Preventing Spam in 3.0.5 and Lower [*Read First Post*]

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Scam Warning
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
t-p
Registered User
Posts: 311
Joined: Wed Jun 13, 2007 12:51 am
Location: California, USA

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by t-p »

Thanks bbrunnram so much.
it worked.

Please help me understand this:
speaking of the drop downs,

Code: Select all
case FIELD_DROPDOWN:
if ($field_value == $field_data['field_novalue'] && $field_data['field_required'])


if we change the == to !=, will it instead work for selecting one correct answer?
Please give an example as to how this would work. What I need to replace 'field_novalue' and field_required'. An example would really help understand, since I am not a programmer, etc.

Thank you again

--tara
ameeck
Former Team Member
Posts: 6559
Joined: Mon Mar 21, 2005 6:57 pm

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by ameeck »

Be sure to test out the new CAPTCHA settings that came in 3.0.5, 3.0.6 will bring even more :)
some blind fool
Registered User
Posts: 409
Joined: Sat Aug 19, 2006 5:28 pm

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by some blind fool »

t-p wrote:Thanks bbrunnram so much.
it worked.

Please help me understand this:
speaking of the drop downs,

Code: Select all

case FIELD_DROPDOWN:
if ($field_value == $field_data['field_novalue'] && $field_data['field_required'])
if we change the == to !=, will it instead work for selecting one correct answer?
Please give an example as to how this would work. What I need to replace 'field_novalue' and field_required'. An example would really help understand, since I am not a programmer, etc.

Thank you again

--tara

Code: Select all

find:
if ($field_value == $field_data['field_novalue'] && $field_data['field_required'])replace with:
if ($field_value != $field_data['field_novalue'] && $field_data['field_required'])
'field_novalue' and 'field_required' don't change in the code. by changing the == to !=, we change/reverse the meaning/usage of 'field_novalue', which is a value you select when creating the custom profile field. 'field_required' simply checks whether or not you selected that the custom profile field to be required.

to change the text on the custom profile field to reflect this change,
open: language / en / acp / profile.php
find:

Code: Select all

	'NO_VALUE_OPTION'			=> 'Option equal to non entered value',
	'NO_VALUE_OPTION_EXPLAIN'	=> 'Value for a non-entry. If the field is required, the user gets an error if he choose the option selected here.',
replace with:

Code: Select all

	'NO_VALUE_OPTION'			=> 'Option equal to entered value',
	'NO_VALUE_OPTION_EXPLAIN'	=> 'Value for an entry. If the field is required, the user gets an error if they do not choose the option selected here.',
so now, when you set up a custom profile field using the drop-down box, you select the answer that you want the user to choose, instead of the answer that you -don't- want them to choose.

hope that helps. :)
please do not PM me to ask for help. thanks.
t-p
Registered User
Posts: 311
Joined: Wed Jun 13, 2007 12:51 am
Location: California, USA

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by t-p »

excellent!
thanks to all of you so much for your kind help, time and patient.
I appreciate it very much.

:D

--tara
ngpc
Registered User
Posts: 29
Joined: Thu May 28, 2009 10:12 am

Re: Cannot Save the Setting after Customer Profile field edit

Post by ngpc »

Hi,

Can anyone help me this ? When I tried to use the CUSTOM PROFILE FIELDs function, my forum report the below General Error in saving the setting ..

Do anyone know what happen .?

Database Server : MySQL 4.1.22-max-log


Would appreciate if you can give me some advise !
Thanks
ngpc



============================================================================================
General Error
SQL ERROR [ mysql4 ]

Unknown column 'field_show_profile' in 'field list' [1054]

SQL

INSERT INTO phpbb_profile_fields (field_length, field_minlen, field_maxlen, field_novalue, field_default_value, field_validation, field_required, field_show_on_reg, field_hide, field_show_profile, field_no_view, field_type, field_ident, field_name, field_order, field_active) VALUES (10, 0, 20, '', '', '.*', 1, 0, 0, 0, 0, 2, 'antispam', 'antispam', 1, 1)

BACKTRACE


FILE: includes/db/mysql.php
LINE: 174
CALL: dbal->sql_error()

FILE: includes/acp/acp_profile.php
LINE: 1055
CALL: dbal_mysql->sql_query()

FILE: includes/acp/acp_profile.php
LINE: 693
CALL: acp_profile->save_profile_field()

FILE: includes/functions_module.php
LINE: 507
CALL: acp_profile->main()

FILE: adm/index.php
LINE: 74
CALL: p_master->load_active()
xtraorange
Registered User
Posts: 1
Joined: Sun Jun 28, 2009 10:13 am

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by xtraorange »

I just wanted to say thanks for posting this. One of the forums I work on was having some huge problems with porn bots... none of us had any idea there was a post approval system built into phpbb to prevent them. Google pointed me to this thread, we activated it, and no more issues for the users. :)
dixieboy
Registered User
Posts: 20
Joined: Fri Nov 21, 2008 2:29 pm

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by dixieboy »

How effective are the new CAPTCHA settings in 3.0.5?

I had a phpBB 3 board that was set up to require registration to post and email confirmation to register. The board did not get much traffic, maybe a couple of dozen people per day. It got only a few posts per week. I went a way for a week and came back and found over 400 new spam posts. I took the board down. I can't tolerate that.

