[BETA] Antispam for all fields (updated: 10-01-2009:V1.3.1)

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Locked
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

[BETA] Antispam for all fields (updated: 10-01-2009:V1.3.1)

Post by Ramon Fincken »

Get lost register test and explanation:
http://www.phpbbantispam.com/viewtopic.php?t=136

:idea: :idea: Note: from 2009 on all support and info for this mod will be at http://www.phpbbantispam.com due to the read only-ness of this board ( phpbb.com > phpbb2 mods ) section.
I recommend posting your questions, ideas, remarks and bugs over there as from now on.
Direct download link: http://www.phpbbantispam.com/viewtopic.php?t=1


Version info:
// Ramon Fincken, antispam
// Version 1.3.1 Latest updates & info: Direct download link: http://www.phpbbantispam.com/viewtopic.php?t=1

Stable?
Yes

Quick feature list:
* It uses word replacement list to check ALL fields in registration, editprofile, posting subject/message, PM message.
* Approve post / reply
* Approve registration / user
* Supports recognition of v1agr4, via_gra, and c4$,.ino like words
* Actually visits remote websites and checks for spamwords (you'll love this !)
* Mass ban spammers

Extensive feature list:
* Full ACP ( control panel ) settings with database logging
* Language support : English, Portuguese, Dutch language files included
* Possibility to sent mail to site admin with ALL the post vars, incl link to profile and IP + proxy forwarded IP
* API with API key on your own board
* Registrations have completely random fields and some nifty checks ( serverside !)
* Previous spam alike registrations will halt all new attempted registrations with same email, msn, icq, website
( If there are enough spam registrations trapped with one of these the forum wil not process the new signup. )
* Admin spam notice near the "go to admin panel" link
* Auto version update notice with link to direct download

Spam database:
* Possibility to turn all spam check off for a specified usergroup.
* Possibility to turn all spam check off for users who are member for (x) days and have at least (y) posts.
* Possibility to turn all spam check on/off for PM's, posts, registrations
* Database Storage with ALL the post vars, incl link to profile and IP + proxy forwarded IP
* DB stats: Most Active spam ip, Most Active spam ipproxy, Most Active spam user
* Approve post / reply
* Approve registration / user
* Remove this record
* Quick ban this IP
* Quick ban this forwarded IP
* Mass remove or ban users
* Prevent forwarded IP's to enter the board again.
* Normal IP's are green, Banned IP's are Bold,red

Wordlist:
* Mass import your existing wordlist, double entries are dropped.

Testcenter:
* Admin test center, test IP's words or usernames safely here.


Author comments:
* This has been proven to stop spam registrations from 20 a day to 1 a week. At most boards it stops all spam attempts.
* If a word is found an error message is shown and the information will NOT be processed
* If you want to install this ... => Backup your files AND your database. and do it in a test environment first!
* Installation level: medium (15 minutes)

* After installation update your words list table with words like

Code: Select all

*casino*
*porn*
...

Bad wordslists:

http://www.4cm.com/badwordlist/index.php
http://www.phpbbinstallers.net/bad_word ... ispam=true

Screenshots:
Post approval notice:
Image
Register approval notice:
Image

More screenshots:
http://phpbbantispam.com/viewtopic.php?t=113


Here we go...

The instructionset + upgrades + files:
http://www.creativepulses.nl/upload/php ... _1.3.1.zip
Latest updates & info: Direct download link: http://www.phpbbantispam.com/viewtopic.php?t=1


Files to edit:

Code: Select all

admin/admin_users.php
includes/functions.php
includes/functions_validate.php
includes/functions_post.php
includes/constants.php
posting.php
privmsg.php

New features in next releases: ( Beeing tested right now )
http://www.phpbbantispam.com/viewforum.php?f=4

UPGRADES AVAILABLE:
Simply download the latest zipfile and easy upgrade instuctions + files are in that zipfile !
** upgrade 1.2.9 -> 1.3.0 21112008
http://phpbbantispam.com/viewtopic.php?t=151
All changes below:

-ACP: Fieldfest-
No alterations in functions.

