|
| Author |
Message |
Hero of the Day
Joined: 11 Mar 2006
Posts: 11
|
 Posted: 4/16/2006, 9:34 am Post subject: spammers |
 |
|
have been having a particular problem with the 'mail.ru' domain (some sort of free email site it appears, and appears to have poor or no security measures in place), now these are mainly make 6-8 pointless posts (such as: "cool topic") in one day and dissapear ( dont know for how long, never really given them a chance to come back), and usually have a link in their profile
I determined that it was machine spam, and it was defeating phpbb's visual confirmation
I had my webmaster/coder go through the database and look for the 'mail.ru' email
heres a screenshot
http://forums.streetrod3.com/download.php?id=602
I ended up banning the entire 'mail.ru' domain, however
I am looking for input on other visual confirmation systems and any other methods or ideas I might use to prevent of help deal with this problem. Because I get the feeling that eventually they will figure out to use a different email |
|
| Back to top |
|
 |
~HG~
Joined: 25 Sep 2005
Posts: 423
Location: Australia
|
|
| Back to top |
|
|
Thoul
Joined: 14 Sep 2005
Posts: 169
|
| Posted: 4/16/2006, 3:02 pm Post subject: |
|
|
I had some of these mail.ru bots not too long ago, also. They do indeed bypass phpBB's visual confirmation. There are a couple of hacks, one at phpBB.com and one at phpBBHacks, that replace the confirmation image with a different one that's a bit harder to crack. I installed one of those and haven't noticed any more obvious bot registrations.
_________________
Phantasy Star: The Fringes of Algo | phpBB Smith |
|
| Back to top |
|
|
Nick
Joined: 09 Sep 2005
Posts: 775
Location: Next to the stereo
|
| Posted: 4/16/2006, 5:00 pm Post subject: |
|
|
| Thoul wrote: |
| I had some of these mail.ru bots not too long ago, also. They do indeed bypass phpBB's visual confirmation. There are a couple of hacks, one at phpBB.com and one at phpBBHacks, that replace the confirmation image with a different one that's a bit harder to crack. I installed one of those and haven't noticed any more obvious bot registrations. |
Do you have a specific link by chance?
_________________
[The Smash Syndicate] Ek Pyros - Out of Fire |
|
| Back to top |
|
|
Hero of the Day
Joined: 11 Mar 2006
Posts: 11
|
| Posted: 4/16/2006, 6:15 pm Post subject: |
|
|
heres an overview of an idea my coder has been working on
1) remove the 'website' and 'signature' fields on the registration page (a user would have to set these after the account is activated)
2) use a script to check and see if the 'user' signing up is passing a value for either of the missing fields (since the two fields are not visible this means its a spam script)
3) the script then automatically enters the ban into the database if it finds data being passed for either of the two missing fields. It is set up to ban both the IP and the email |
|
| Back to top |
|
|
~HG~
Joined: 25 Sep 2005
Posts: 423
Location: Australia
|
|
| Back to top |
|
|
Thoul
Joined: 14 Sep 2005
Posts: 169
|
| Posted: 4/16/2006, 11:18 pm Post subject: |
|
|
| Quote: |
heres an overview of an idea my coder has been working on
1) remove the 'website' and 'signature' fields on the registration page (a user would have to set these after the account is activated)
2) use a script to check and see if the 'user' signing up is passing a value for either of the missing fields (since the two fields are not visible this means its a spam script)
3) the script then automatically enters the ban into the database if it finds data being passed for either of the two missing fields. It is set up to ban both the IP and the email |
If you have HTML turned off in your forum configuration, you could check the allow HTML field on registration, too. The mail.ru bots I had set that field to On (a value of 1 in the database), even though it was removed from the registration form.
_________________
Phantasy Star: The Fringes of Algo | phpBB Smith |
|
| Back to top |
|
|
Patrick
Administrator
Joined: 28 Aug 2005
Posts: 2073
Location: Harbinger, NC, U.S.A.
|
|
| Back to top |
|
|
|
