26 {{ upvoteCount | shortNum }}
26 {{ upvoteCount | shortNum }}

Spammers have taken over!

by jkiley
23 replies
I started a forum few weeks ago, but now it seems like spammers have taken over. They have been posting rubbish for few days now. I ended up changing the setting so that new accounts would need "admin's" approval, but now I am getting like 20 requests a day, and have no idea who is spammer and who isn't. What can I do?

They have made the whole forum useless.
#spammers
  • Profile picture of the author BeauJustin
    It's not a person, it's a spambot, and it won't stop until you stop it. They troll the internet looking for wide open web sites. Let me know which forum you are using, and I'll see what I can come up with. Send me a PM if you'd like.

    Beau
    {{ DiscussionBoard.errors[978658].message }}
    • Profile picture of the author Dan Silverman
      I used to have that problem on my forums. I assume you are using phpbb forums. There is a great tool you can use to prevent bots from accessing and registering to your forums. I use a simpe one that requires a person to click a link to a private post on my forums which has an authorization password on it. The registering person has to type that word in the authorization box to register. In 2 years since I have implemented this, I have only had one spammer.

      You can find lots of mods to choose from. I recommend the one that uses the simple authorization password. Go to the phpbb website in their support center and search for "anti-spam". If you are not using phpbb, I'm sure the forum you use also has a similar function and support center.

      Hope this helps.
      {{ DiscussionBoard.errors[978685].message }}
      • Profile picture of the author Harvey Segal
        Originally Posted by Dan Silverman View Post

        I use a simpe one that requires a person to click a link to a private post on my forums which has an authorization password on it. The registering person has to type that word in the authorization box to register.
        Dan

        That will stop bots from registering but - I assume - it
        won't stop spammers who could find the authorization word if
        they wished ?

        Harvey
        Signature
        {{ DiscussionBoard.errors[978707].message }}
        • Profile picture of the author Dan Silverman
          Originally Posted by Harvey.Segal View Post

          Dan

          That will stop bots from registering but - I assume - it
          won't stop spammers who could find the authorization word if
          they wished ?

          Harvey
          True, but from what the original poster described (Taken over the forums, made it useless, etc.) It sounds like symtoms of trolling spambots. I have experienced this before and the authorization password tactic worked for me to eliminate all clutter spam and mass registration of fake profiles. I do get the occassional guy who is trying to sell his dating business on my forums, but this is so occassional that it's easy to ban a user every three months.

          What StianLG suggested is also a good idea and serves the same purpose as the authorization password. I'm not fond of two captchas because if the first one doesn't work to keep bots out, how will two do any different.
          I also wouldn't want to put real registerees through that either.
          {{ DiscussionBoard.errors[978832].message }}
  • Profile picture of the author Preben Frenning
    What about adding a hardcore captcha to register? At least it will reduce fake signups A LOT.
    Signature

    Content overload? Too many tabs open? Then
    check out my awesome tech startup! - It will make your life easier.


    Twitter? - http://twitter.com/Preben_Frenning

    {{ DiscussionBoard.errors[978712].message }}
    • Profile picture of the author jkiley
      Originally Posted by Preben Frenning View Post

      What about adding a hardcore captcha to register? At least it will reduce fake signups A LOT.
      I already have captcha turned on, but that doesn't stop them.
      {{ DiscussionBoard.errors[978732].message }}
  • Profile picture of the author Preben Frenning
    Hmmm.. What about... A second captcha? I don't think the spambots will be prepared for THAT! As well as sending them a confirmation link by email.

    Or mybe you're doing that already?
    Signature

    Content overload? Too many tabs open? Then
    check out my awesome tech startup! - It will make your life easier.


    Twitter? - http://twitter.com/Preben_Frenning

    {{ DiscussionBoard.errors[978758].message }}
    • Profile picture of the author jkiley
      Originally Posted by Preben Frenning View Post

      Hmmm.. What about... A second captcha? I don't think the spambots will be prepared for THAT! As well as sending them a confirmation link by email.

      Or mybe you're doing that already?
      I don't know if there is a setting for second captcha.
      {{ DiscussionBoard.errors[978770].message }}
      • Profile picture of the author Dan C. Rinnert
        Are the spammers coming from a specific IP address or a range of IP addresses? If so, you could just block that IP or range from access your site.

        Also, some bots will try to post directly to the signup processing page rather than go through the actual signup page. In those cases, you can block signups that don't come from the referring page (the signup page). Real people will use the signup page, so you'd just be blocking automated submissions.

        You could also try using a signup answer. That is, you give them an answer and they have to figure out a question. I'd bet the spambots wouldn't be prepared for that!

        Another option is to use hidden form elements. Spambots will often attempt to fill in all fields with something, so if there is something in a field, you can reject the signup. Alternatively, you could ask "Are you a spammer?" and have "Yes" set as the default. A person will change it; a bot may leave it as-is.
        Signature

        Dan's content is irregularly read by handfuls of people. Join the elite few by reading his blog: dcrBlogs.com, following him on Twitter: dcrTweets.com or reading his fiction: dcrWrites.com but NOT by Clicking Here!

