So you may have noticed recently we have had a lot of spam popping up. Even though this has occurred during the forum transition to a new server, I don't believe this was the cause. Take this latest user who made 4 spam posts last night for example:
[quote]Username: orepentesteld
Registration Date: 14 Apr 2011 10:48 pm
Last Active: 16 May 2011 12:44 am[/quote]
I've done several things to combat this issue
I went back through all the users and found a lot of ones that appeared to be spam-related, so I went ahead and deleted them.
I added a recaptcha to the registration page. I'll monitor this for a while to see if that automated system will keep the spam bots out.
If recaptcha does not work, I will move the registration to a moderator-controlled system where we actually have to approve requests to join the forum.
Give me your thoughts and ideas if there is a better way.
21:01:17 <+PhaseDMA> ?ban god
21:01:17 <@SchwippyBot> ***BANNING: god***
21:01:19 -!- mode/#the-schwippy-tree [+b *!*@*] by SchwippyBot
I bet it did have something to do with the new host.
Being that it's a bigger host people know the IPs, so they just search for phpBB installs on those IPs.
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
My MPG sucks cause' I remote start all the time - And than drive 2 miles to work
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
[quote=PhaseDMA]I bet it did have something to do with the new host.
Being that it's a bigger host people know the IPs, so they just search for phpBB installs on those IPs.[/quote]
I can tell you its not. There were about 150 new registrations since we moved the board from mymiddleman.com - but only 2 of those registrations actually posted. And if you remember correctly - those two posts were ones we actually made threads out of. It's like the spam bots "planted" usernames on the host and then will go back and "infiltrate" at a later time.
21:01:17 <+PhaseDMA> ?ban god
21:01:17 <@SchwippyBot> ***BANNING: god***
21:01:19 -!- mode/#the-schwippy-tree [+b *!*@*] by SchwippyBot
when i switched IP's, i got a hell of a lot more bots than before.... then when i switched it again, they slowed back down
[quote]Plasma: This thread is now about how everyone from England has a melty face
Quirk: I second this motion. All in favor?
cokalsM: Im drunk.
bigcfk: i'm too.
Quirk: The motion has passed. The topic of discussion is now Beanie Babies.[/quote]
^ m_m, summed up.
Okay. Maybe they saw it was a different IP so they looked in their database of hostnames and realize they already made accounts and were like "hell yeah! I am gonna spam the hell out of these guys"
21:01:17 <+PhaseDMA> ?ban god
21:01:17 <@SchwippyBot> ***BANNING: god***
21:01:19 -!- mode/#the-schwippy-tree [+b *!*@*] by SchwippyBot
I woke up this morning to find 2 more registrations on the forum. I decided to dig a little deeper in solving our spam issues.
We are now on a moderation system. All new user accounts get put into a "Newly Registered Users" group. The posts of the users in that group go to a moderation process and our lovely moderators can choose to approve or deny the request. I believe the only way to move the user out of that group (at this time) is something I can do. I will check into that.
21:01:17 <+PhaseDMA> ?ban god
21:01:17 <@SchwippyBot> ***BANNING: god***
21:01:19 -!- mode/#the-schwippy-tree [+b *!*@*] by SchwippyBot
If its a pain in the ass, just make an extra php script that runs the following psuedo query:
UPDATE users SET usergroup = 'regUserGroupId' WHERE userid = 'userSelectedByMod'
[quote]Plasma: This thread is now about how everyone from England has a melty face
Quirk: I second this motion. All in favor?
cokalsM: Im drunk.
bigcfk: i'm too.
Quirk: The motion has passed. The topic of discussion is now Beanie Babies.[/quote]
^ m_m, summed up.
[quote=plasma2002][quote=Matt]I will check into that.[/quote]
If its a pain in the ass, just make an extra php script that runs the following psuedo query:
UPDATE users SET usergroup = 'regUserGroupId' WHERE userid = 'userSelectedByMod'[/quote]
Yeah, that's what I was planning to do. Basically if a post gets approved, then I'll run a command to change that users group id. But that wasn't something I could hack together before going to work this morning
Oh, and if a post gets denied, it will delete the user
21:01:17 <+PhaseDMA> ?ban god
21:01:17 <@SchwippyBot> ***BANNING: god***
21:01:19 -!- mode/#the-schwippy-tree [+b *!*@*] by SchwippyBot
be careful deleting those user rows... i kind of screwed myself over on a phpbb install years ago by doing that... other tables use the user row for all kinds of things.
i would recommend instead of deleting them, just stick them into another usergroup... like "Ok to delete" or something... then just purge that group every so often
[quote]Plasma: This thread is now about how everyone from England has a melty face
Quirk: I second this motion. All in favor?
cokalsM: Im drunk.
bigcfk: i'm too.
Quirk: The motion has passed. The topic of discussion is now Beanie Babies.[/quote]
^ m_m, summed up.