Ideally, I want to be able to have a board that allows unregistered guests to post. If I get hundreds of spams while requiring registration and email confirmation, I'm not going to be able to allow unregistered posting, obviously.

My Suggestion
I would like to see phpBB allow customizable CAPTCHAs so each board admin could create some alpha-numeric characters that would be different from anyone else's. For example, a folder could be created to allow custom characters. People could use MS Paint or some other program to create letters and numbers. phpBB would then take those numbers and characters--if they exist--and randomly make them part of its CAPTCHA. For example, I could create a file named a.jpg and it would contain my custom created character "a". phpBB would randomly select one of them and using GD, make it part of the CAPTCHA it shows to users. My characters would be different from those on any other phpBB board, making it much more difficult for someone to write a bot spam thousands of phpBB boards.

Spammers operate with efficiency in mind. They aren't going to bother writing hundreds of different versions of their bots to target all the different types of CAPTCHAs that could be employed.
User avatar
onehundredandtwo
Registered User
Posts: 1228
Joined: Fri Nov 14, 2008 8:07 am

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by onehundredandtwo »

dixieboy wrote:How effective are the new CAPTCHA settings in 3.0.5?
Paul wrote:I had at my testboard > 5800 attempts since I use the 3.0.5 CAPTCHA, and only 44 attempts that found the correct captcha.
See here for some stats, please note that this board itself is full of spam, so don't visit/post it :). If you click on the link to view the captcha you can see the captcha the bot saw.
dixieboy wrote:My Suggestion
I would like to see phpBB allow customizable CAPTCHAs so each board admin could create some alpha-numeric characters that would be different from anyone else's. For example, a folder could be created to allow custom characters. People could use MS Paint or some other program to create letters and numbers. phpBB would then take those numbers and characters--if they exist--and randomly make them part of its CAPTCHA. For example, I could create a file named a.jpg and it would contain my custom created character "a". phpBB would randomly select one of them and using GD, make it part of the CAPTCHA it shows to users. My characters would be different from those on any other phpBB board, making it much more difficult for someone to write a bot spam thousands of phpBB boards.
There is a blog post on CAPTCHA plug-ins here, this will be implemented in 3.0.6. You can already edit the GD CAPTCHA if you wish (and if you're up to it), by editing includes/captcha/captcha_gd.php.

Just remember there are a lot of other techniques you can use to prevent spam in phpBB on the first page. :)

onehundredandtwo.
Need help preventing spam? Read Preventing spam in phpBB 3.0.6 and above
dixieboy
Registered User
Posts: 20
Joined: Fri Nov 21, 2008 2:29 pm

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by dixieboy »

Thanks, onehundredandtwo. I will look at the CAPTCHA file and see if I can figure out a way to modify it to make my CAPTCHAs unique.
User avatar
Phil
Former Team Member
Posts: 10403
Joined: Sat Nov 25, 2006 4:11 am
Name: Phil Crumm
Contact:

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by Phil »

You'd be far better off implementing one of the suggestions in the first post of this topic. CAPTCHAs are really an archaic solution and chances are the bot will be able to read your changes anyway ;)
Moving on, with the wind. | My Corner of the Web
User avatar
PaulXIII
Registered User
Posts: 17
Joined: Thu May 21, 2009 2:53 pm

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by PaulXIII »

iWisdom wrote:You'd be far better off implementing one of the suggestions in the first post of this topic. CAPTCHAs are really an archaic solution and chances are the bot will be able to read your changes anyway ;)
That is a straightforward way of putting it. :lol:

If one is against using Mods, would the next best way be to use Post Queueing for a smallish forum?

Regards,

Paul
User avatar
Phil
Former Team Member
Posts: 10403
Joined: Sat Nov 25, 2006 4:11 am
Name: Phil Crumm
Contact:

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by Phil »

Putting ever user's first few posts on the queue would allow you to keep the spammers from posting, but they would still be able to register. If you want to avoid MODs, utilising custom profile fields is likely the best course of action you can take and should keep most (if not all) bots from registering -- worked for me for quite some time.
Moving on, with the wind. | My Corner of the Web
User avatar
PaulXIII
Registered User
Posts: 17
Joined: Thu May 21, 2009 2:53 pm

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by PaulXIII »

Many thanks. That makes a lot of sense.

Regards,

Paul
aeromaks
Registered User
Posts: 3
Joined: Wed Jun 03, 2009 5:21 am

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by aeromaks »

the past 3 months, I only had about 3 to 4 bots try to register daily, the past two, i had over 12 a day.

question, I remember seeing on some boards instead of a question, part of the registration was to click one out of say 4 or 5 images. so say Pick the picture of the 6 that is not of a dog. and they would have to select it.

Is there a mod like this for phpbb 3.05? I currently manually activate the accounts, but getting annoying.
User avatar
onehundredandtwo
Registered User
Posts: 1228
Joined: Fri Nov 14, 2008 8:07 am

Re: Preventing Spam in 3.0 [*Read First Post*]

Post by onehundredandtwo »

aeromaks wrote:Is there a mod like this for phpbb 3.05? I currently manually activate the accounts, but getting annoying.
That's Assira, there's a MOD for it here that's in development. ;)
Need help preventing spam? Read Preventing spam in phpBB 3.0.6 and above
Locked

Return to “[3.0.x] Support Forum”