        Dan also writes content for hire, but you can't afford him anyway.
        {{ DiscussionBoard.errors[978816].message }}
    • Profile picture of the author hipnol
      I have read many times that phpbb is not a great forum script as it has been hacked number of times. Also heard that simple machines forum software is a wonderful one. If you make a switch, I hope there will be some option to move from old to new software. Every forum script has its support team and forums, guys there will surely help
      Signature

      Check out Katreena Kaif - guess you will be interested in Wallpapers of Katrina Kaif

      {{ DiscussionBoard.errors[978863].message }}
      • Profile picture of the author Harvey Segal
        Here is how I tackled the problem.

        I used a mod which asks a question. That stopped all the
        bots immediately.

        However recently, just like the OP, I've been getting 20 or
        more registrations a day from spammers. I also changed the
        setting to require admin approval but you still need to
        check if possible the subscriber's profile.

        So what I have done is change the question from a
        simple calculation (e.g what is 2 +3) to one which requires
        some knowledge about the forum viz 'what is the surname of
        the forum owner ?'

        It's early days yet (I only changed it yesterday) but so far
        no spammers.

        Harvey


        .
        Signature
        {{ DiscussionBoard.errors[978871].message }}
  • Profile picture of the author Pufferf1sh
    Is the spam definitely automated or are there also human spammers?
    {{ DiscussionBoard.errors[978784].message }}
  • Profile picture of the author mlongley
    There are many good captchas out there, I prefer ones that require some logic. I have seen some that show 4 pictures of animals with 3 cats and 1 dog. The question is, which one does not belong? Things like that seem to work if someone is using captcha breaking scripts on your site. You may also try to determine their IP address and ban them either with your forum script, or at server level by your .htaccess file. If that doesnt work, maybe you will need to try a different forum script. Good luck
    {{ DiscussionBoard.errors[978787].message }}
    • Profile picture of the author Tyrus Antas
      Originally Posted by mlongley View Post

      There are many good captchas out there, I prefer ones that require some logic
      Watch out! You're leaving out a sizable percentage of the world population!

      Tyrus
      {{ DiscussionBoard.errors[978798].message }}
  • Profile picture of the author StianLG
    Add some simple questions in the signup form.. Like "What is the color of the sky?" and similar. Unless the bots are spamming and targeting exactly your forum, that'll stop them.
    {{ DiscussionBoard.errors[978795].message }}
  • Profile picture of the author HomeBizNizz
    Welcome to a whole new way of keeping your blog, forum,
    guestbook, wiki or content management system free of link spam.
    Bad Behavior is a PHP-based solution for blocking link spam
    and the robots which deliver it.

    Bad Behavior complements other link spam solutions
    by acting as a gatekeeper, preventing spammers
    from ever delivering their junk, and in many cases,
    from ever reading your site in the first place.
    This keeps your site’s load down, makes your site logs cleaner,
    and can help prevent denial of service conditions caused by spammers.
    Bad Behavior website
    {{ DiscussionBoard.errors[979125].message }}
  • Profile picture of the author Joanne Greco
    I have a phpBB forum and I setup so they have to answer a question. The question is directly related to the niche of the forum. That seems to have helped almost 100%.
    Signature
    Services for bloggers + business owners
    {{ DiscussionBoard.errors[979262].message }}
  • Profile picture of the author GuerrillaIM
    Use the captcha that shows a picture of something easy like an apple or a dog and asks "what is this?". Spambots can recognise words but not pictures.
    {{ DiscussionBoard.errors[979382].message }}
    • Profile picture of the author ChrisBa
      Originally Posted by GuerrillaIM View Post

      Use the captcha that shows a picture of something easy like an apple or a dog and asks "what is this?". Spambots can recognise words but not pictures.
      x2 .. sounds like that's the best idea for this situation..
      or one of the ones that says "add 2 and 5"
      Signature
      {{ DiscussionBoard.errors[979654].message }}
  • Profile picture of the author Goatboy
    There is a mod for phpBB that will not only require an admin's approval, but will make the whole process invitation only. We use that on one of the boards that I help with. To enter the board, the prospective member must request the entry and an administrator then authorizes a one time pin code. The code is sent to the prospective member along with directions on how to return and activate membership. Since we started using this upgrade, we have had no spammers.

    Another tactic would be to hide most of the forum, leaving only a couple of threads visible to the average member. New members would have to play nice in there before being allowed into the other forums. If I recall right, you can add members to a group and just give that group access to the hidden forums.
    {{ DiscussionBoard.errors[979645].message }}
  • Profile picture of the author Rich Struck
    I wonder how long it will be before someone comes along and tells you that spamming boards is okay and that you should just suck it up and live with it.
    Signature

    {{ DiscussionBoard.errors[979649].message }}
  • Profile picture of the author Sleaklight
    Here's something I did that worked to stop both spammers and spam bots. In the registration. I switched the agree and disagree buttons. Since spammers and spam bots will just click the agree button, they wont know what's up when it fails. They also wont bother clicking the disagree button since it is illogical for a website to have u click disagree in order to register right? But yeah, I did that, the disagree button carries on the registration and the agree button takes you to a never finish loading page lol. In the content I do state to click the disagree button to register, but like I said, spammers and spam bots don't read th content and figure your site is messed up and moved. I have not had 1 spammer on my site since then and registrations continue strong and rising.
    {{ DiscussionBoard.errors[979723].message }}

Trending Topics