Forum Administration - Spam Bot Woes

selece · 11/19/06, 2:58 PM

Not entirely WoW related, and I understand if this gets insta-heaped, but...

... for all the guild forum admins out there, what forum software do you use? If it's phpBB, have you been getting a flood spam bots lately, all with the naming pattern <first initial>_<surname> or <firstname>_<surname>?

i.e. P_Robinson
i.e. Robert_Taylor

Their country is always USA, and their e-mail is always from some odd domain like rumail.com.
Their website is ALWAYS some sort of stupid viagra or the like selling phony little page, like for instance:

http://viagraorder.blog.com
Don't click that! - I have no idea where it goes, but I take no responsibility if you get totally destroyed by malware lurking on that page.

I have the "humanizer" check going with "please enter the digits/letters from this randomly generated gif", but it doesn't seem to deter them. We get a decent number of applicants so I'm definitely against moving to "administrator must personally authorize each account", at least for now. Right now, I just run through every 2 weeks and clean out the 20-30 bots that have registered.

I've been banning each of their strange e-mail domains one at a time, but there are always more popping up it seems.

Any suggestions out there or anyone having similar problems?

• frmorrison · 11/19/06, 3:01 PM

The bottom of the page says Powered by PunBB 1.2.14.

Try banning the IP range of the posters if you can (that is what the mods here do sometimes).

Seeten · 11/19/06, 3:07 PM

One of our forum regulars wrote a bit of code to block all spammers. Send me a pm, I'll get it out to you.

Voljun · 11/19/06, 3:26 PM

Our guild website had that exact same problem. There were multiple people registered, all with first and last names on their forum names with USA under the catagory of where they were from. I think they were all like Mary_Smith, R_Rodriguez and names like that. They all had website links in their profiles and had wierd emails. The websites were spam sites, like the one you posted and simillar sites. They were very annoying.

Nite_Moogle had to change the site to punbb, which seems to have fixed the bot problem. I recall him saying it was extremely annoying and despite using several plugins for phpbb, they still came. He fixed it so they couldn't post, but they could still register and still had those website links on their profiles. He even had the humanity register like you mentioned, but they still registered. You would have to ask someone else about other possible solutions as I know next to nothing about running a website. Good luck on finding a solution.

Cord · 11/19/06, 4:16 PM

My friends and I talk to each other on a message board run by one of us. It's PHPBB since it's automatically installed by Dreamhost. The other day this guy registered.

All about sosowowoh

Joined: 16 Nov 2006
Total posts: 0
[0.00% of total / 0.00 posts per day]
Find all posts by sosowowoh
Location:
Website: http://penis-enlargement-works.whogi...sguyssite.com/
Occupation:
Interests:

Madrugan · 11/19/06, 6:15 PM

I run the www.yawningdogs.com forums, and while I never got posts, I got at least 40-50 new registered members a day. I eliminated this by doing a registration check. A similar sliver of code exists on the phpbb.com forums. Essentially, I automatically deny registrations with ANY amount of private information included (since thats what spambots do.).

I then modified the registration page, with BIG BOLD RED LETTERS (really frickin huge. Almost annoyingly large), notifying actual real people really registering to skip the personal info till after the activation of the user.

Doing that simple check made me not have a spambot registration in a few months. Dunno how long it'll hold though. If they start finding that behavior, and creating a bot to counterract that, there are other checks in place I can utilize.

(note: I am not a programmer, but I can understand scripting. Practically anyone who can read and compare file data should be able to implement a fix on phpbb's stuff.)

marketa · 11/19/06, 7:10 PM

http://www.phpbb.com/phpBB/viewtopic.php?t=466892

Akismet is *VERY* good. I use it for everything.

SquattingCow · 11/20/06, 6:17 AM

Uh, 1) don't use PHPBB, it's terrible
2) Get a forum registration software that requires picture verification.

sp00n · 11/20/06, 7:39 AM

PhpBB has picture verification, yet there are already seem to be programs that can "read" these pictures, at least the weaker ones. And phpBBs picture verification system isn't very hard in comparison to others.

Trindade · 11/20/06, 9:09 AM

Before you change anything, have you checked to see what exactly is occurring to create the user accounts? ie: is it some scripted process running over your registration page, or are the IP's feeding arguments into one of your other php pages to create the accounts?

If you've got access to your weblogs, and are recording the IP's on registration, matching that info up probably wouldn't hurt. The first thing you want to do is prevent the mechanism they are using right now. Otherwise you're blindly going to just be changing stuff not knowing whether you're actually addressing the problem.

If you havn't bothered to update your version of phpbb since doing your initial install and want a scare, I suggest going to wikipedia, looking up "SQL injection", then googling for your version of phpbb. Most of their patches are for SQL injections ;)

Nite_Moogle · 11/20/06, 11:12 AM

PHPBB's default verification is horrible. You pretty much have to modify it somehow to avoid bot spamming. Punbb's administration is a lot better than phpbb's so we just made the switch to it instead of mucking around with phpbb any longer.

Though I have yet to fix the news.