1. PM me if you:are the author of one of the MODs above and are not happy with my description (I will be happy to use yours as long as it isn't too long).
2. know of a SPAM prevention MOD that belongs on the list above (I purposely didn't include some MODs).
3. found a mistake in the article above.
4. have something else that would best be said in private.
Please make all other comments directly in this thread. Feedback is always appreciated Smile

_________________
View user's profile Send private message
Nenicirene
Posted: Fri 09 Mar 2007 2:16 pm Reply with quote
Technocrat Joined: 22 Jun 2005 Posts: 1700
It's already set up to require a captcha (which has been broken), user activation (which they do), and custom field names to break their scripts (which they've patched to read the custom field names from the page). At some point I should sit down and figure out to how to hack the source so that the Location field is present but hidden via CSS when registering, and if you fill it out, you're denied.

_________________
Gnomeregan. Never forget. Never again.
View user's profile Send private message Send e-mail Visit poster's website AIM Address
Romana
Posted: Fri 09 Mar 2007 6:52 pm Reply with quote
Joined: 16 Aug 2005 Posts: 2017 Location: my own little bubble
not a bad trick. if anyone can do it, you can, Neni

_________________
Vaporization without representation is against the consitution!


Which Final Fantasy Character Are You?
View user's profile Send private message

Display posts from previous:  

All times are GMT - 5 Hours
Page 1 of 1
Post new topic

Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum