New round of spam registrations

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Scam Warning
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
marcinj
Registered User
Posts: 8
Joined: Thu Jan 19, 2012 11:23 am
Location: Poland
Name: Marcin
Contact:

Re: New round of spam registrations

Post by marcinj »

Ouch. Thanks for hint and your patience. :?
cdodds
Registered User
Posts: 228
Joined: Sat Jul 10, 2010 2:19 am
Name: Don Cdoddsy
Contact:

Re: New round of spam registrations

Post by cdodds »

Same, I am suddenly having this problem as well. Our board has been up for years, but we have not had bot problems in well over a year since we installed several spambot prevention mods / activated recaptcha / added custom fields. Now all of a sudden, for the past 2 days we have been getting about 20 bots a day mass posting everything from prescription drugs to adult videos. Half of the spam is in arabic and or contains the word "arab" in it. When I trace the ip's they all lead to various VPNS in small countries. I have been ip banning / ban hammering like mad, yet they keep on coming.

If anyone finds a solution that seems to work...I am all ears.
User avatar
Oyabun1
Former Team Member
Posts: 23162
Joined: Sun May 17, 2009 1:05 pm
Location: Australia
Name: Bill

Re: New round of spam registrations

Post by Oyabun1 »

Have you followed the advice the sticky in this forum, Preventing Spam in phpBB3?
                      Support Request Template
3.0.x: Knowledge Base Styles Support MOD Requests
3.1.x: Knowledge BaseStyles SupportExtension Requests
User avatar
KevC
Support Team Member
Support Team Member
Posts: 70284
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: New round of spam registrations

Post by KevC »

cdodds wrote:Same, I am suddenly having this problem as well. Our board has been up for years, but we have not had bot problems in well over a year since we installed several spambot prevention mods / activated recaptcha / added custom fields. Now all of a sudden, for the past 2 days we have been getting about 20 bots a day mass posting everything from prescription drugs to adult videos. Half of the spam is in arabic and or contains the word "arab" in it. When I trace the ip's they all lead to various VPNS in small countries. I have been ip banning / ban hammering like mad, yet they keep on coming.

If anyone finds a solution that seems to work...I am all ears.
If it's the site in your profile, you're still using recaptcha which was broken a long time ago. Follow the link in the post above to find out how to stop them.
-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"
User avatar
countrydj
Registered User
Posts: 47
Joined: Thu Jul 15, 2010 5:10 pm
Location: Preston, UK
Name: John Craven

Re: New round of spam registrations

Post by countrydj »

Hi Guys...
I'm comforted to find this post.
I have been using Q&A for a long time now, without any problems.
However, like everybody else on this thread, I'm getting lots of unwelcome registrations.
I changed to reCaptcha, but that made no difference.
You have a simple maths question on your Q&A.
That's no good. They can search for the answer to that. It needs to be something you can't search for.
This is a good point.
I'm going to change from a few questions, to just one.
I can then change them one at a time if spams don't stop.

BTW: A few years ago, I introduced a SECOND registration email.
The registrant was taken from the normal registration form to a 'Please activate' form.
The general rule is that if we DO NOT receive BOTH registration and activation form - NO ACTIVATION.

I introduced this because I was fed up uf ploughing the masses of registrations.
The MAN, The MYTH, The LEGEND:
John C
________________________________
Support your local Country Music Club
User avatar
Blackwolf_Oz
Registered User
Posts: 264
Joined: Sat Jan 02, 2010 5:15 am
Location: Melbourne Australia
Name: Nick
Contact:

Re: New round of spam registrations

Post by Blackwolf_Oz »

Have a look at This mod

I installed it about 3 months ago & have been amazed at the instant drop.

I'm talking thousand of bots/ hack attempts/spam registrations....daily

Plenty of support at the forum
Don't let the robots in the door!
A GPL V2 PHP Protection Script for your site.

This php security script is designed to detect certain behaviors detrimental to websites, or known bad addresses attempting to access your site. It then will send the bad robot (usually) or hacker an authentic 403 FORBIDDEN page with a description of what the problem was. If the attacker persists, then they will be served up a permanently recurring 503 OVERLOAD message with a 24 hour timeout.
What ZB Block is Excellent at:

Saves money by reducing hacker bandwith usage! (by 2,500% on this site's index page alone!)
Strengthing your site against defacement.
Preventing PHP script exploitation.
Ending Remote File Include (RFI) exploits.
Protecting against directory traversal attacks.
Stopping MySQL database injection and tampering.
Removing access from known bad addresses and domain names.
Blocking access from top level domains, like .cn (China) and .kp (North Korea).

