hammered by newly registered members

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Scam Warning
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
User avatar
Mick
Support Team Member
Support Team Member
Posts: 21443
Joined: Fri Aug 29, 2008 9:49 am
Location: Not watching cricket

Re: hammered by newly registered members

Post by Mick » Fri Nov 23, 2012 11:16 am

@Angoid: If you have a specific issue please make a new topic in support by filling out the Support Request Template Generator and post it back in your new topic to enable us to assist you better, thanks.
"The more connected we get the more alone we become" - Kyle Broflovski

gavinwatson
Registered User
Posts: 13
Joined: Fri Nov 23, 2012 1:25 pm

Re: hammered by newly registered members

Post by gavinwatson » Fri Nov 23, 2012 1:32 pm

Hello,

I have the same problem as has been reported here, but I have the User Registration disabled and do not allow guest posts.

How can they be getting through?

They appear to register (though registration is disabled), then post SPAM and then appear as not registered anymore.

This started happening last week.

Has there been a solution to this?

Angoid
Registered User
Posts: 63
Joined: Tue Nov 22, 2005 8:28 pm
Location: East Midlands, UK
Contact:

Re: hammered by newly registered members

Post by Angoid » Fri Nov 23, 2012 1:56 pm

Hi gavinwatson,

Check in the ACP for inactive members .... do you have anything there? Especially spammy-looking ones?
If so, delete them all together with their posts (if any).

Not sure how that affects things, but it's the advice given here and it does seem to be effective.

I'm pretty sure I had a few spam registrations after I turned registration off, but I'm told that this cannot happen. However, I did have some inactive spam members that did not show up on the members list, so I deleted those and the problem appears to have gone away.
If you don't know what eschatology is then don't worry; it's not the end of the world.

User avatar
Mick
Support Team Member
Support Team Member
Posts: 21443
Joined: Fri Aug 29, 2008 9:49 am
Location: Not watching cricket

Re: hammered by newly registered members

Post by Mick » Fri Nov 23, 2012 2:00 pm

gavinwatson wrote:I have the same problem as has been reported here, but I have the User Registration disabled and do not allow guest posts.

How can they be getting through?

They appear to register (though registration is disabled), then post SPAM and then appear as not registered anymore.

This started happening last week.

Has there been a solution to this?
If you have a specific question we can't work in the dark. We need some information from you at the very least a link. So, you should fill out the Support Request Template Generator and post it back in a new topic to enable us to assist you better.
"The more connected we get the more alone we become" - Kyle Broflovski

gavinwatson
Registered User
Posts: 13
Joined: Fri Nov 23, 2012 1:25 pm

Re: hammered by newly registered members

Post by gavinwatson » Fri Nov 23, 2012 2:04 pm

Angoid wrote:Hi gavinwatson,

Check in the ACP for inactive members .... do you have anything there? Especially spammy-looking ones?
If so, delete them all together with their posts (if any).

Not sure how that affects things, but it's the advice given here and it does seem to be effective.

I'm pretty sure I had a few spam registrations after I turned registration off, but I'm told that this cannot happen. However, I did have some inactive spam members that did not show up on the members list, so I deleted those and the problem appears to have gone away.
Well I definately have registration disabled and I had deleted inactive members and they're still flooding through.

I will, as indicated, submit a new topic as requested.

n8oqpat
Registered User
Posts: 2
Joined: Fri Nov 23, 2012 1:54 pm

Re: hammered by newly registered members

Post by n8oqpat » Fri Nov 23, 2012 2:24 pm

Hi All,
I too have been hammered by newly registered users, I have 2 sites that are both updated and are using 3.0.11 updates. (however the issues started on around Nov 16th and that was before I upgraded from the last current stable version.) When the issues started, I disabled the board as I don't have time to police it and I refuse to let this stuff in and destroy my work. I am using the Q&A counter measure and up until Nov 16 never had an issue like this. I just opened it back up after banning some IP extentions where the stuff seemed to come from. In 20 minutes, I had 14 registered users and another 7 that were marked as inactive users. All of which are spam. :evil:

This can't continue, If I can't find a solution, I'll just shut them down entirely. I'd rather not do that, they are just small boards but do serve a purpose. Can anybody help / give me an idea on what to do??? :shock:

Thanks...

