Centralised banned IP list?

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Anti-Spam Guide
microUgly
Registered User
Posts: 88
Joined: Sat Jun 02, 2007 5:35 am

Centralised banned IP list?

Post by microUgly »

My forum is becoming a target for spam-bots. They've been getting past the captcha, making a few posts, then disappear.

I've been taking note of the IP, e-mail and username used by the bots, but I don't expect to see any repeats to be worth creating a ban on them.

Most forums must be targetted by the same spammers so if there was a central list of offending addresses all forums could be protected. IP addresses could be reported and after a set amount of time they could be unbanned to ensure if an innocent visitor picks up that address at a later time it's not a problem for them.

Does anything like this exist? Does anyone see a problem with such a system if it were developed?
User avatar
reptileguy
Registered User
Posts: 146
Joined: Thu Jan 31, 2008 3:54 pm
Location: The Netherlands
Contact:

Re: Centralised banned IP list?

Post by reptileguy »

There are several databases of banned IP-addresses but not specifically for phpBB boards.
I have published a list of banned IPs on my own site. I'm not sure if I'm allowed to post a link to it here :?:
User avatar
KevC
Support Team Member
Support Team Member
Posts: 70432
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: Centralised banned IP list?

Post by KevC »

If you're on phpBB2 you can stop them very easily.
-:|:- Support Request Template -:|:-
Image
Cheap UK Hosting
"In the land of the blind the little green bloke with no pupils is king - init!"
User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Re: Centralised banned IP list?

Post by drathbun »

Hi, there are several challenges with creating and managing such a list. A while back there was a service started by some current and former team members here called "bbProtection" that allowed board owners to subscribe to a central spam-fighting service. Think of it as aKismet for phpBB and you're not far off. :) I had a chance to talk to some of the folks involved with this effort at Londonvasion and it seems they're going to be relaunching the service for both phpBB2 and phpBB3.
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image
User avatar
Jim_UK
Former Team Member
Posts: 18479
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Re: Centralised banned IP list?

Post by Jim_UK »

I am amazed at all the anti spam topics that are created. If you are using version 2 then read the sticky at the top of the phpBB2 support forum and install a simple mod to stop them in their tracks.
If you are using phpBB3 then it is not an issue at the moment and should it become so then I would think any change to software that is going to have it reading potentially many hundreds of 1000's of IP's before allowing a registration or log in is going to slow the whole thing down.
Do we envisage some central database of these IP's with all sites accessing it to check if it is ok to allow the registration. I can imagine how slow this would be.
In one topic Lumpy and I were looking at what to do when the bot writers crack the VC of version 3.
Neither of us are 100% with that version but it occurred that you have the facility to create a new field for registration. There does not however seem to be the option to make that response be one that you can specify so as to create an RAC type action.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!
User avatar
KeithR
Former Team Member
Posts: 750
Joined: Mon Jun 16, 2008 6:59 pm
Location: Manchester, UK
Name: Keith R

Re: Centralised banned IP list?

Post by KeithR »

I keep reading that phpBB3 is impervious to spam BOTs and yet I'm sure I was hit by one ereieoty If this is a human spammer they sure must have a lot of time on their hands.
User avatar
Phil
Former Team Member
Posts: 10403
Joined: Sat Nov 25, 2006 4:11 am
Name: Phil Crumm
Contact:

Re: Centralised banned IP list?

Post by Phil »

This has been brought up on a private board some of us are members on. It appears as if it is a human spammer (or a group of them).
Moving on, with the wind. | My Corner of the Web
User avatar
Jim_UK
Former Team Member
Posts: 18479
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Re: Centralised banned IP list?

Post by Jim_UK »

You will see if you check those sites that the software is not just phpBB3 but others as well.
You are maybe assuming that a bot created those accounts due to the number. What if those accounts were created by a great number of individuals all being paid a pittance for doing so.
You may of course be correct but I certainly have heard of no verified instances of bots getting through.

Time will tell.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!
User avatar
reptileguy
Registered User
Posts: 146
Joined: Thu Jan 31, 2008 3:54 pm
Location: The Netherlands
Contact:

Re: Centralised banned IP list?

Post by reptileguy »

Hi Jim_UK,
The issue for me is that these spambots are blurring my site stats. I like to see a realistic number under the header 'who is online'. That is why I block spambots that keep coming back. I also block spambots that absorb too much bandwidth by visiting every page on my site, and bots that request non-existing pages like www.mysite.com/downloadfreegames.html, www.mysite.com/freeringtones.html etc.
It would be helpful too have a database of the most active spambots, which of course would have to be updated regularly.

