Preventing Spam in phpBB 3.0.6 and Above [*Read First Post*]

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Get Involved
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
RobSkelton
Registered User
Posts: 4
Joined: Thu Jan 26, 2006 2:00 am

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by RobSkelton » Sat Sep 25, 2010 11:19 am

Although it is time-consuming, I manually approve new members, check their IP address and have a custom field asking why they are joining. If someone types in ghghghhg and have an India or China IP address, then it is easy to deny them.

What I haven't seen discussed is how the spammers locate out forums to begin with? Could having phpbb in the footer be a factor? Could I change it to php^bb or something and avoid spammers altogether?
2012Forum.com

Pony99CA
Registered User
Posts: 4783
Joined: Thu Sep 30, 2004 3:13 pm
Location: Hollister, CA
Name: Steve
Contact:

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by Pony99CA » Fri Oct 01, 2010 1:18 am

RobSkelton wrote:What I haven't seen discussed is how the spammers locate out forums to begin with? Could having phpbb in the footer be a factor? Could I change it to php^bb or something and avoid spammers altogether?
More likely they use Google's file search to find viewtopic.php or something similar.

Steve
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.

User avatar
/a3
Registered User
Posts: 411
Joined: Sun Sep 19, 2010 9:08 am
Location: /dev/random

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by /a3 » Tue Oct 05, 2010 7:10 am

They also follow the website profile links from other forums. I've found that they don't follow links in signatures, however. ;)
$ git commit -m "YOLO"

Drats
Registered User
Posts: 1
Joined: Wed Oct 06, 2010 12:30 pm

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by Drats » Wed Oct 06, 2010 12:34 pm

I use the "first post moderated" and lately I have found spamers who have found their way around it. Not too many yet, just the 2.

It has worked perfectly up until now, and still does with most but it may the start.

User avatar
Ag2000CO
Registered User
Posts: 261
Joined: Thu Oct 14, 2010 5:19 pm
Location: CO, US
Name: Lou
Contact:

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by Ag2000CO » Wed Oct 20, 2010 9:19 pm

RobSkelton wrote:What I haven't seen discussed is how the spammers locate out forums to begin with? Could having phpbb in the footer be a factor? Could I change it to php^bb or something and avoid spammers altogether?
Spammers may use Google but it appears to me that they use there own spiders too. I do not have my phpBB up and running yet so there are no links to it, nor any Google references. However, after installing the files (and then running into a db issue) the next log files showed about 20 hits just poking around.

To the outside world all I did was create a new sub-directory, /XX, and load the phpBB files. The log about 8 hours later showed hits. At that point I did a chmod to 740 to hide it until I get other issues resolved.

If you have access to your system logs look at the files request that have broken links, or look at your error log. The spiders know that they are looking for. They are looking for file names that are part of applications with known weaknesses or were admin/users may not have set things up correctly (securely).

I also run a newsletter for a small theater group. On the web version of the newsletter there is a form to make comments. Some guy in Holland has posted several "comment spam." I guess I should have named the file something other than comment.html But spammers are dumb and need all the help they can get!

Just because you are paranoid, doesn't mean their not out to get you!
Say what you will about Sisyphus. He always has work.

RobSkelton
Registered User
Posts: 4
Joined: Thu Jan 26, 2006 2:00 am

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by RobSkelton » Wed Oct 20, 2010 10:13 pm

Thanks - I guess it is easier (for me anyway) to just manually approve new members. I get roughly 2 spammers per 5 genuine each day.
2012Forum.com

User avatar
Ag2000CO
Registered User
Posts: 261
Joined: Thu Oct 14, 2010 5:19 pm
Location: CO, US
Name: Lou
Contact:

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by Ag2000CO » Wed Oct 20, 2010 11:54 pm

yea, reading this thread makes me wonder what I have volunteered for! I was hopping that the forum would off-load some of the email traffic among board members etc. coordinating things. -- but maybe my workload will just shift.
Say what you will about Sisyphus. He always has work.

