Preventing Spam in 3.0.5 and Lower [*Read First Post*]

[Sr X]

interesting article: Google tries new Captcha method

[shaunb]

Hey guys, sorry if this has been asked before - is there a quick way to delete users, i have 118 users i need deleteing?

This spam hit my board hard - have sorted it now - but been away for 2 weeks now i have to clear it all out and don't know a quick way - I have deleted the threads, its just the users i need rid of?

Your help is grately appreciated

[AlanRM]

Hey guys, sorry if this has been asked before - is there a quick way to delete users, i have 118 users i need deleteing?

This spam hit my board hard - have sorted it now - but been away for 2 weeks now i have to clear it all out and don't know a quick way - I have deleted the threads, its just the users i need rid of?

Your help is greatly appreciated

Assuming you have some, if not all, administration permissions, get to the offenders profile and behind the users name you should see: [ Administrate user ]
Click on that and you'll be taken to the "Administration Control Panel" at the bottom of the Overview page is a checkbox labeled "Delete User" and a menu to Retain Posts or Delete Posts. Click Submit and Click Yes on the next screen.

While you're in the ACP, click on the Users and Groups tab and then click on "Inactive Users" on the left side.
This MAY give you a large list of people or more probably bots that filled out the registration page but have never responded to the registration verification email. The reason will be "Newly registered account" but the Joined date may be days or weeks ago. These can be deleted enmass by clicking "Mark all" at the bottom right of the page, selecting Delete from the drop down menu and hitting Submit.

[bbrunnrman]

Hey guys, sorry if this has been asked before - is there a quick way to delete users, i have 118 users i need deleteing?

Assuming that the users are active (as would be the case if they're spammers who have posted, and you haven't explicitly deactivated the accounts--in which case you might just as easily have deleted them!), there probably isn't any method as quick as the one AlanRM described for inactive users. However, if you have the list of usernames you want to delete, here's a reasonably quick method:

In the ACP, go to Users and Groups > Prune users. The resulting form includes 5 specific criteria at the top. Assuming these won't catch the particular users you want, use the large text box labeled "Prune users: Enter specific usernames here, they will be used in preference to the criteria above." Paste in your list of usernames. The form also includes a choice of "Deactivate or delete," so be sure to click "Delete" if you want to delete them. After submitting, you'll get one more chance to say if you really want to delete them.

[momentum]

Disregard. Meant to be a PM.

[shaunb]

Thanks AlanRM & bbrunnrman - worked a treat. Much appreciated.

[jip78]

I tried this mod/hack since it was quick. I still got spammers. Not sure if those are bots or human spammers.
Changed register to registertt887. Perhaps the name needs to be longer???

Like everyone else, I recently started getting nailed by spam bot signups at my board. I've read through this entire thread as well as many of the MODS in mod development. Seems like everything pretty much addresses the registration process itself to deter bots. I did a little thinking based on this from the initial post in this thread:

Spam bots do what they are programmed to do; nothing more. Not having the ability to adapt on the fly puts bots at a disadvantage when put against informed administrators such as yourself. The trick for dealing with bots is to stay one step ahead of their authors. Nearly all anti-spam MODs focus on changing the registration/posting form in order to prevent bots from being able to fill out the information properly.

I think I may have figured out a nearly permanent solution (and relatively easy). PLEASE NOTE: At this moment I have only tried this on my own board. I have not yet submitted it for a MOD development. It isn't supported nor approved by phpbb group, and if I'm out of place posting this here, let me know and instruct me on the correct way. But since this topic is "Preventing Spam" I decided to post my thoughts in case anyone else wanted to experiment with it.

My assumption is the bots target ucp.php?mode=register

So instead of trying to alter the registration form itself, I decided to alter the mode in the registration link and haven't had a bot sign up since uploading the changes. It has stopped them 100%

This isn't quite in official MOD format, but this is all I did (phpbb3 version 3.0.4, btw):

Code: Select all

 
Open ucp.php
 
//Find
case 'register':
 
//Replace With
case 'register_stop_forum_spam':
 
---------------------
Open includes/functions.php
 
//Find
'U_REGISTER'            => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
 
//Replace with
'U_REGISTER'            => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register_stop_forum_spam'),
 
--------------------
 
Open includes/ucp/ucp_register.php
 
//Find and Replace All (five instances)
mode=register
 
//Replace All With
mode=register_stop_forum_spam
 
 
//Save and Close all Files
 

The theory behind this was that bots are looking for the same thing on all phpbb forums. ie ucp.php?mode=register In fact, after making these changes, if you try to go to http://www.yourdomain.com/ucp.php?mode=register it doesn't even 404 and simply takes you to the login screen.

