hammered by newly registered members

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Ideas Centre
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
Peter77sx
Registered User
Posts: 3259
Joined: Wed Nov 09, 2005 2:51 pm

Re: hammered by newly registered members

Post by Peter77sx »

I never use phpbb's Q&A for spam prevention.. never made sense to me because it normally doesn't work. :) There are much more effective ways from MOD's, for example, already in the mod database on this site.
User avatar
3Di
Former Team Member
Posts: 15742
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: hammered by newly registered members

Post by 3Di »

Peter77sx wrote:I never use phpbb's Q&A for spam prevention.. never made sense to me because it normally doesn't work. :) There are much more effective ways from MOD's, for example, already in the mod database on this site.
A link to it/them pls?
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
:studio_microphone: Looking for a specific feature or alternative option?
User avatar
wmtipton
Registered User
Posts: 564
Joined: Thu Apr 26, 2007 8:16 pm
Contact:

Re: hammered by newly registered members

Post by wmtipton »

I think what I'm going to do is in each of my forum headers Im going to put a small 6 digit number in the graphic banner and then make that the Q&A.
If its in the graphics obviously theres nothing in the code itself that gives the answer away so the bots wont be able to figure it out.
Maybe just change it out from time to time just to keep on top of things.
mysql database backup software - mysql Workbench
hlfritz
Registered User
Posts: 49
Joined: Sat Jun 29, 2002 7:59 pm
Location: San Diego
Contact:

Re: hammered by newly registered members

Post by hlfritz »

well, since my last post i have had a spammer register. the question i have configured is:

What are the 2nd, 3rd, 5th, and 6th alphabetic characters in the logo in the upper left?

the answer is LCSS.

the site link is : http://www.oplionclaws.com/phpBB

the logo with the answer is a graphic that is displayed in the upper left.

the user that registered is:

tifenni Sun Nov 18, 2012 7:09 pm Sun Nov 18, 2012 7:09 pm - Newly registered account

the i.p. registered from: 1.226.83.81

the email address registered with: mefang333@gmail.com

so this is a real issue if phpBB cannot be secured against these people/applications. does support or devs have any additional suggestions?

as a contrast, my other forum has had no more registrations. it is a LOT lower in popularity, traffic, users.
Last edited by hlfritz on Mon Nov 19, 2012 5:51 am, edited 1 time in total.
Helmut
User avatar
Jessica
Former Team Member
Posts: 4342
Joined: Sun Jul 18, 2010 2:53 pm
Location: Pennsylvania, USA
Name: Jessica
Contact:

Re: hammered by newly registered members

Post by Jessica »

3Di wrote:
Peter77sx wrote:I never use phpbb's Q&A for spam prevention.. never made sense to me because it normally doesn't work. :) There are much more effective ways from MOD's, for example, already in the mod database on this site.
A link to it/them pls?
Not in mod database, but works perfectly: viewtopic.php?f=70&t=2158357

this is what I use.
Pro-choice, Atheist, Pro-LGBT rights
Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid. - Albert Einstein
User avatar
panzer max
Registered User
Posts: 46
Joined: Thu Mar 19, 2009 1:19 am
Contact:

Re: hammered by newly registered members

Post by panzer max »

J_M wrote:here's a little more info about the text captcha self-learning:
With the option “Send the results to Botmaster Labs server” you earn POINTS for each new rule added by you, with 100 earned points you’ll be able to download from our server latest textcaptcha.txt.
In future we have plans to offer money for most active “teachers”.
This link has some screen shots and how the process works of sending information to the database. I hope this helps in creating more resilient questions. In the end the key seems to be changing the question frequently because there is still a human adding this information to the database.

http://ixrumer.com/xrumer/29-how-to-tea ... ptcha.html
It would be awesome if the phpBB team bought a copy of this program, learned how it works, and then created a module for phpBB that would defeat it. :)
User avatar
Lumpy Burgertushie
Registered User
Posts: 67939
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: hammered by newly registered members

Post by Lumpy Burgertushie »

Peter77sx wrote:I never use phpbb's Q&A for spam prevention.. never made sense to me because it normally doesn't work. :) There are much more effective ways from MOD's, for example, already in the mod database on this site.
that is simply not true. the Q&A with a good question has and continues to work just fine even with this new attack, a good question still stops the bots.
other methods may work as well.


robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If nobody is in the forest, does a tree really fall?
Paljas
Registered User
Posts: 4
Joined: Thu Aug 20, 2009 11:22 am

Re: hammered by newly registered members

Post by Paljas »

Had the same problem, hundreds of spam posts a day. Changing the question into something difficult for a
machine to interpret helped fine. We've been spamless ever since (for a few days now).
panzer max wrote:It would be awesome if the phpBB team bought a copy of this program, learned how it works, and then created a module for phpBB that would defeat it. :)
You do not 'defeat' the bot, the bot 'defeats' you. The bots defeat specific captcha methods. You can easily come up with something that the bot wasn't taught to beat so far, but it's just a matter of time before some lowlife finds a way to auto-answer it. So you can only beat the lowlifes by always being one step ahead, which takes work. That's why the Q&A is so powerful; it distributes this work over all forum admins, which are countless, so if everyone comes up with a good question from time to time, the lowlifes will not be able to keep up.
bmer
Registered User
Posts: 142
Joined: Sun Dec 07, 2003 10:36 pm

Re: hammered by newly registered members

Post by bmer »

I KILLED SPAM REGISTRATIONS DEAD without using the Q&A mod.