By the way, what is a RAC type action? :oops:
User avatar
KeithR
Former Team Member
Posts: 750
Joined: Mon Jun 16, 2008 6:59 pm
Location: Manchester, UK
Name: Keith R

Re: Centralised banned IP list?

Post by KeithR »

iWisdom wrote:This has been brought up on a private board some of us are members on. It appears as if it is a human spammer (or a group of them).
I did wonder if it was a group of spammers but either way it is a problem.
Jim_UK wrote:You will see if you check those sites that the software is not just phpBB3 but others as well.
You are maybe assuming that a bot created those accounts due to the number. What if those accounts were created by a great number of individuals all being paid a pittance for doing so.
You may of course be correct but I certainly have heard of no verified instances of bots getting through.

Time will tell.

Jim
But the topic asks should we have a centralised banned IP list. I'd like to expand this to a known name ban list. Human or BOT.
User avatar
Jim_UK
Former Team Member
Posts: 18479
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Re: Centralised banned IP list?

Post by Jim_UK »

reptileguy wrote:Hi Jim_UK,
The issue for me is that these spambots are blurring my site stats. I like to see a realistic number under the header 'who is online'. That is why I block spambots that keep coming back. I also block spambots that absorb too much bandwidth by visiting every page on my site, and bots that request non-existing pages like http://www.mysite.com/downloadfreegames.html, http://www.mysite.com/freeringtones.html etc.
It would be helpful too have a database of the most active spambots, which of course would have to be updated regularly.

By the way, what is a RAC type action? :oops:
My question then is why do you allow these bots to register at all?
I am assuming that you are using phpBB2 or am I mistaken.
It is possible to stop their registration completely with about 5-10 minutes work.
The RAC mod inserts an extra field that is compulsory to be completed in the registration. Bots can't read and they just complete what they believe is a normal registration. They fail so they do not get past the registration page. They never appear in your memberlist nor as the latest member in the index.
I have installed the mod on 9 boards so far and none have had a single spambot in over 2 years.


This of course just applies to bots. In my experience human spammers are quite rare by comparison so I would not subscribe to such a list myself. Who knows what the future may hold though.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!
User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Re: Centralised banned IP list?

Post by drathbun »

Jim, with all due respect, it's not possible to stop human spammers with a simple registration change, and from my research that's where things are going. Whether they're "sweat shops" in an under priviledged country or bored folks looking to make a nickle, I've seen plenty of spam across the web (not limited to phpBB boards) that is very subtle. The best way to catch this is to have a central database of spammers that looks for pattern posts... as I said, something like akismet for wordpress.

Stopping the bots is important, I don't disagree there. But to say that you can "simply install this MOD" and clap your hands and be done is not true. I've taken some somewhat "shady" posts and searched for them on the web and found the exact same posts on dozens of boards. They're probably more likely to be on hundreds of boards but after the first five or ten boards with the same username and same post but on boards with wildly different subject matter... you begin to see the patterns.

The battle against spammers isn't over, it's just in a bit of a stalemate at the moment.
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image
User avatar
Jim_UK
Former Team Member
Posts: 18479
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Re: Centralised banned IP list?

Post by Jim_UK »

drathbun wrote:Jim, with all due respect, it's not possible to stop human spammers with a simple registration change,
Jim_UK wrote:This of course just applies to bots. In my experience human spammers are quite rare by comparison so I would not subscribe to such a list myself. Who knows what the future may hold though.
Jim
Yes I acknowledged that in my post Dave and of course there are the sweat shops (I mentioned that earlier in the topic but worded not quite the same) but in the last 4 years I recall only about 3 or 4 instances of human spammers on my sites.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!
User avatar
reptileguy
Registered User
Posts: 146
Joined: Thu Jan 31, 2008 3:54 pm
Location: The Netherlands
Contact:

Re: Centralised banned IP list?

Post by reptileguy »

Jim_UK wrote: My question then is why do you allow these bots to register at all?
I am assuming that you are using phpBB2 or am I mistaken.
You're missing my point. I am using 3.0.2 and I've never allowed bots to register :roll:
They don't appear in the memberlist but they do appear as guests in viewonline.php.
I like to see a realistic number of visitors under the header 'who is online'.
User avatar
Jim_UK
Former Team Member
Posts: 18479
Joined: Tue Oct 12, 2004 5:36 pm
Location: Darwen N.West UK

Re: Centralised banned IP list?

Post by Jim_UK »

Then if it is showing them as bots I take it you mean web bots such as Google and not the spam bots that the purpose of the centralised IP list was aimed at.

If that is the case then you need to post asking how to remove the bots list from the viewonline but of course not in this topic. In the Mod Requests would be the correct place.

Jim
The truth is out there.
Unfortunately they will not let you anywhere near it!
Post Reply

Return to “phpBB Discussion”