User avatar
EduCatOR
Registered User
Posts: 18
Joined: Mon Oct 15, 2007 11:13 pm

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by EduCatOR » Sat Oct 23, 2010 1:26 am

Hi there, I've been looking into spam protection as my site is now getting hit. I run a few other forum software packages as well and one of them has a simple question during registration that is very successful in stopping bots. It asks a simple question like what is 3 + 2?

Is there anything like this for phpBB??

User avatar
/a3
Registered User
Posts: 411
Joined: Sun Sep 19, 2010 9:08 am
Location: /dev/random

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by /a3 » Sat Oct 23, 2010 2:00 am

EduCatOR wrote:It asks a simple question like what is 3 + 2?

Is there anything like this for phpBB??
There is a CAPTCHA plugin in the latest version of phpBB by default which allows you to make a list of questions/answers. Check out the first post in this thread and find on the section called Q&A CAPTCHA for some basic instructions.

I have used it, and so far bots are unable to get past it. :)
$ git commit -m "YOLO"

User avatar
EduCatOR
Registered User
Posts: 18
Joined: Mon Oct 15, 2007 11:13 pm

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by EduCatOR » Sat Oct 23, 2010 2:07 am

Thanks a3 actually I found an AntiBotQuestion mod that allows you to ask the question very easily upon registration. Works perfectly! :D

Thanks again.

User avatar
ric323
Former Team Member
Posts: 22909
Joined: Tue Feb 06, 2007 12:33 am
Location: Melbourne, Australia
Name: Ric
Contact:

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by ric323 » Sat Oct 23, 2010 3:19 am

EduCatOR wrote:Thanks a3 actually I found an AntiBotQuestion mod that allows you to ask the question very easily upon registration. Works perfectly! :D

Thanks again.
Why bother installing a MOD, when the same functionality is already built in to the latest versions of phpBB?
The Knowledge Base contains solutions to many common problems!
How to fix "Doesn't have a default value" and "Incorrect string value: xxx for column 'post_text' " errors.
How to do a clean re-install of the latest phpBB3 version.
Problems with permissions? Read phpBB3 Permissions

User avatar
EduCatOR
Registered User
Posts: 18
Joined: Mon Oct 15, 2007 11:13 pm

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by EduCatOR » Sat Oct 23, 2010 6:07 am

Hmmm...I must have missed this feature? I don't see it anywhere in the acp.

User avatar
ric323
Former Team Member
Posts: 22909
Joined: Tue Feb 06, 2007 12:33 am
Location: Melbourne, Australia
Name: Ric
Contact:

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by ric323 » Sat Oct 23, 2010 6:17 am

EduCatOR wrote:Hmmm...I must have missed this feature? I don't see it anywhere in the acp.
Do you have 3.0.7-pl1 ?
If yes, it is in "CAPTCHA module settings", using the "Q&A CAPTCHA" plugin. This is all described in the first post of this topic.
The Knowledge Base contains solutions to many common problems!
How to fix "Doesn't have a default value" and "Incorrect string value: xxx for column 'post_text' " errors.
How to do a clean re-install of the latest phpBB3 version.
Problems with permissions? Read phpBB3 Permissions

User avatar
/a3
Registered User
Posts: 411
Joined: Sun Sep 19, 2010 9:08 am
Location: /dev/random

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by /a3 » Sat Oct 23, 2010 6:19 am

The only difference will be that you will only have the Q&A, and not the normal image CAPTCHA.

But currently this is fine because bots can't break the Q&A anyway. ;)
$ git commit -m "YOLO"

User avatar
Ger
Recognised Extension Developer
Posts: 1882
Joined: Wed Jan 02, 2008 7:35 pm
Location: 192.168.1.100
Contact:

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Post by Ger » Sat Oct 23, 2010 6:20 am

Admin index -> CAPTCHA Module settings ->Choose from installed CAPTHCA plugins the Q&A CAPTHCA
My extensions:
Simple CMS, Feed post bot, Avatar Resize, Modbreak, Magic OGP, Live topic update, Modern Quote, Quoted Where (GDPR) and Autoresponder.
Newest: FAQ manager for 3.2

Like my work? Buy me a coffee to keep it coming. :ugeek:
-Available for custom work-

Locked

Return to “[3.0.x] Support Forum”