Preventing SPAM - Bots and Humans [*Read the First Post!*]

This is an archive of the phpBB 2.0.x support forum. Support for phpBB2 has now ended.
Forum rules
Following phpBB2's EoL, this forum is now archived for reference purposes only.
Please see the following announcement for more information: viewtopic.php?f=14&t=1385785

How helpful did you find this guide?

Very helpful
160
79%
Somewhat helpful
32
16%
Not very helpful
11
5%
 
Total votes: 203

momentum
Registered User
Posts: 1505
Joined: Thu Sep 20, 2007 4:07 am
Location: Melbourne, Australia

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by momentum »

In your browser, navigate your way to http://<your_site>/forum/toolkit.php

Craig.
QOTY: phpBB is free, good hosting is not. - robert (Lumpy Burgertushie)
User avatar
RMcGirr83
Former Team Member
Posts: 22011
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by RMcGirr83 »

It means to access the file by browsing to it, eg.

http://yourwebsite.com/forum/toolkit.php

and do it pretty quickly cuz the file is there and is asking for initial password for admin and moderator.
Former Modifications/Extensions Team Member | My extensions | github | All requests for support via PM will be ignored
Appreciate the extensions/mods/support then buy me a beer Image
Lonewolf1888
Registered User
Posts: 7
Joined: Fri May 23, 2008 4:23 pm

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by Lonewolf1888 »

THANKYOU guys! got it done and working great...its been really getting me down so thanks very much!
User avatar
karlkablisk
Registered User
Posts: 6
Joined: Mon May 05, 2008 8:23 pm

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by karlkablisk »

A bot just got through my security. I put in the RAC mod. and Its stopped bots from registering and posting so thats good. But today I saw a bot post spam on my board. He either HAD an account that I deleted or didn't make one, but he still posted 6 times! Whats more, I COULDN'T delete his posts! The best I could do was edit his text. But even now if I try to delete, it says it deleted but it stays there. :(

I dont know what the bot did. Its not a user so I can't do much to him other than remove the message. Even if I ban its IP it'll just use another one.

Heres a link to the page. as you can see his name is faded out so its not a registered user.

http://www.kabliskkeep.com/forum/index. ... ef969fe20a

Can anyone help?
Thanks
- KKL
User avatar
ric323
Former Team Member
Posts: 22910
Joined: Tue Feb 06, 2007 12:33 am
Location: Melbourne, Australia
Name: Ric
Contact:

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by ric323 »

karlkablisk wrote: Heres a link to the page. as you can see his name is faded out so its not a registered user.

http://www.kabliskkeep.com/forum/index. ... ef969fe20a

Can anyone help?
Thanks
- KKL
That is NOT a link to a specific post, it is just to your main index.
The Knowledge Base contains solutions to many common problems!
How to fix "Doesn't have a default value" and "Incorrect string value: xxx for column 'post_text' " errors.
How to do a clean re-install of the latest phpBB3 version.
Problems with permissions? Read phpBB3 Permissions
User avatar
ChrisRLG
Former Team Member
Posts: 3420
Joined: Wed Nov 24, 2004 3:18 pm
Location: Essex, UK
Contact:

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by ChrisRLG »

karlkablisk wrote:Heres a link to the page. as you can see his name is faded out so its not a registered user.

http://www.kabliskkeep.com/forum/index.php?sid=02285c66455a7e033b95cbef969fe20a
Also another point.

Never ever post links with SID's

http://www.kabliskkeep.com/forum/index.php?sid=02285c66455a7e033b95cbef969fe20a

Although the later versions are not expected to be vulnerable to it, those SID's can be used by hackers to gain access with admin privilages, particularly if used while you are still using that same session.

So ALWAYS remove SID's from links when you post.
phpBB: The All Important Rules - Bertie Bear 3.0 - No support via PM system - use the forums please.
phpBB v2: Retirement (1/1/2009) : phpBB v3: Read Me Topic - Custom BBCodes - Support Template
Matthew 7:7"Ask and it will be given to you; seek and you will find; knock and a door will be opened to you."
My Links: MS MVP (Consumer Security) - Malware Removal:University - Own Forum: Custom BBCode testing
grzejniki_lazienkowe
Registered User
Posts: 2
Joined: Wed Jun 04, 2008 6:36 am

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by grzejniki_lazienkowe »

Hello,

We are the Terma Technologie company and we are a leading manufacturer of tubular radiators ([removed] ).

We are looking for good script preventing our mailbox from a spam. What are You thing ? Which one will be the best ?
Last edited by RMcGirr83 on Wed Jun 04, 2008 10:52 am, edited 1 time in total.
Reason: Links to your sites is not needed
User avatar
RMcGirr83
Former Team Member
Posts: 22011
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by RMcGirr83 »

I personally prefer the security question mod, mostly because you can change the question and answer in the ACP.

Personal preference though.
Former Modifications/Extensions Team Member | My extensions | github | All requests for support via PM will be ignored
Appreciate the extensions/mods/support then buy me a beer Image
150mph
Registered User
Posts: 13
Joined: Wed Jun 04, 2008 5:45 am

Best way to keep'em from finding us in the first place?

Post by 150mph »

In addition to stopping the spammers from registering, I want to stop them from finding my board to start with, and was interested in Alvo's post about bots finding our phpbb tag line's and memberlist.php files. I haven't seen any further discussion about this, and wonder if this is the consensus - that spambots find our forums by these two elements.