User avatar
panzer max
Registered User
Posts: 46
Joined: Thu Mar 19, 2009 1:19 am
Contact:

Re: hammered by newly registered members

Post by panzer max » Fri Nov 23, 2012 2:31 pm

stanhilliard wrote:
HGN wrote:
panzer max wrote:I would hope that's what phpBB is working on.
The problem with such questions is that the format stays the same. A bot can be programmed to interpret those kind of questions (knowing the format is always the same).

Type character, n, n+1, and n+2 from this string: !@#$%^&*()_+-=":

Only the red parts of the question will be changed by the algorithm. So, program the bot to find:
n ==> between "Type character, " and ","
n+1 ==> between "," and ", and "
n+2 ==> between ", and " and " from"
!@#$%^&*()_+-=" ==> between ": " and ":"
Then use those to determine the characters for the answer.
But why must we limit the format to being always the same? The forum only generates the random string, the position numbers, and the answer that the registrant has to match. The remainder of the registration requirement is controlled by the forum admin: -- the string length, the number of characters to select, and the syntax and wording that the registrant sees.

The door is open for all kinds of techniques to design the "questions" to fool computers but not trick humans. To name a few:

1) Display the string as graphic.
2) Display the character position numbers as graphic.
3) Use the well researched methods that misspell words while retaining readability by humans.
link to example of the technique of human-understandable misspelling
4) Use an algorithm to produce random human-readable misspellings of the words of the question. Thus the words will be unique each time the question is displayed, and destroyed immediately after each usage -- just as with the random strings and random character positions that the question contains.

There are probably many additional ways to formulate the questions to make it hard for spambots to decode them.

+1
I agree with you, there are numerous ways to implement a system with more randomness. All it takes is a little will, creativity and expertise with phpBB code. One of the strengths on our side (phpBB forum owners) is, we can individually take an improved anti-spam registration system and individualize it--there are thousands of us and the spambot programmer would have to tailor his efforts to each of us.

Oyabun1 wrote:
stanhilliard wrote:1) Display the string as graphic.
Excludes vision impaired users.
2)
The graphic does not have to be Capthcha-style difficult to read, he is saying display the results as a graphic so the bot has another layer to interpret and read.

n8oqpat
Registered User
Posts: 2
Joined: Fri Nov 23, 2012 1:54 pm

Re: hammered by newly registered members

Post by n8oqpat » Fri Nov 23, 2012 3:08 pm

TO: Panzer Max,

The URL to my forum is http://www.uawlocal122.com/phpBB3. It is currently showing disabled. I'll change that if you like but I won't leave it that way very long.

Thanks...
N8oqpat...

User avatar
Mick
Support Team Member
Support Team Member
Posts: 21443
Joined: Fri Aug 29, 2008 9:49 am
Location: Not watching cricket

Re: hammered by newly registered members

Post by Mick » Fri Nov 23, 2012 3:30 pm

Folks, posting "I'm getting spammed everyday" and "I installed Q&A but it isn't working" etc. doesn't help. We know lot's of people are getting spammed since xrumer's update you are not on your own (obviously) but the greatest guru in the world needs something to go on. Please help us to help you and at least post a link so anybody interested can see what's happening.
"The more connected we get the more alone we become" - Kyle Broflovski

User avatar
Mick
Support Team Member
Support Team Member
Posts: 21443
Joined: Fri Aug 29, 2008 9:49 am
Location: Not watching cricket

Re: hammered by newly registered members

Post by Mick » Fri Nov 23, 2012 3:32 pm

n8oqpat wrote:I'll change that if you like but I won't leave it that way very long
Yes do, we can see nothing with registration disabled.
"The more connected we get the more alone we become" - Kyle Broflovski

User avatar
panzer max
Registered User
Posts: 46
Joined: Thu Mar 19, 2009 1:19 am
Contact:

Re: hammered by newly registered members

Post by panzer max » Fri Nov 23, 2012 3:59 pm

n8oqpat wrote:TO: Panzer Max,

The URL to my forum is http://www.uawlocal122.com/phpBB3. It is currently showing disabled. I'll change that if you like but I won't leave it that way very long.