What ZB Block is Good at:

Avoiding website scraping/content theft.
Deterring bad user agents.
Halting referrer spam.
Impeding some Cross Site Scripting (XSS) attacks.
We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.

Ultimate Edition, Ultimate Edition Oz, Oz Unity
User avatar
Mick
Support Team Member
Support Team Member
Posts: 22919
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket probably.

Re: New round of spam registrations

Post by Mick »

@countrydj: Please start your own topic next time, it makes it easier for us to follow.

reCaptcha is a waste of time as it was compromised ages ago as were the other GD/image style CAPTCHAs. There's no need for any MODs or third party add-ons. If you've been using Q&A successfully for a time and now you're getting unwanted registrations, change the Q&A. The advice is to use only one Q&A anyway so you're going in the right direction. Can you post a link to your board please?
"The more connected we get the more alone we become" - Kyle Broflovski©
User avatar
countrydj
Registered User
Posts: 47
Joined: Thu Jul 15, 2010 5:10 pm
Location: Preston, UK
Name: John Craven

Re: New round of spam registrations

Post by countrydj »

@countrydj: Please start your own topic next time, it makes it easier for us to follow.
The last time I started a new thread for a topic that was identical and current I was in trouble.
It seems that I can't win.
The MAN, The MYTH, The LEGEND:
John C
________________________________
Support your local Country Music Club
golf25radioman
Registered User
Posts: 76
Joined: Sun Dec 12, 2004 3:26 am
Location: So. California
Contact:

Re: New round of spam registrations

Post by golf25radioman »

Mick wrote:Have a read of Preventing Spam in phpBB3 then I suggest you adopt the Q&A CAPTCHA using a GOOD, none searchable, question and answer as all other CAPTCHA's (reCAPTCHA and GD etc.) were compromised over a year ago.
My question is how do the "bots" get past the reCAPTCHA? I know I have trouble myself in getting through them. How do they? I've got reCAPTCHA activated, my only savior is the question - which they never get. But, that still leaves me with opening each one and checking it then deleting it. Today I did 141 of them.
User avatar
KevC
Support Team Member
Support Team Member
Posts: 70284
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: New round of spam registrations

Post by KevC »

The spambots are very good at reading wobbly letters.
-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"
User avatar
Brf
Support Team Member
Support Team Member
Posts: 52173
Joined: Tue May 10, 2005 7:47 pm
Location: {postrow.POSTER_FROM}
Contact:

Re: New round of spam registrations

Post by Brf »

golf25radioman wrote: But, that still leaves me with opening each one and checking it then deleting it. Today I did 141 of them.
Opening and deleting each what? If they cannot answer the Q&A captcha, their user is never created, so there is nothing to delete.
golf25radioman
Registered User
Posts: 76
Joined: Sun Dec 12, 2004 3:26 am
Location: So. California
Contact:

Re: New round of spam registrations

Post by golf25radioman »

Brf wrote:
golf25radioman wrote: But, that still leaves me with opening each one and checking it then deleting it. Today I did 141 of them.
Opening and deleting each what? If they cannot answer the Q&A captcha, their user is never created, so there is nothing to delete.
Spam registrations sent to the admin of the board are what I open, and then I have to delete the inactive registration(s). I didn't see the posts about the bots being able read the captcha. The simple Q&A answer I put up didn't do it, so I used the unique example in the previous posting. So We'll see what tomorrow brings.
daviswe
Registered User
Posts: 12
Joined: Thu Aug 30, 2012 5:06 pm

Re: New round of spam registrations

Post by daviswe »

Mick,

I've never been able to get Q&A to appear on my site. Several folks have posted the same instructions on many forums and topics, but they are all about older versions, as I'm running 3.0.11. As the spam postings pile up, I can barely keep up, and would like to ask if anyone has ideas as to why an 'out of the box' installation of3.0.11 and the standard prosilver theme would refuse to use Q&A, or any of the others for that matter. They just never appear during posts...

Ed
User avatar
Brf
Support Team Member
Support Team Member
Posts: 52173
Joined: Tue May 10, 2005 7:47 pm
Location: {postrow.POSTER_FROM}
Contact:

Re: New round of spam registrations

Post by Brf »

daviswe wrote:Mick,

I've never been able to get Q&A to appear on my site.
Stop making duplicate posts.
Your motorcycle-making-noise question is showing just fine.
golf25radioman
Registered User
Posts: 76
Joined: Sun Dec 12, 2004 3:26 am
Location: So. California
Contact:

Re: New round of spam registrations

Post by golf25radioman »

Thank you to all the suggestions for the war on the spam bots. I was surprised that the captcha had been compromised since as a human I have trouble at times with them. But so far the Q&A has stopped them, and I thank all for their advice.
Locked

Return to “[3.0.x] Support Forum”