Spammers wrecking havoc on the site!

prasham

New Member
Hi Guys,


I am using shared hosting services here. I am administrator of a environmental discussion forum www.its2hot.in.

Problem is that few spammers have taken over and somehow I am unable to load the index page of the forum. Rest all the internal pages work fine.

Can someone please help.

Prasham
 
Hi you are using phpbb. Have you gone through phpbb MOD database?
there are a lot of good mods in there which can help you.
I use phpbb2, vbulletin , smf I have a lot of experience.
I know a lot of tricks to keep the spammers away from phpbb2 but do not know about mods for phpbb3.
perhaps you should visit phpbb forum.

I will see if I can find you some good mods! and if you need help with installation. I can do it. I know phpbb very well.

But please let me know what you mean by spammers ?
Do you mean they send a lot of ad posts in your forum?
 
Don't allow just anyone that applies to be a member.

Require email verification, administrator verification, or CAPTCHA verification for membership.

I just checked your site and it came up for me so perhaps you got your other problem fixed.
 
Prasham this was the mod we used to use before switching to vBulletin, it is for the previous version of phpbb so I am not 100% sure if it would be usable for your forum.
 
If you're using phpBB2, I know of at least one mod that worked wonders in stopping spambots. It essentially adds a 'human' question to the registration form that you can customize. "What is 4+5?", "What does M Y S I T E spell?", etc.

phpBB3 has been pretty good with stopping spammers on its own, though you can use mods to enhance its security as well.
 
Guys its happening again! Please help me.

Somebody on PHPbb forum said that this is due to malfunction of server and not the software!
 
Your comment is rather broad based - and you have not responded to ANY suggestions by other members here.

Broad based?

I have not responded to any other members as all of them have either suggested mods for PHPBB 2.X while I am using PHPbb3.x
 
Broad based?

I have not responded to any other members as all of them have either suggested mods for PHPBB 2.X while I am using PHPbb3.x


Maybe it's just me but I'm pretty sure these 2 cover some great suggestions that you appear to have missed:


Hi you are using phpbb. Have you gone through phpbb MOD database?
there are a lot of good mods in there which can help you.
I use phpbb2, vbulletin , smf I have a lot of experience.
I know a lot of tricks to keep the spammers away from phpbb2 but do not know about mods for phpbb3.
perhaps you should visit phpbb forum.

I will see if I can find you some good mods! and if you need help with installation. I can do it. I know phpbb very well.

But please let me know what you mean by spammers ?
Do you mean they send a lot of ad posts in your forum?


Don't allow just anyone that applies to be a member.

Require email verification, administrator verification, or CAPTCHA verification for membership.

I just checked your site and it came up for me so perhaps you got your other problem fixed.
 
Maybe it's just me but I'm pretty sure these 2 cover some great suggestions that you appear to have missed:

I suggest you read them once again, one is having experience with phpbb 2.x while other had mentioned about security of the site!

Nothing for site's non-functioning!
 
I suggest you read them once again, one is having experience with phpbb 2.x while other had mentioned about security of the site!

Nothing for site's non-functioning!

No, my prior post pertained to your forum!

If you allow anyone that wanders in to become a member and post without any limitations you will get exactly what you are seeing.
 
I am not a pro. I am learing it in bits and peices. Have understood importance of security of my forum and hence have upgraded it to "Email Verification" level. Moreover soon I am planning to implement "Recaptcha" so that I have even tougher spam protection.

But then all these can happen only once my site is up and running again :(
 
Prasham,

Is the site you're referring to the one in your initial post? www.its2hot.in ?

I just loaded up your forum fine. It seemed to come up fast.

I would definitely recommend you activating the Captcha in phpBB3 (the default one seems pretty powerful), as well as requiring all users to verify via email. Those are two typical security measures in phpBB3 and, thus far, my forums have not had spam accounts.
 
I suggest you read them once again, one is having experience with phpbb 2.x while other had mentioned about security of the site!

Nothing for site's non-functioning!

I wish you well sorting it out. People (who have volunteered and are not paid) have given you sound advice which you have not been acknowledging or even thanking for.
 
Prasham,

Is the site you're referring to the one in your initial post? www.its2hot.in ?

I just loaded up your forum fine. It seemed to come up fast.

I would definitely recommend you activating the Captcha in phpBB3 (the default one seems pretty powerful), as well as requiring all users to verify via email. Those are two typical security measures in phpBB3 and, thus far, my forums have not had spam accounts.


Seems its working great for you! I am already having Captcha as well ad email verification on my forum! Actually these spammers aren't bots, they are real humans.


@ Aussie_Boy: I am sorry! You are right, whatever the advice, I should thank them for their suggestions. So a big THANK YOU to all the guys!
 
prasham:

Sorry I'm late to the game here but hopefully I can help with some pointers. I run a phpBB 3.0.x board. I just registered on your board to see how your process works.

First thing I noticed is that guests are unable to post which the most important step. No problems there.

Secondly, registration approval wasn't entirely automatic but on my site I require administrator approval of all new members. Spammers and spambots are pretty crafty and can even get around the automated activation link sent by email (provided by email supplied by the spammer is valid). I don't give anyone a chance without human eyes looking at the registration.

Having admin approval does take a bite out of your time but it is one major roadblock you put in the way of any spammer/spambot.

When I get a new suspicious registration, I always copy the IP address and run it through www.stopforumspam.com and looks for matches. If it's a problem there, I block the IP range.

But I have a nifty little mod still in the way of spammers before I even see the spambot registration. I can't remember exactly where I found it but there is a mod available where you can kill registrations based on time zone entered by the spambot. The vast majority of them select -12GMT which is a zone that is uninhabited. Google it to find it but it wiped 95% of the false registrations.

I even dropped CAPTCHA from my registration process. Beyond that, I began blocking problematic IP ranges (at the server level) that persisted in causing me trouble. Mainly, these IP ranges are from China, Russia and Latin America. This is more of a scorched earth policy but it has wiped out my spam registration problem by 99.9%.

On the phpBB software itself, I have blocked email addresses in the ACP using wildcards. All email addresses ending in .cn, .ru, .ua, .in and a few other troublesome spam haven domains are blocked on my board so registration using these TLDs are automatically prevented. By wildcards I mean blocking *@*.ru or *@*.cn for example.

Granted, my board is focused to a region in the US so I don't really suffer consequences from blocking traffic and email from China, Russia, India, Latin America amongst others so you will have to be creative and find what works for you, your board and your demographic.

You won't and can't stop it 100% but maybe using, modifying and applying some of these techniques will drastically cut down time and bandwidth wasted on spammers.

Another good site for phpBB mods and tips is www.startrekguide.com. They're not as stuck up as the main www.phpbb.com forums. Any of these forums do greatly appreciate, though, if you do your own basic research before asking very basic questions.

Hope this helps.
 
Thank you. I've been a KH customer (also read as: pain in the ***) for a few months but now just signed up to this forum.

I think it's a little too obvious that I need to get a better handle on vBulletin BBcode ;)
 
So long as we can read your signature, we know you need to work on that BBCode. :) Welcome to the KH forums, RCM!
 
Top