-ACP: Management-
No alterations in functions.

-ACP: Spam Database-
* Added a lite version and indexes to the core table. If your webserver times out .. click again and a lite version will pop up.
* When approving a signup, the user is automatically added to the approved userlist.

-ACP: Testcenter-
No alterations in functions.

-ACP: Wordlist-
No alterations in functions.

-Core function-
Added a filter for 'google-analytics.com/ga.js'

-FieldFest function-
No alterations in functions.

-Semicron function-
No alterations in functions.

-Lang file-
No alterations in functions.

-API-
No alterations in functions.

-Bugfixes-
* When updating your profile the website is still checked.
http://phpbbantispam.com/viewtopic.php?t=146

* When approving an ANON post ( newtopic ) the API is not satisfied with the normal parameters.
http://phpbbantispam.com/viewtopic.php?t=145

-Language entries updated-
No new entries.

-Installation-
No alterations in functions.

Upgrade instructions are in the 1.3.0 zipfile


API function:
This function API is for advanced users only, if you have never created a 'mod' scip this part ..
Thes function API will only work on your website, it cannot be called from a remote server/domain ..
Ok, now the API.
This function API is for advanced users only, if you have never created a 'mod' scip this part ..
There are 2 options:

1) Pure PHP

Integrate your page with Phpbb

It's fairly easy: if you have a field or var. you want to check just do this:
Code:
validate_spam($varname_over_here,'word');

And the function will take care of the rest!
Do NOT sent in array's ! Just full string/ints variables !

2) Use the antispam_api.php found in the contrib folder

POST or GET page with params:
@ api_key string
@ api_text string

It requires the API key to be entered and the function to be enables in the admin.
if api_text contains spam > 'SPAM' will be echo 'ed
if api_text contains no spam > 'Looking clean' will be echo 'ed

Example of the GET method:
http://www.board.com/antispam_api.php?a ... [TEXT_HERE]

See api_test_spam.png and api_test_clean.png for examples.

Do NOT sent in array's ! Just full string/ints variables !
External mods used:
insert_post
http://www.phpbb.com/phpBB/viewtopic.php?t=45535

insert_user
http://www.phpbb.com/phpBB/viewtopic.php?t=177543

quick_ban
http://www.phpbb.com/phpBB/viewtopic.php?t=307345

LEV Live email validate
http://www.phpbb.com/community/viewtopi ... &sk=t&sd=a

Comments/future requests are welcome!
Last edited by Ramon Fincken on Sat Jan 10, 2009 6:22 pm, edited 72 times in total.
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

Post by Ramon Fincken »

Screenshots:

http://www.phpbbantispam.com/viewtopic.php?t=113

Older upgrades:

** upgrade 1.1.0 -> 1.1.2 06032006
now supports v1agr4, via gra, and c4$,.ino like words to be recognized..

** upgrade 1.1.2 -> 1.1.3 23032006
* Better word recognition algoritm
* Possibility to sent mail to site admin with ALL the post vars, incl link to profile and IP + proxy forwarded IP
* Possibility to create a usergroup. The 'bypass group'-members have the check option set to OFF so they can post without restrictions.

** upgrade 1.1.3 -> 1.1.4 28032006
* Added a function for group check. Was left out in V 1.1.3
Upgrade instructions are in the 1.1.4 zipfile
Thanks to Stephen W. Thomas for posting the error!

** upgrade 1.1.4 -> 1.1.5 09072006
* Applied a fix for 'Warning: validate_spam(): Failed opening ' error in admin panel
Upgrade instructions are in the 1.1.5 zipfile
Thanks to Paul and AleSSaNDRo for posting the error!

