Idea to stop spam definitevelly (I think easy to implement)

cubicdesign · Post by **cubicdesign** » Tue Jun 21, 2011 5:52 pm

Hi.
My forum was invaded with spam (especially from russia) and I am thinking to a simple trick that will keep most spammers away (especially the ones that are using automated tools to spam). What if I rename the registration PHP page to a random name so random visitors (spammers) will not find it anymore? I could put a link from my web site to the registration page so only the visitors that are actually visiting the site can find it. Or I can send the link via email.

It will PhpBB forum still work if I just change the filename of the registration page?

Pit$Bull · Post by **Pit$Bull** » Tue Jun 21, 2011 5:55 pm

Read this topic http://www.phpbb.com/community/viewtopi ... &t=2122696 and use the Q&A CAPTCHA, all other CAPTCHA's have been compromised.

cubicdesign · Post by **cubicdesign** » Tue Jun 21, 2011 5:59 pm

Thanks but I am not interested in that.

Pit$Bull · Post by **Pit$Bull** » Tue Jun 21, 2011 6:01 pm

Beats what you were thinking of trying, which won't work without extensive core modifications.

cubicdesign · Post by **cubicdesign** » Tue Jun 21, 2011 6:03 pm

But it can be done. Right?

Pit$Bull · Post by **Pit$Bull** » Tue Jun 21, 2011 6:05 pm

Anything can be done, but let us know how it works out.

Good luck.

RMcGirr83 · Post by **RMcGirr83** » Tue Jun 21, 2011 6:06 pm

Not without re-writting the php code.

Pit$Bull · Post by **Pit$Bull** » Tue Jun 21, 2011 6:10 pm

Wouldn't it be easier to remove registration altogether and register the users yourself after a request.

cubicdesign · Post by **cubicdesign** » Tue Jun 21, 2011 6:15 pm

Pit$Bull wrote:Wouldn't it be easier to remove registration altogether and register the users yourself after a request.

I think this is really frustrating. Any visitor that has something to discuss will want to post immediately. If they can't do that, there is a high chance that they will abandon the attempt and maybe go somewhere else...

Pit$Bull · Post by **Pit$Bull** » Tue Jun 21, 2011 6:17 pm

Pit$Bull wrote:Beats what you were thinking of trying, which won't work without extensive core modifications.

RMcGirr83 wrote:Not without re-writting the php code.

water01 · Post by **water01** » Tue Jun 21, 2011 6:20 pm

That's not logical because in your original post you were asking to change the name of registration code so it could not be found by spam bots, not because you didn't want people to register.
Since all forums (who have any sense) require people to register before they can post why would they be able to post their views anywhere else faster?

cubicdesign · Post by **cubicdesign** » Tue Jun 21, 2011 6:25 pm

water01 wrote:why would they be able to post their views anywhere else faster?

If I follow the 'manually create accounts' idea, the registration on my forum would take one day (because I have to manually register the users).
While on a 'normal' forums, the registration (and possibility to post) takes seconds-minutes (unless the moderator decided to activate the users manually, but this is seldom).

Now it makes sense for you?

professor mauricio · Post by **professor mauricio** » Wed Jul 13, 2011 9:41 pm

Just came to my fórum and click on register (torne-se um novo membro). http://www.forumdepizzarias.com

It asks to write the pasword 9521 but "backwords"

1259

If you try another number, a message apears.

Its really simple to do by creating a new field registration that do not accept any other value but 1259 (or any ohter number you like)

captcha wasn't working (i'm thinking about test disable captcha)

and If a guest tries to post, apears a message giving the username CONVIDADO and a password to login and post 'anonymous' (as CONVIDADO, off course)

CONVIDADO is brazilian portuguese for GUEST

PS: At the first day we has a lot of bots on 'register' page, but none register.

Oyabun1 · Post by **Oyabun1** » Thu Jul 14, 2011 1:20 am

cubicdesign wrote:What if I rename the registration PHP page to a random name so random visitors (spammers) will not find it anymore?

You're assuming that spambots only find the registration page because it has a particular name, are you sure that is the case for every spambot or even any of them?

professor mauricio wrote:Its really simple to do by creating a new field registration that do not accept any other value

Are you talking about a custom profile field? If so, what you have done is just duplicate what the Q&A CAPTCHA already does.

professor mauricio · Post by **professor mauricio** » Thu Jul 14, 2011 2:54 am

Captcha uses a random image and spamm bots uses ocr to read them.

spam bots also tryes to break the source of captcha to 'read' without image.

we're doing just like captcha, but easier instead images and scripts.

off course spam bots can "learn" how it works and aswer the right aswer.

but thing a field asking "who is the brazilian president" that just let pass who aswer "dilma"

russian spam bots won't understand the ask (neither give the right aswer)

right? (fell free to disagree)