They aren't going to be looking for ucp.php?mode=register_stop_forum_spam
The beauty of it is that you can change the mode to anything you want. It could be mode=register_eat_at_joes if you wanted. If the bots happen to find it, simply change it to something else. Make the spammers work for a change! lol

In fact with a little thought, you could probably automate a script to change all this randomly on a daily basis.

if the phpbb group could implement this somehow in the ACP that the Admin could change it at will, (or even on a set schedule) everyone's phpbb registration link would be different and make it extremely tough for the bots to get to -in theory anyway.

I'll keep you posted on how it goes, but so far and not a single bot signup and I had been getting several an hour for the last three or four weeks.

//side note. The changes are instantaneous after uploading. No clearing Cache required.

[ATNO/TW]

My idea won't catch human ones for sure. They'll click the registration link which will take them to the registration form. As for bots, I had over 1000 since February - multiple signups on a daily basis. Since I put this at my place not a single one - been well over 48 hours now.

[onehundredandtwo]

I tried this mod/hack since it was quick. I still got spammers. Not sure if those are bots or human spammers.
Changed register to registertt887. Perhaps the name needs to be longer???

I would use something like sign_up, or anything that doesn't have register in it.

[ixolite]

Custom Profile Fields - There is an article in the Knowledge Base detailing utilising Custom Profile Fields as a spam deterrent. This seems to be effective against most bots.

Nice one.


We have a little problem with spammers lately. They are now able not only to register, but also to activate their account despite the e-mail domain being banned. Formerly (meaning since the upgrade to phpBB3) they would only end up as inactive users and we'll delete them, but since a few days they somehow manage to activate their accounts. (Settings are set to user activation.)

[Anubis_The_Jackal]

Is there a mod that can display active users like inactive users? I'd love to be able to mass-delete some of the bots that are obviously bots in one go without clicking through 765 accounts and deleting each and every single one by hand over and over and over and over again.

Thanks

[Mick]

We have a little problem with spammers lately. They are now able not only to register, but also to activate their account despite the e-mail domain being banned. Formerly (meaning since the upgrade to phpBB3) they would only end up as inactive users and we'll delete them, but since a few days they somehow manage to activate their accounts. (Settings are set to user activation.)

You must have done something wrong, I haven't had a successful bot strike for months since I did the mods. Re-check your settings.

[bbrunnrman]

Custom Profile Fields - There is an article in the Knowledge Base detailing utilising Custom Profile Fields as a spam deterrent. This seems to be effective against most bots.

Nice one.

We have a little problem with spammers lately. They are now able not only to register, but also to activate their account despite the e-mail domain being banned. Formerly (meaning since the upgrade to phpBB3) they would only end up as inactive users and we'll delete them, but since a few days they somehow manage to activate their accounts. (Settings are set to user activation.)

On use of custom profile fields, be aware that the Knowledge Base article contains out-of-date screenshots (probably made in phpBB 3.0.2) and the depicted settings don't work right in the current version of phpBB (3.0.4). Correct settings for 3.0.4 are shown in my post at http://www.phpbb.com/community/viewtopi ... 5#p9260725 It's curious that screenshots haven't been updated in the Knowledge Base article, but maybe that's because custom profile settings will change again in 3.0.5, as indicated in the post by Eelke at http://www.phpbb.com/community/viewtopi ... 5#p9263045

As for the claim that spammers are registering even though their e-mail domain was banned: If true, this would indicate a bug in phpBB. I am unable to verify such a bug. I suggest checking to see if the spammers' e-mail domains match the banned domains exactly. There may be subtle differences in similar-looking characters, such as letter "oh" and numeral "zero", etc.

[Eelke]

They are now able not only to register, but also to activate their account despite the e-mail domain being banned.

"Banning" email-domains only prevents people from signing up using that email-domain. If they have already signed up, they would have received the activation email (as long as the email address is valid) and they can activate their account; their email is not checked against the banned email addresses. You will have to ban the account itself.

[bbcom77]

I did a simple thing to prevent spamming.

I do the maintenance of a website of an organisation where you can make yourself member online.
Within the form a added an 'invisible' inputfield. Not <input type=hidden> , just invisible for the human eye because it has no border and it has the same colour as the background of the webpage. No human can see there is an inputfield where he or she can write something. But spambots do see this field and write something in it, as they do in all fields. Well... if there is something written in that invisible field, you know it's a spambot and you don't post the form... It's simple but it works...

Can any of you make a MOD with this principle for phpBB3?

And: can this system be broken?!

Bram