** upgrade 1.1.5 -> 1.1.6 20082006
* Added ACP panel configuration
* Added: users who have x posts in the last y days are free of the check
* Added: Actually visit remote websites and check them for spamwords

** upgrade 1.1.6 -> 1.1.7 01102006
* Database Storage with ALL the post vars, incl link to profile and IP + proxy forwarded IP
* DB stats: Most Active spam ip, Most Active spam ipproxy, Most Active spam user
* Mass import your existing wordlist, double entries are dropped.

** upgrade 1.1.7 -> 1.1.8 05102006
* Approve post / reply
* Approve registration / user
* Remove this record
* Quick ban this IP
* Normal IP's are green, Banned IP's are Bold,red

** upgrade 1.1.8 -> 1.1.9 09102006
* Removed 2 hardcode DB names
* Added all admin functions to 1 single file

** upgrade 1.1.9 -> 1.2.0 21102006
* Created an easy upgrade sql script
* Created new ban links in spam database
* Added Post approval notice
* Added Register approval notice
* Added link to online wordlist

** upgrade 1.2.0 -> 1.2.1 22102006
* Added PM message check
* Added Turn check on/off for PM/Post/Register

** upgrade 1.2.1 -> 1.2.2 09112006
* Added Ban forwarded IP
* Added Ban forwarded IP check using phpbb's ban system.
* Removed showing allready banned spam info in spam-stats.
* Added a bit more explanation to the database management page.
* Solved "No file specified for handle body" error

** upgrade 1.2.2 -> 1.2.3 22112006
* Created Testcenter to check if a person , ip, email or word is banned
* Added 1 Mass delete record operation
* Added Language file ( partial language )
* Solved hardcoded phpbb_table error

** upgrade 1.2.3 -> 1.2.4 02122006
ACP: Spam Database-
* Added "Delete all banned records" mass operation
-ACP: Testcenter-
* Added textarea to test large texts
* Changed some coding
-ACP: Wordlist-
* Added word hits :)
-Core function-
* Passed handling of banned emails, usernames to the build-in Phpbb system.
( This saves you the email anytime and database space, the user will be blocked anyway ).
* Added a spamword hit count which can be seen in ACP Wordlist
-Lang file-
* Added Brazilian language file
* Added multilanguage support
-Bugfixes-
* S3xy will be seen as sexy instead of sbxy
* Link to phpbb group page is now working
-Installation-
* Added subSilver folder name

** upgrade 1.2.4 -> 1.2.5 07022007
-ACP: Management-
No alterations in functions.
-ACP: Spam Database-
* Added Mass delete checkboxes
* Added Delete user
* Added Watch table support
-ACP: Testcenter-
* Added some more tests
-ACP: Wordlist-
* Added best and worst words count
-Core function-
* Added FieldFest
* Added spam notice for admins, thanks Lord Raiden !
-FieldFest function-
* Added complete randomisation of username field
-Lang file-
* Some fixes
-Bugfixes-
* Core function: Sent mail: non html (erm)
* ACP: Approve editpost bug
* ACP: Delete word in wordlist return page
* ACP: Wrong ip added for poster when approving a post
* ACP: Added htmlspecialchars in spam database
* Core function: Change_txt function calls & 371 (change_txt) ...
-Language entries updated-
No new entries.
-Installation-
No alterations in functions.


** upgrade 1.2.5 -> 1.2.6 18042007
-ACP: Management-
No alterations in functions.
-ACP: Spam Database-
No alterations in functions.
-ACP: Testcenter-
No alterations in functions.
-ACP: Wordlist-
No alterations in functions.
-Core function-
No alterations in functions.
-FieldFest function-
No alterations in functions.
-Lang file-
No alterations in functions.
-Bugfixes-
* Core function: Check for remote include ( thanks to Paul ! )
-Language entries updated-
No new entries.
-Installation-
No alterations in functions.