I simply set up a CUSTOM PROFILE on the registration page. Along with Simple Image, it's working like charm for me and it's easy on the end-user too. Read how to set one up here. https://www.phpbb.com/kb/article/custom ... mmer-tool/
Last edited by Mick on Mon Nov 19, 2012 8:44 am, edited 1 time in total.
Reason: Removed unnecessary sizing.
User avatar
Mick
Support Team Member
Support Team Member
Posts: 22569
Joined: Fri Aug 29, 2008 9:49 am
Location: Cardiff

Re: hammered by newly registered members

Post by Mick »

I've just re-activated my Custom profile fields as well and, seeing as the option is already there, it's a good thing to try. FWIW Q&A isn't a MOD it's built in.
"The more connected we get the more alone we become" - Kyle Broflovski©
Schwpz
Registered User
Posts: 335
Joined: Wed May 07, 2003 1:33 pm
Location: Planet Zot
Contact:

Re: hammered by newly registered members

Post by Schwpz »

panzer max wrote:It would be awesome if the phpBB team bought a copy of this program, learned how it works, and then created a module for phpBB that would defeat it. :)
But phpBB can't possibly be the only software hit by this malicious spamhole?

Since this is very obviously a program set on cracking registration obstacles in general, rather than a problem with the phpBB software itself, it's only logical to assume also other online platforms and softwares must have been hit by tthem too, like Wordpress, Joombla, other forum softwares, etc. Surely also other online programs who requires registration beside phpBB must have noticed the wave.

In other words, is this only forums related, or are other online services affected too, like blogs?
An if it's only targetting communities; is phpBB the only forum software targeted by the spam wave, or are other bulletin softwares affected too?

If other are affected it would be wise to learn how others are dealing with it, to increase knowledge on how to secure our butts against future waves.
..:: PlanetZot.com - Your ultimate source for animation! ^^
chris.h
Registered User
Posts: 22
Joined: Wed May 23, 2007 11:27 am
Location: Evesham
Contact:

Re: hammered by newly registered members

Post by chris.h »

Just to add about 700+ spam registrations on two diffrent phpbb forums we have running on diffrent hosts. Started Friday the 16th as near as I can see.
User avatar
HGN
Former Team Member
Posts: 4706
Joined: Wed Dec 03, 2008 1:53 pm
Location: The Netherlands
Name: Alfred
Contact:

Re: hammered by newly registered members

Post by HGN »

Schwpz wrote:In other words, is this only forums related, or are other online services affected too, like blogs?
An if it's only targetting communities; is phpBB the only forum software targeted by the spam wave, or are other bulletin softwares affected too?
No, it is not just bulletin board or phpBB related. All platforms where visitors are able to post are targeted. The more a software platform is used, the more value it has for the spammers.
Schwpz wrote:If other are affected it would be wise to learn how others are dealing with it, to increase knowledge on how to secure our butts against future waves.
The problem with this is that when all platforms will use a captcha based on the same principles, is makes it easier for the spambots to focus on that and to break it. The best way to make it hard for the spambots is to have captcha's which are unique, meaning not to be broken by a program. That's why Q&A (or text captcha's) is considered to be a strong method. Apart from filling a large database with all questions and answers (often requiring human input) for many questions it is impossible to break it by a program. A program must be able to interpret the question and then solve it using an algorithm. If a question has a typo, e.g. secnd instead of second, the spam program must be configured to know that secnd means second.
User avatar
RMcGirr83
Recognised Extension Developer
Posts: 21172
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr

Re: hammered by newly registered members

Post by RMcGirr83 »

To combat spam I hid the "email_confirm" field and changed the error check in the ucp_register.php file. That way only bots will fill in the email_confirm field as they still think it exists.
In times of change, learners inherit the earth, while the learned find themselves beautifully equipped to deal with a world that no longer exists - Eric Hoffer
Former Modifications/Extensions Team Member | My extensions | My extensions are updated regularly on github
Appreciate the extensions/mods/support then buy me a beer
All requests for support via PM will be ignored
perceptualChaos
Registered User
Posts: 6
Joined: Sun Nov 18, 2012 12:43 pm

Re: hammered by newly registered members

Post by perceptualChaos »

So does it look like the PhpBB "enter the capital letters of this string" is being solved by a bot? Or is it just getting targeted by humans, whose answer is uploaded to a database? I noticed that it's still being used...
Locked

Return to “[3.0.x] Support Forum”