Fight the spam registration bots!

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785
espicom
Registered User
Posts: 17905
Joined: Wed Dec 22, 2004 1:14 am
Location: Woodstock, IL

Post by espicom »

Just making them not show up will cause problems with the pagination if you get over one page of users (inactive + active).


Pagination should not be a problem - this query returns accurate counts of active members, so the pages will work out just as they do with unfiltered.

As for going to inactive profiles, that isn't what this addresses. The spam registrations are trying to get better page ratings in GOOGLE, so anything that makes them invisible to GOOGLE makes your forum useless. There would have to be a link elsewhere on the fourm to cause it to go to that page.

Now, an interesting MOD would be to modify the user profile pages to add the "no index" meta command.... Meaning it will display, but GOOGLE and other search engines will ignore its content... Hmmm...
Jeff
Fixing 1016/1030/1034 Errors | (obsolete link) | MySQL 4.1/5.x Client Error | phpBBv2 Logo in ACP
Support requests via PM are ignored!
"To be fully alive is to feel that everything is possible." - Eric Hoffer
BlueRook
Registered User
Posts: 2892
Joined: Wed Mar 10, 2004 2:38 am

Post by BlueRook »

You might want to check that assumption about pagination. I had the change so that inactive users and from some other posts that had done something similar (ie a MOD) it was mentioned that would occur. I tested it by lowering the 'topics per page' in the ACP to equal to the number of active members. It created enough pages to account for all users - inactive and active.

It has to do with the following code

Code: Select all

if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
{
      $sql = "SELECT count(*) AS total
              FROM " . USERS_TABLE . "
              WHERE user_id <> " . ANONYMOUS; 
It is something that doesn't happen very often but for completion it really should be done too.
espicom
Registered User
Posts: 17905
Joined: Wed Dec 22, 2004 1:14 am
Location: Woodstock, IL

Post by espicom »

OK, that code is way down at line 283 (stock memberlist.php), so it would also need modified, as such:

Code: Select all

if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
{
        $sql = "SELECT count(*) AS total
                FROM " . USERS_TABLE . "
                WHERE user_id <> " . ANONYMOUS . " AND user_active=1" ;
Jeff
Fixing 1016/1030/1034 Errors | (obsolete link) | MySQL 4.1/5.x Client Error | phpBBv2 Logo in ACP
Support requests via PM are ignored!
"To be fully alive is to feel that everything is possible." - Eric Hoffer
The Bad Astronomer
Registered User
Posts: 78
Joined: Mon Mar 24, 2003 11:31 pm
Location: CA
Contact:

Re: Fight the spam registration bots!

Post by The Bad Astronomer »

espicom wrote: VI will only replace the FIRST occurance of a string on a line when using ":%s/agreed/AgReEd", [/b]


vi will do a global search-and-replace:

:1,$s/agreed/AgReEd/g

will do it for the whole file. "1,$" means every line in the file, and the "/g" on the end means global, that is, every time you see it (including multiple times in one line).
Phil Plait, aka "The Bad Astronomer"
http://www.badastronomy.com
ezlynx
Registered User
Posts: 85
Joined: Tue Sep 10, 2002 8:34 pm

Post by ezlynx »

Thanks so much. Simple and effective.

p.s. I love to use Textpad for this sort of search/replace. It is a very powerful text editor.
mjatas
Registered User
Posts: 270
Joined: Sat Oct 16, 2004 6:43 am
Contact:

Re: Fight the spam registration bots!

Post by mjatas »

espicom wrote: After cleaning out another round of spam registrations from our forums, I decided to make a subtle change to the worst-hit boards to screw up the "registration bots" used for this. In some cases, you can not take advantage of v2.0.11's "visual confirmation", which also stops the bots, but this should work.

It is a simple fix, but I will not post it as a regular MOD, because customization is the key here. The RegBots work by going directly to the submission of the form information, bypassing the various agreement screens by simply setting "agreed=true". Fortunately, web form variables are CasE-sEnsiTivE, so simply changing the all-lower-case name "agreed" to mixed-case will still allow manual registrations to work, but will simply present a bot's request with the COPPA form, and not make any entries into your users table.