** upgrade 1.2.6 -> 1.2.7 09072007
http://www.phpbbantispam.com/viewtopic.php?t=90
-ACP: Fieldfest-
No alterations in functions.
-ACP: Management-
* Changed the User Interface / User input of +Group name bypass and +Main admin
* Added 2 more lines for the Max websites and Spamcheck level
-ACP: Spam Database-
* Triggerword ( spamword ) is now visible !
* Added a mass ban and delete function
* Approving guest posts is enabled ( Thanks to Will Hough )
-ACP: Testcenter-
* Adapted the code to align with the Spamcheck level
-ACP: Wordlist-
No alterations in functions.
-Core function-
* Cleanup and alignment of code for most files
* Optimization of code, and functions
* Added: PM subject check
* Added: Max websites per post check
* Added: Spamcheck level ( 1 = normal, 5 = aggressive )
* Private IP's cannot be added Banned anymore
-FieldFest function-
No alterations in functions.
-Semicron function-
* New function ! : The system will automatically remove users from the
bypass group if they have triple the amount of posts needed to pass the spamcheck.
This will cut down your time removing them manually.
-Lang file-
* Added 3 more entries
-Bugfixes-
* Softened the word algoritm ( Thanks to WebSmail )
* All server paths have been recoded using the existing phpbb coding ( Thanks to Lord Raiden )
* All SQL lines and files variables are replaced
-Language entries updated-
No alterations in functions.
-Installation-
* Added pre-defined checks
* Implemented pre-defined variables and board_email insert
Last edited by Ramon Fincken on Sun Nov 04, 2007 3:34 pm, edited 2 times in total.
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
Lord Raiden
Registered User
Posts: 391
Joined: Sat Jun 26, 2004 11:24 pm
Contact:

Post by Lord Raiden »

Looks good. Will try this when I get a chance.
Steve Lake
-Owner/Admin/Author of:
-Raiden's Realm - Bringing Linux to the World
User avatar
drumstix42
Registered User
Posts: 1100
Joined: Tue Sep 24, 2002 11:01 pm
Location: NJ
Contact:

Post by drumstix42 »

This looks like another good idea to add on to the spam-prevention.
Thanks :)
Need a phpBB update or mod installed? PM me for any questions and pricing!
HostMonster.com (Unlimited Space, Unlimited Transfer, Unlimited Domains, $6.95/month )
weebit
Registered User
Posts: 5
Joined: Wed May 17, 2006 3:45 am

thanks

Post by weebit »

Thank you Ramon. I disabled my board for now, but when I get a chance I will check it out. :)
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

Post by Ramon Fincken »

I will update / integrate my mod with this one:

Intellicensor: http://www.phpbb.com/phpBB/viewtopic.ph ... highlight=


and something to see v14gr4 as viagra :)

update: download the latest version to recognise these words !
Last edited by Ramon Fincken on Sat Jun 03, 2006 12:04 am, edited 1 time in total.
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
User avatar
Wicher
Registered User
Posts: 1806
Joined: Wed May 07, 2003 10:33 pm
Location: Netherlands or Holland, your choice..
Contact:

Post by Wicher »

This is great!!!
I wrote something for url checking but this is far better. (been denied btw)

Thanks Ramon.
ezlynx
Registered User
Posts: 85
Joined: Tue Sep 10, 2002 8:34 pm

Post by ezlynx »

Sounds great! Would be nice to have a separate word replace list. Some words you don't care if people talk about on your forum. You just don't want them advertised via the profile.

By the way, I am having a hell of a time getting logged in using Opera (an older version). Had to switch to Firefox. Kept getting logged out.

This is not happening with my own phpbb which I read daily using the same version of Opera.

An aside here.

In the profile, you have a number of fields you can enter information. People are putting urls in boxes other than the website box.

