2006-08-25 - Spammers

Important info will be posted here

2006-08-25 - Spammers

Postby Firestorm ZERO » August 25th, 2006, 9:53 pm

Despite being a small community, we are now seeing spammers in the forums. So far I banned 5.

I am going to take measures to try to prevent it in the coming days. Hopefully they stop coming :evil:
User avatar
Firestorm ZERO
UBER LEADER!
 
Posts: 1052
Joined: July 13th, 2005, 8:37 pm
Location: Toronto, Ontario CANADA
Gender: Male

Re: 2006-08-25 - Spammers

Postby skicow » August 26th, 2006, 7:25 pm

Firestorm ZERO wrote:Despite being a small community, we are now seeing spammers in the forums. So far I banned 5.

I am going to take measures to try to prevent it in the coming days. Hopefully they stop coming :evil:


You going to put in a CAPTCHA to sign up for new accounts?
User avatar
skicow
 
Posts: 331
Joined: July 14th, 2005, 11:14 pm
Location: Burt, NY
Gender: Male

Postby Firestorm ZERO » August 26th, 2006, 8:16 pm

It always had a CAPTCHA at sign up. But it is still not enough :/ phpBB's is just normal dark letters with a fuzzy background. Not like other CAPTCHAs that are swirlled, overlapping, different colours, etc.

I doing some modifications but would like not to disclose them since they may be watching :so:
User avatar
Firestorm ZERO
UBER LEADER!
 
Posts: 1052
Joined: July 13th, 2005, 8:37 pm
Location: Toronto, Ontario CANADA
Gender: Male

Postby skicow » August 26th, 2006, 8:27 pm

Firestorm ZERO wrote:It always had a CAPTCHA at sign up. But it is still not enough :/ phpBB's is just normal dark letters with a fuzzy background. Not like other CAPTCHAs that are swirlled, overlapping, different colours, etc.


It's been so long since I signed up I forgot :oops:

I doing some modifications but would like not to disclose them since they may be watching :so:


Good idea, I didn't want you to reveal what you were doing I was just curious. :)
User avatar
skicow
 
Posts: 331
Joined: July 14th, 2005, 11:14 pm
Location: Burt, NY
Gender: Male

Postby Firestorm ZERO » August 26th, 2006, 8:34 pm

phpBB's default CAPTCHA is very weak. Says this one can identify it 97% of the time. :/

http://sam.zoy.org/pwntcha/
User avatar
Firestorm ZERO
UBER LEADER!
 
Posts: 1052
Joined: July 13th, 2005, 8:37 pm
Location: Toronto, Ontario CANADA
Gender: Male

Postby Firestorm ZERO » August 26th, 2006, 9:15 pm

Modifications are complete. Let me know if it broken anything.
User avatar
Firestorm ZERO
UBER LEADER!
 
Posts: 1052
Joined: July 13th, 2005, 8:37 pm
Location: Toronto, Ontario CANADA
Gender: Male

Postby val » August 27th, 2006, 6:11 pm

Hmmm,

That's weird. We never had this problem at TC. I wonder why it happens with this forum. It seems to happen at a lot of PHPbb forums.

Are you able to block sets of IPs from viewing your site? If so, I'd try that. All of our problems with fraud vanished when I blocked various countries in SouthEast Asia from viewing our site. I know that's bad but at one time, we had a serious problem with group of criminals in Southeast Asia. I think they worked from several countries but they were all connected as one big crime ring.

Once I blocked those guys and made the site impossible to crawl for images, I never had problems again.
val
 
Posts: 2422
Joined: January 2nd, 2006, 2:14 pm
Location: TOKYO 55!

Postby Firestorm ZERO » August 27th, 2006, 8:53 pm

Well the internet has grown alot since then. Now with Google, just searching for "phpbb" will you give you all the sites with phpbb. Then next, since phpBB's default captcha is 97% breakable (see link in prev. post), a bot just has to automate it. I have prevent this by changing the captcha to a more powerful one.

3 of the 5 spammers didn't bother to activate the account. This is because all they do is put their WWW site to raise their page rank. When google indexes the member list page, they get recorded in google's database. When Google sees that this certain website is heavily linked, they think it is popular, therefore up goes the link. I have now disabled anonymous access to those pages.

I have take other measures as well. I have the IPs but I prefer not to block them unless I really need to.
User avatar
Firestorm ZERO
UBER LEADER!
 
Posts: 1052
Joined: July 13th, 2005, 8:37 pm
Location: Toronto, Ontario CANADA
Gender: Male

Postby MrDisco » August 27th, 2006, 9:31 pm

http://www.macrossworld.com/mwf/index.php

^ the log file is pretty interesting to read
Please join me on http://tinyurl.com/djegpo
Image
Earned $115 in Amazon GCs -Join me and win too!
User avatar
MrDisco
Humble Follower
 
Posts: 1414
Joined: July 14th, 2005, 5:45 pm
Location: Toronto, ON, Canada
Gender: Male

Postby Firestorm ZERO » August 27th, 2006, 9:56 pm

I still remember when the old forums (asgard's forum) got hacked. I always keep the board up to date. As well check it at least once a day even during work just to make sure nothing bad happened.

I'm still thinking when phpbb 3.0 comes out (in beta 2 I think right now), should I go into it immediately or wait a bit. They will most likely still support the 2.x trunk for a while after the release. But still undecided.
User avatar
Firestorm ZERO
UBER LEADER!
 
Posts: 1052
Joined: July 13th, 2005, 8:37 pm
Location: Toronto, Ontario CANADA
Gender: Male


Return to Announcements

Who is online

Users browsing this forum: No registered users and 1 guest