The affected files are:

admin/admin_users.php
includes/usercp_avatar.php
includes/usercp_register.php

With a text editor, search for "agreed", and replace it with your own choice of mixed case, or even something like "IAmInAgreement". As long as all references to this variable are identical, registration and profile changes work as before... except for those trying to bypass the system.

Note to those using VI to do this on a Linux/Unix box... VI will only replace the FIRST occurance of a string on a line when using ":%s/agreed/AgReEd", and there are some instance where "agreed" occurs twice on the same line. Do the replace twice to make sure all occurances are changed.


I am unsure of 1 thing. You say to edit those pages above, but which page is the agreed on? Is the agreed on all the pages you listed above? I am confused????
Ontario Wedding Forum
Over 500 users now online!
http://www.mystic-m.com/forum
espicom
Registered User
Posts: 17905
Joined: Wed Dec 22, 2004 1:14 am
Location: Woodstock, IL

Post by espicom »

I am unsure of 1 thing. You say to edit those pages above, but which page is the agreed on? Is the agreed on all the pages you listed above? I am confused????


Confusion is a curable disease... :wink:

The word "agreed" appears in all three files, admin/admin_users.php, includes/usercp_avatar.php, and includes/usercp_register.php. The spelling and UPPER/lower case of all occurences must match between them, or things won't work. If, for example, you decide to change "agreed" to "conCur", you would be making 9 changes total between these files.
Jeff
Fixing 1016/1030/1034 Errors | (obsolete link) | MySQL 4.1/5.x Client Error | phpBBv2 Logo in ACP
Support requests via PM are ignored!
"To be fully alive is to feel that everything is possible." - Eric Hoffer
PamRamRadio
Registered User
Posts: 104
Joined: Wed Feb 16, 2005 2:36 am
Location: The Pamderosa
Contact:

Post by PamRamRadio »

Thank you! Changing "agree" got rid of the Russian Spambots for me!
RAM Radio
Playing today's traditional country and bluegrass side-by-side with the pioneers...Listen to the circle...Unbroken!
pawnofwar
Registered User
Posts: 79
Joined: Thu Feb 12, 2004 10:27 pm

Post by pawnofwar »

Here's my two cents on what I've done to thwart spambots. First, I banned all the freebie e-mail addresses the I know of. That knocked out most of them right there. :) Then I enabled account activation. That took out the rest of them (until recently) because bots can register with a valid e-mail, but unless the human running them is following up by activating the account in the e-mail, the account will remain inactive. I delete all inactive accounts after a week. :D

My board is small, only sporadically active, so it's no prob to wipe out inactive accounts. After I eliminated freebie addresses I rarely have bots try to register. :) I posted a notice on my board that accounts must be activated within a week or be deleted and if anyone has any problem activating their account to contact me. That notice covers ligitimate users who might have a problem.

Since I've recently started getting spam again I've enabled visual confirmation. AND I deactivated PMs for any users that aren't participating on the board. Lurkers don't need to be using PMs anyway. Once someone establishes themselves as a member of the community by participating, then I can reactivate PMs for their account.

Two questions:

Is there a mod that will automatically delete inactive accounts if they haven't been activated in 7 days?

Is there a mod that automatically sets new user accounts not to allow PMs?

I so rarely have spam that doing these things manually from the admin panel is no problem, but as the board grows, it might be nice to have those two things done automatically eventually. :D
Trackit
Registered User
Posts: 76
Joined: Thu Nov 18, 2004 11:00 pm

Mods

Post by Trackit »

Try phpbbhacks.com and check under the PM category.
pawnofwar
Registered User
Posts: 79
Joined: Thu Feb 12, 2004 10:27 pm

Post by pawnofwar »

Hmmm...the only PM hack listed there similar to what I'm talking about is the one I already knew about. A new user can't post PMs until they have reached a specified post count. Since this is the only hack that restricts PMs for new users, it seems to me like it would encourage potential spammers & board abusers to post a gazillion iane messages until they hit the magic number. :roll:

For now I'll just continue to deactivate PMs manually when I get new registrations. Thanks!
BlueRook
Registered User
Posts: 2892
Joined: Wed Mar 10, 2004 2:38 am

Post by BlueRook »

pawnofwar wrote: Hmmm...the only PM hack listed there similar to what I'm talking about is the one I already knew about. A new user can't post PMs until they have reached a specified post count. Since this is the only hack that restricts PMs for new users, it seems to me like it would encourage potential spammers & board abusers to post a gazillion iane messages until they hit the magic number. :roll:

For now I'll just continue to deactivate PMs manually when I get new registrations. Thanks!