What I wish I had was a rewrite precisely set up to analyse the text in these fields and if http or www is dedected, nothing is returned.

includes/usrcp_viewprofile.php has these fields that are vulnerable:

Code: Select all

	''LOCATION' => ( $profiledata['user_from'] ) ? $profiledata['user_from'] : ' ',
	'OCCUPATION' => ( $profiledata['user_occ'] ) ? $profiledata['user_occ'] : ' ',
	'INTERESTS' => ( $profiledata['user_interests'] ) ? $profiledata['user_interests'] : ' ',
I already stopped the bots. I have people who are meticulously registering by hand with bogus stuff. Makes more work for them. No memberlist. They only show up as a new member with a link to their profile.

Would be nice to disable the link conditional on being an active member.
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

Post by Ramon Fincken »

:idea:
** upgrade 1.1.0 -> 1.1.2 06032006
now supports v1agr4, via gra, and c4$,.ino like words to be recognized..
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

Post by Ramon Fincken »

2006 is a cool year
Last edited by Ramon Fincken on Sun Oct 01, 2006 3:08 pm, edited 1 time in total.
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
elau
Registered User
Posts: 17
Joined: Thu Oct 28, 2004 2:31 pm

Post by elau »

Thank you very much for this great mod.. it is what I was searching for.
User avatar
EXreaction
Former Team Member
Posts: 5666
Joined: Sun Aug 21, 2005 9:31 pm
Location: Wisconsin, U.S.
Name: Nathan

Post by EXreaction »

Hey, I have a quick question, well, two.

Say I ban the word poker, would that deny everyone from registering if they have poker anywhere in their email address? Because I am getting so many people registering with *@(something poker related like free-online-poker etc).* and it is really starting to annoy me. :evil:

And for my other question, any idea for CH mod 1.5 RC6 support? I can tweak it a little myself, but I still have not learned where everything was moved to with the CH mod(I think admin_board is removed though...mabey its time we remove the CH mod...or mabey I should wait for someone to finish an upgrade script for 2 to 3...because I know that as soon as I change everything back to vanilla 2 and mod it the way I want, they will release the upgrade script(not the 3 devs, some other guys I know). :(
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

Post by Ramon Fincken »

it works just like the normal word replacement...

here's a copy paste of the explanation from ACP:

Code: Select all

From this control panel you can add, edit, and remove words that will be automatically censored on your forums. In addition people will not be allowed to register with usernames containing these words. Wildcards (*) are accepted in the word field. For example, *test* will match detestable, test* would match testing, *test would match detest.
and yes.. It 'll work on email and website as well..
I mentioned 2 lists in my initial post, they cover the most of today's spambot urls, but feel free to analyze your own website and ban the words you see a lot..


Feel free to contact me about the CH mod 1.5 RC6 support.
Currently I'm testing 1.1.3 which also sends email reports uppon a spam attempt.
Last edited by Ramon Fincken on Mon Jul 03, 2006 12:33 pm, edited 1 time in total.
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
User avatar
EXreaction
Former Team Member
Posts: 5666
Joined: Sun Aug 21, 2005 9:31 pm
Location: Wisconsin, U.S.
Name: Nathan

Post by EXreaction »

I will check it out and see how easy it would be to add in on my board. :)
If I am having some trouble, I will contact you. :P
User avatar
Ramon Fincken
Registered User
Posts: 4835
Joined: Thu Oct 14, 2004 1:04 am
Location: NL, The Netherlands Amsterdam area @GMT +1
Contact:

Post by Ramon Fincken »

EXreaction wrote: I will check it out and see how easy it would be to add in on my board. :)
If I am having some trouble, I will contact you. :P


sure thing :)

If you know a bit phpbb/php installing this is really 2 minutes work..


Ramon
Dutch quality fully managed WordPress hosting - ManagedWPHosting.nl

Before changing a file, some code or installing a MOD >> Make a backup first!

Do you like my mods? paypal me $1 :) forumsoftware[AT}creativepulses[DOT}nl [/size]
PhpBBantispam.com || Instant find your mod here
Locked

Return to “[2.0.x] MODs in Development”