Page 1 of 1

Flood of spam accounts.

Posted: Sun Jul 23, 2017 5:09 am
by scorpiors
I am using phpbb 3.1.5. Since last one month daily 80-100 spam accounts are registering on my board. I tried security plugins Q&A/GD Image/GD 3D Image/Simple Image options in Spambot countermeasures option of Admin Panel. But all the attempts of saving board from spammer accounts are failed. Please suggest me the ways to get rid of these spammers.
inactive.jpg

Re: Flood of spam accounts.

Posted: Sun Jul 23, 2017 7:16 am
by david63
The tried and tested method to reduce to almost nil (you will never stop 100% of spam accounts) is to have a good Q&A, the answer to which cannot be Googled (something pertinent to your site) together with the use of the Newly Registered Group.

Re: Flood of spam accounts.

Posted: Sun Jul 23, 2017 9:31 am
by mrgtb
I've read a few people reporting a sudden big increase in spamming this week using other forum software as well. I've been getting the same also on my forum for past few weeks, spam registrations has increased massively on my board that don't validate the accounts.

Re: Flood of spam accounts.

Posted: Sun Jul 23, 2017 9:53 am
by david63
mrgtb wrote:
Sun Jul 23, 2017 9:31 am
I've read a few people reporting a sudden big increase in spamming this week using other forum software as well. I've been getting the same also on my forum for past few weeks, spam registrations has increased massively on my board that don't validate the accounts.
Probably a new wave of bots

Re: Flood of spam accounts.

Posted: Sun Jul 23, 2017 10:44 am
by KevC
OP, you should certainly change to Q&A because you're currently running GD which was beaten ages ago.

Re: Flood of spam accounts.

Posted: Sun Jul 23, 2017 9:54 pm
by Littlespace
I'm not a part of the phpBB team or anything, but I've used phpbb on and off for a couple of years now. I recently started back with the release of 3.2.x and I found I, too, was receiving massive, massive amounts of bots accessing my site. It wasn't too big of a deal until those same spambots were also trying to run jqueries in mass amounts, bogging down my system resources on a shared server. Every single night from between 12AM until around 5AM my site was unavailable due to the attacks. It got pretty intense, and I'd say my host was probably tired of trying to deal with some of it (they had to temporarily suspend the site a few times to stop the bot access from taking down other sites on the server).

I searched the forums here. So, this is my current set-up that has reduced the spambots by a tremendous amount:
  • Enabled the Q&A spambot countermeasures on registration plugin
    • My forum required 18+ age restriction so I just used that as a part of registration as well. It isn't foolproof from some of the spambots but has helped so my question is: "Answer this question truthfully with only one English word. All viewers and members on our site are required to be biologically 18 years old or older. Are you 18+ today?:"
  • I installed the extension Stop Forum Spam (3.1.x) (3.2.x)
  • I downloaded and installed a php security script called ZB BLOCK
So far, I've seen a lot of positive results. The only issues I've had with the above are:
  • The Q&A plugin is, again, not fool-proof and some of the bots (generally the Russian-based ones, for whatever reason) did eventually learn how to answer it appropriately.
  • I made an account on the StopForumSpam site to help them out and send my data over when a bot was blocked. Somehow my I.P. there got listed as a spammer as well. I had to work that out by sending four e-mails into that team and explaining the situation. It didn't prevent me from using the extension but it personally concerned me. All was worked out but I am still clueless as to how I was marked as spamming.
  • ZBBlock was incredibly easy to install and minorly tweak after I read the guide, but instantly banned the Tapatalk third-party access from the site. It ended up being a very, very good thing (it turns out that they were leaving some access scripting open that was also hogging server resources and creating attack vulnerabilities) but took a bit to work out well. Some members were banned from the server just by accessing the site through Tapatalk so I had to request they remove our site from their database. They were quick, and I just purged the ban-file to start over with ZBBlock. So...no Tapatalk but yay for a happier server.
I've not had any more attacks after ZBBlock ran it's course for about 48 hours. Instead of getting 15+ "contact admin" spam messages a day I get about 2. Spambot registration has been at an all-time low for my site, and even when they somehow do get to register they are usually instantly banned by the StopForumSpam extension at this point. The site has not had to be suspended due to spambot attacks and the server resources haven't been exceeded at all. This has been a positive change ongoing for about 2 months now so I'm fairly pleased at the current state.

Re: Flood of spam accounts.

Posted: Mon Jul 24, 2017 1:19 am
by RMcGirr83
Littlespace wrote:
Sun Jul 23, 2017 9:54 pm
Instead of getting 15+ "contact admin" spam messages a day I get about 2.
That is a well known issue due to the lack of a captcha on the core contact admin which is why I created the contact admin extension.

https://www.phpbb.com/customise/db/exte ... act_admin/