Thanks...
N8oqpat...
I see that it is disabled. I am going out the door now, so I cannot look at it until later. I will PM you when I return.

You have probably thought of checking the ACP > Users and Groups > Inactive Users and clearing them out, then making your Q&A something that cannot be solved or guessed, as mentioned in an earlier post, then seeing if the spam registrations continue.

I also have some other techniques I use to detect spammers when they have registered but not posted, I will share that with you too. Post your issue in a new support request, the phpBB gurus here will help you.

PS: I was in the Operator's Union 564 for about 20 years, cool.

Schwpz
Registered User
Posts: 335
Joined: Wed May 07, 2003 1:33 pm
Location: Planet Zot
Contact:

Re: hammered by newly registered members

Post by Schwpz » Fri Nov 23, 2012 4:10 pm

Does anyone in this thread have any experience with the current spam wave and anti-spam measures of the sort "six random images are displayed, tick off the box next to all the images showing a balloon"?

Also, how are forums with linked registrations with Facebook and/or Google+ doing? Hammered like everyone else or any differences?

I must be frank and admit that some of the anti-spam measures discussed in this topic are really misanthropists. I personally hate filling out captchas, and would probably not sign up on the boards with some of the distorted text-images shown in this thread unless that forums garanteed a cure for diabetes for its members. If you require anything even remotedly more time consuming than burping, chances are the new potential member will either surf away or at best continue to be a lurker.

If nothing else, if you want to sport complicated sign-up forms, at least consider reducing the amount of other mandatory profile fields in other to cut down sign-up time.
..:: PlanetZot.com - Your ultimate source for animation! ^^

User avatar
Mick
Support Team Member
Support Team Member
Posts: 21443
Joined: Fri Aug 29, 2008 9:49 am
Location: Not watching cricket

Re: hammered by newly registered members

Post by Mick » Fri Nov 23, 2012 5:13 pm

Schwpz wrote:Does anyone in this thread have any experience with the current spam wave and anti-spam measures of the sort "six random images are displayed, tick off the box next to all the images showing a balloon"?
If you read this TOPIC and other TOPIC's on here you will see there is a lot of experience. If you're talking about a MOD then you need to post in that MODs support area.
Schwpz wrote:Also, how are forums with linked registrations with Facebook and/or Google+ doing? Hammered like everyone else or any differences?
Worse in a lot of cases, phpBB can implement measures to try and stop spam on boards using phpBB software but have no control over other sites, in many cases, anti-spam on other sites aren't as good. You can have the best anti-spam in the world on your board but if you have dual registration you have to consider both.
Schwpz wrote:I personally hate filling out captchas
Try Q&A then, that should be all you need correctly set up.
"The more connected we get the more alone we become" - Kyle Broflovski

User avatar
edgar davids
Registered User
Posts: 376
Joined: Mon Jan 19, 2009 7:15 am

Re: hammered by newly registered members

Post by edgar davids » Fri Nov 23, 2012 5:43 pm

How do we do delete on mass "activated" spammers?
UPDATE: Prune feature on ACP.

WOW, I have alot of Activated spammers!

UPDATE: any tips on how to sniff out "Activated" spammers and not hit normal members?

UPDATE: *@gmail.com is helping! :lol:
Last edited by edgar davids on Fri Nov 23, 2012 6:09 pm, edited 1 time in total.

User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 50667
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: hammered by newly registered members

Post by stevemaury » Fri Nov 23, 2012 6:08 pm

Use admin activation so they won't be activated without your review. But how about a link to your board so we can see what you are doing to stop them from registering in the first place.
For REALLY good and VERY inexpensive hosting CLICK HERE

I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)

Locked

Return to “[3.0.x] Support Forum”