Preventing Spam in phpBB 3.0.6 and Above [*Read First Post*]

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Get Involved
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
Darth Wong
Registered User
Posts: 2398
Joined: Wed Jul 03, 2002 5:20 am
Location: Toronto, Canada
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Darth Wong »

Brf wrote:OK. I will reply to that after I have deleted my first human spammer.
I don't know whether your forum is simply not that attractive to spammers for some other reason, but the fact remains that if a regular person can successfully sign up on your forum, then a human spammer can do so as well. There is absolutely no logical reason why a human spammer would be unable to sign up if a human who intends to participate normally can sign up. It's not as if you can concoct a question which would magically differentiate between new users based on their intentions, unless there's some sort of Psychic Probe CAPTCHA plug-in.
Not a three-foot tall green gnome in real-life: My home page.
My wretched hive of scum and villainy: http://bbs.stardestroyer.net/
az2000
Registered User
Posts: 37
Joined: Mon Dec 14, 2009 10:54 pm

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by az2000 »

Darth Wong wrote:There is absolutely no logical reason why a human spammer would be unable to sign up if a human who intends to participate normally can sign up.
I got the impression from an earlier post that "brf" was saying to create Q&A questions specific to your group's audience. Example: for an online-gaming forum, a spammer is unlikely to know some terms found in World of Warcraft.

I think that's a pretty good idea for a very specific, focused forum. It could make it difficult for spammers to join. But, for less-specific forums (do-it-yourself auto repair; stay-at-home mom's) it's not as possible.

It's kind of like the "crazy maths" captcha. The example is for a forum intended to be used by engineers or physicists. A lot of us aren't going to be able to figure out that kind of math. But, it could be useful for the average forum. Simple math can be generated, but not as easily screen-scraped because it's a Latex-generated image.

I don't think there's a one-size-fits-all solution. Probably 2-3 plug ins are needed (including the use of at least one collaborative service like Akismet, Spam Karma II, Spam Assassin, Bot Scout, Stop Forum Spam. Those are the ones I've seen mentioned in this thread. But, I'm not personally familiar with any.).

Every forum's different.
Darth Wong
Registered User
Posts: 2398
Joined: Wed Jul 03, 2002 5:20 am
Location: Toronto, Canada
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Darth Wong »

az2000 wrote:
Darth Wong wrote:There is absolutely no logical reason why a human spammer would be unable to sign up if a human who intends to participate normally can sign up.
I got the impression from an earlier post that "brf" was saying to create Q&A questions specific to your group's audience. Example: for an online-gaming forum, a spammer is unlikely to know some terms found in World of Warcraft.
Ahhhh, I see what you're talking about. Still, even that wouldn't stop everybody. My most recent human spammer was a guy who signed up on my sci-fi board in order to drum up traffic for his own website, which also involved sci-fi.

Besides, since I run a sci-fi board, it seems incredibly geeky to me to put a genre-specific question in the registration page. If the registration page asked "What is the name of Senator Amidala's home planet", it would stop anyone who doesn't know Star Wars, but it would also set off everybody's Geek-O-Meter :)
I think that's a pretty good idea for a very specific, focused forum. It could make it difficult for spammers to join. But, for less-specific forums (do-it-yourself auto repair; stay-at-home mom's) it's not as possible.
There's also the problem of forums which have more than one focus. For example, my own forum is "science and sci-fi", which are sort of related but not identical. Someone could be interested in science and yet have no idea who Senator Amidala is, for example.
It's kind of like the "crazy maths" captcha. The example is for a forum intended to be used by engineers or physicists. A lot of us aren't going to be able to figure out that kind of math. But, it could be useful for the average forum. Simple math can be generated, but not as easily screen-scraped because it's a Latex-generated image.

I don't think there's a one-size-fits-all solution. Probably 2-3 plug ins are needed (including the use of at least one collaborative service like Akismet, Spam Karma II, Spam Assassin, Bot Scout, Stop Forum Spam. Those are the ones I've seen mentioned in this thread. But, I'm not personally familiar with any.).

Every forum's different.
True.
Not a three-foot tall green gnome in real-life: My home page.
My wretched hive of scum and villainy: http://bbs.stardestroyer.net/
User avatar
Mick
Support Team Member
Support Team Member
Posts: 22541
Joined: Fri Aug 29, 2008 9:49 am
Location: Cardiff

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Mick »

Darth Wong wrote:If the registration page asked "What is the name of Senator Amidala's home planet", it would stop anyone who doesn't know Star Wars . . .
Not if the user knew how to use Google: Naboo
"The more connected we get the more alone we become" - Kyle Broflovski©
User avatar
Brf
Support Team Member
Support Team Member
Posts: 52018
Joined: Tue May 10, 2005 7:47 pm
Location: {postrow.POSTER_FROM}
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Brf »

Yes.
My phpBB3 board is specific to an online game. The Q&A answer can be found pretty easily in that game's help documentation. A Google search for the answer only brings up pages of microbreweries.