In includes/usercp_register.php

FIND:

Code: Select all

			//
			// Get current date
			//
			$sql = "INSERT INTO " . USERS_TABLE .
Then in the next line that starts VALUES go to the very end of it and find:

Code: Select all

$user_style, 0, 1, ";
Change the 1 to a 0 and then all new registrations will automatically have PMs disabled.
pawnofwar
Registered User
Posts: 79
Joined: Thu Feb 12, 2004 10:27 pm

Post by pawnofwar »

Works perfectly. Thanks! :D
espicom
Registered User
Posts: 17905
Joined: Wed Dec 22, 2004 1:14 am
Location: Woodstock, IL

Post by espicom »

Continuing my efforts to make my forums useless to spammers, I put together a small MOD to make signatures invisible to GOOGLE, MSN and YAHOO search engines. It can be expanded fairly easily to other search engine bots, if you know their "signature", and it builds upon the code in one of the "search engine optimization" MODs.

If you have a search bot you want to hide signatures from, just add it to the list stored in "$botagents".

Code: Select all

#-----[ OPEN ]------------------------------------------
#
viewtopic.php
#
#-----[ FIND ]------------------------------------------
#
if ( !isset($topic_id) && !isset($post_id) )
{
	message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
#
#-----[ AFTER, ADD ]------------------------------------------
#
// Detect whether this is a bot or not
$isabot = 0;
$botagents = array('googlebot', 'yahoo', 'msnbot');
$ref = strtolower($_SERVER['HTTP_USER_AGENT']);
foreach ( $botagents as $agent )
{
	if ( strpos($ref, $agent) !== false )
	{
		$isabot++;
	}
}
// end bot detection
#
#-----[ FIND ]------------------------------------------
#
		'SIGNATURE' => $user_sig,
#
#-----[ REPLACE WITH ]------------------------------
// only give signature if this isn't a bot
		'SIGNATURE' => ($isabot == 0 ? $user_sig : ''),
// end signature test for bot
#
#-----[ FIND ]------------------------------------------
#
		'WWW_IMG' => $www_img,
		'WWW' => $www,
#
#-----[ REPLACE WITH ]------------------------------
// only show website if this isn't a bot
		'WWW_IMG' => ($isabot == 0 ? $www_img : ''),
		'WWW' => ($isabot == 0 ? $www : ''),
// end website test for bot

#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
Now Google, MSN and Yahoo get no signatures or user websites displayed... The spammers go through all that trouble to post on your board, and you don't help their Google rating. Darn! :roll:

(editted to add block on user website link as well as signature)
Last edited by espicom on Wed Dec 28, 2005 3:43 am, edited 1 time in total.
Jeff
Fixing 1016/1030/1034 Errors | (obsolete link) | MySQL 4.1/5.x Client Error | phpBBv2 Logo in ACP
Support requests via PM are ignored!
"To be fully alive is to feel that everything is possible." - Eric Hoffer
kfc
Registered User
Posts: 403
Joined: Thu Jun 27, 2002 7:23 am

Post by kfc »

espicom I just did your mod and so far so good. But since PHPBB is PHPBB, when a new update comes out for it, isn’t there the possibility that my registration process will be nuked for the time being? Because if one of these three *.php files are changed when phpbb updates itself, I'm screwed. Yeah it doesn’t sound like that big of a deal. But let’s say a year goes by and your hack is looong out of my mind. It will be a pain in the butt to figure out whats wrong :/

Hopefully with phpbb's "Atlantis" build (or whatever they are calling it) hacks will not be needed, as it will be a much more solid app.
Locked

Return to “2.0.x Support Forum”