Anyway, I want to do what Alvo mentioned, change the tagline with comments:

Po<!--engt-->we<!--dkjhy-->red b<!--wodnted-->y ph<!--khiuyu7-->pB<!--zpfleg-->B)

but i don't know which file to find it in.... :roll:

And if I change memberlist.php to m3mb3rl13t.php or something, do I need to change a bunch of other files too?

Most importantly, (i edited this post to add this) I want to leave the board viewable to the public without registering.
User avatar
Lumpy Burgertushie
Registered User
Posts: 69223
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Best way to keep'em from finding us in the first place?

Post by Lumpy Burgertushie »

150mph wrote:In addition to stopping the spammers from registering, I want to stop them from finding my board to start with, and was interested in Alvo's post about bots finding our phpbb tag line's and memberlist.php files. I haven't seen any further discussion about this, and wonder if this is the consensus - that spambots find our forums by these two elements.

Anyway, I want to do what Alvo mentioned, change the tagline with comments:

Po<!--engt-->we<!--dkjhy-->red b<!--wodnted-->y ph<!--khiuyu7-->pB<!--zpfleg-->B)

but i don't know which file to find it in.... :roll:

And if I change memberlist.php to m3mb3rl13t.php or something, do I need to change a bunch of other files too?

Most importantly, (i edited this post to add this) I want to leave the board viewable to the public without registering.
first, none of that will help at all.
the bots do not look for memberlist.php at all. they are inputting the data string straight to the database.

if you do like has been said over and over, install the RAC MOD, this stops them dead in their tracks.
they can not register, therefore, they go away.

If you allow guest posting, you will NEVER stop the spammers. bots or humans.
PERIOD!

luck,
robert
Premium phpBB 3.3 Styles by PlanetStyles.net

I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
User avatar
RMcGirr83
Former Team Member
Posts: 22011
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr

Re: Best way to keep'em from finding us in the first place?

Post by RMcGirr83 »

Lumpy Burgertushie wrote:
If you allow guest posting, you will NEVER stop the spammers. bots or humans.
PERIOD!
Not without a mod, you won't ;)
Former Modifications/Extensions Team Member | My extensions | github | All requests for support via PM will be ignored
Appreciate the extensions/mods/support then buy me a beer Image
150mph
Registered User
Posts: 13
Joined: Wed Jun 04, 2008 5:45 am

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by 150mph »

†hanks for input. To clarify, I didnt say I wanted to allow guest posting, just viewing.
User avatar
Lumpy Burgertushie
Registered User
Posts: 69223
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by Lumpy Burgertushie »

150mph wrote:†hanks for input. To clarify, I didnt say I wanted to allow guest posting, just viewing.
ah, sorry, my mistake.

guest viewing is no problem at all. you simply set "view" to "public" in your forum permissions for each forum that you wish.

that will have no affect on spammers, or bots registering, posting etc.

the two have nothing to do with each other.

robert
Premium phpBB 3.3 Styles by PlanetStyles.net

I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
meyerII
Registered User
Posts: 6
Joined: Sat Dec 29, 2007 1:18 am

the hide memberlist mod

Post by meyerII »

I wanted to get the mod for hiding the memberlist for guests, and your first post refers me here:

Download: viewtopic.php?t=213812

(http://www.phpbb.com/community/viewtopic.php?t=213812)


Unfortunately, I don't have authority to view that forum. I'm pretty sure I can find it by searching this site, but I thought I'd mention it in case this is something you didn't intend to do.

BTW: I am helping out a large aircooled VW-related site with some anti-spam mods and was impressed that I found EXACTLY what I was looking for in the first place I looked (wel...almost). Good work.

 
User avatar
Lumpy Burgertushie
Registered User
Posts: 69223
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: Preventing SPAM - Bots and Humans [*Read the First Post!*]

Post by Lumpy Burgertushie »

not sure what MOD that was, but the MOD database has been cleaned out of all old, out of date MODs and that is the error you get when trying to access them.

removing the memberlist from view will have absolutely no affect on spammers, bots or otherwise.

however, this is how to do it:

Code: Select all

########################################################################

#
#This restricts the memberlist to members only.
#-----[ OPEN ]------------------------------------------
#

memberlist.php

#
#-----[ FIND ]------------------------------------------
#
 
//
// End session management
//

#
#-----[ AFTER, ADD ]------------------------------------
# 

// Begin 'Restrict Access' 
if ( !$userdata['session_logged_in'] )
	{
		redirect(append_sid("login.".$phpEx."?redirect=memberlist.".$phpEx, true));
		exit;
	}
// End 'Restrict Access' 

############################################################################################

#
#This restricts memberlist to admin only
#-----[ OPEN ]------------------------------------------
#

memberlist.php

#
#-----[ FIND ]------------------------------------------
#
 
//
// End session management
//

#
#-----[ AFTER, ADD ]------------------------------------
# 


// Begin 'Restrict Access' 
if( !$userdata['user_level'] == 1 )
{
message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
}
	
// End 'Restrict Access' 
Premium phpBB 3.3 Styles by PlanetStyles.net

I am pleased to announce that I have completed the first item on my bucket list. I have the bucket.
Locked

Return to “2.0.x Support Forum”