I had at least a dozen human-spammer signups per day before I updated to 3.0.6 and set the Q&A.
Juanla
Registered User
Posts: 44
Joined: Mon Aug 24, 2009 8:03 pm

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Juanla »

Is great, thanks!
Sorry my bad english :)
Lost Fresno
Registered User
Posts: 6
Joined: Wed Jan 13, 2010 5:11 pm

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Lost Fresno »

This is a great thread and the suggestions do indeed limit the amount of spam. Thanks!
gwmara
Registered User
Posts: 22
Joined: Sat Dec 05, 2009 3:29 pm

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by gwmara »

We are having human spammers. I'm not so concerned about their posts, yet, I'm more concerned about the links they post.
We have one public forum where people can apply to become members. How do I prevent guests from posting links and using any coding in posts at all?
User avatar
calebrw
Registered User
Posts: 679
Joined: Mon May 10, 2004 1:44 am
Location: Minneapolis, Minnesota
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by calebrw »

HTML wise, I'm not sure.

For disabling BBcode by guests in your apply to be members forum:

ACP > Forums > Group's forum permissions > Select Guests from the dropdown > Select the forum you wish to modify > Click Advanced Permissions > Content (tab) > select no on "Can use BBCode" > Apply Permissions

This will stop them from using BBCode in that forum.
Caleb Williams
My Photography:
http://blog.calebwilliamsphotography.com
User avatar
Mick
Support Team Member
Support Team Member
Posts: 22541
Joined: Fri Aug 29, 2008 9:49 am
Location: Cardiff

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Mick »

gwmara wrote:How do I prevent guests from posting links and using any coding in posts at all?
Why allow guests to post at all, it's always quite a dangerous option IMHO? If people don't want to join your board or can't be bothered why would you want them there anyway?
"The more connected we get the more alone we become" - Kyle Broflovski©
User avatar
Eriamjh1138
Registered User
Posts: 33
Joined: Wed Dec 24, 2008 1:11 am

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Eriamjh1138 »

Mixstar wrote:Why allow guests to post at all, it's always quite a dangerous option IMHO? If people don't want to join your board or can't be bothered why would you want them there anyway?
Unfortunately, some forums have users who are idiots and lose their password, forget their username, what year it is, etc.

I give them a place to post to request their info (if they don't remember or know my email) so I can send them new passwords. If the CAPTCHA system is good enough for registrations, it should work well for guest posts without allowing any spam.
User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Martin Truckenbrodt »

Hello,
to prevent human spammers IMO there is only one good and quite effectiv secure way: The DNSBL check. You can extend and optimize this option with the Advanced Block MOD.

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!
ToonArmy
Former Team Member
Posts: 4608
Joined: Sat Mar 06, 2004 5:29 pm
Location: Worcestershire, UK
Name: Chris Smith
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by ToonArmy »

Martin Truckenbrodt wrote:to prevent human spammers IMO there is only one good and quite effectiv secure way: The DNSBL check. You can extend and optimize this option with the Advanced Block MOD.
CAPTCHA plugins are much more convenient for users to install, you could add DNSBL checks into a CAPTCHA plugin with great ease.
Chris SmithGitHub
User avatar
Martin Truckenbrodt
Registered User
Posts: 3045
Joined: Sun Mar 23, 2003 6:22 pm
Location: Franconia
Name: Martin Truckenbrodt
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by Martin Truckenbrodt »

Hello chris,
if you will remove the hard-coded simple default DNSBL check from the phpBB3 core package then I would make a CAPTCHA plugin for this job. But I think this is not possible cause the CAPTCHA thing is working then the registration page still is displayed. If an IP address is blocked by the DNSBL check then the registration form is not displayed. Please check it and correct me if I'm not right.

P.S. I hope you understand my English.

Bye Martin
Free tutorial: Installing MODs in phpBB 3.0
Advanced Block MOD - Prevent spam on your phpBB 3.0 board with Stop Forum Spam, BotScout, Akismet, Project Honey Pot and several IP-RBL and Domain-RBL DNS blacklists!
My MODs
Use the official phpBB Ideas to vote missing core features!!!
User avatar
ric323
Former Team Member
Posts: 22910
Joined: Tue Feb 06, 2007 12:33 am
Location: Melbourne, Australia
Name: Ric
Contact:

Re: Preventing Spam in phpBB 3.0.6 [*Read First Post*]

Post by ric323 »

Martin Truckenbrodt wrote:Hello chris,
if you will remove the hard-coded simple default DNSBL check from the phpBB3 core package then I would make a CAPTCHA plugin for this job. But I think this is not possible cause the CAPTCHA thing is working then the registration page still is displayed. If an IP address is blocked by the DNSBL check then the registration form is not displayed. Please check it and correct me if I'm not right.

P.S. I hope you understand my English.

Bye Martin
The DNSBL built into phpBB3 can be turned off on the "Security" page.

"Check IP against DNS Blackhole List:" = "Yes/No".
The Knowledge Base contains solutions to many common problems!
How to fix "Doesn't have a default value" and "Incorrect string value: xxx for column 'post_text' " errors.
How to do a clean re-install of the latest phpBB3 version.
Problems with permissions? Read phpBB3 Permissions
Locked

Return to “[3.0.x] Support Forum”