BOTS BOTS BOTS!

And now, a word from our moderators

Moderator: Moderators

Post Reply
Message
Author
User avatar
Sage
He Who Makes Catgirls
Posts: 274
Joined: Fri Dec 17, 2004 11:02 pm
Location: Virginia
Contact:

BOTS BOTS BOTS!

#1 Post by Sage »

As yall probably noticed - the forum is constantly under attack by Bots. Normally 2-6 make an attempt to join per day that I know of - some of those dont make it past the registration.

However every so often a couple manage to get in and post things.

Tom can't be on all the time to ban these bots much less find a way to stop them completely or even temporarily. So - here is how you can help.

MODS - If you find one that has posted get the IP address before you delete the post- if there isnt already there will soon be a post in the Mod only section of the forum for posting IP addresses.

Please post the username and IP address used to make a post in that thread.

Everyone else - If some new person joins and makes a post that doesnt mean they are a person. I dont know how many times I have seen you all welcoming a bot that make a post saying "Buy male enhancement pills! *link*" and one of the members here says - "Uh no thanks but let me be the first to welcome you to the forum!"

Here are some things to look for when you spot a new user. First check their profile.
If it has their webpage set as google or ask or some random name or something that is definitely not that persons personal website - then most likely you have a bot.
If the occupation line says "bascetball" (yes- bascetball - stupid bots) or something like that - it is possible it is a bot.

Check for RANDOM stupid and REPEATING "interests" and "location" etc etc

If you find one- or a bunch. Post their user names here!!!! Thats right- post them here. And if you can - link to their post so we can delete/lock them ASAP!!!

If you know of any mods for phpBB 2.0.11 boards - or anything that works with phpBB forums- that helps prevent or lower the number of bots - please also post it here - if possible Highlighted.

And finally the last message- and I know it is wasted as you cant understand me-

To the Bots. Return to the abyss you came from and get in the soup!


Thank you all and please do what you can to help us fight back.

-Sage, Global Mod

PS - Some bots post links to adult content, illegal drug sales groups, tracking sites, and some-- or rather most of them are well known for carrying spyware and viruses!!! Do NOT visit links posted unless you know the person is a real member of this forum and only if you trust the person or if you know what you are clicking on.
Image
Image

User avatar
Blue62
Master
Posts: 254
Joined: Tue Feb 28, 2006 6:11 pm
Location: Kitchener, Ontario, Canada
Contact:

#2 Post by Blue62 »

I got bored.......

krantdroop
sail7249
card1106
Kolby8336
JANEBENNETTY
dalsadocom
lessmlxed
Barbara
matvGrig
Susan-Lee
J_Perez
merryjay
R-Martinez
CWilson
Joseph-Miller
hromsgrom
DMartin
Robert-Martin
D-Miller
D-Smith
B_Johnson
Tristan8467
comb9680
girl2024
PaulWhite
lip897
parcel440
picture828
Billy465
JohnTSM
Donald-Jones
E_Garcia
B_Nelson
George-Turner
Barbara-White


It's fairly easy to find them with the members list, takes time but you can get a lot often in the first few pages.

(search, join date, have it with the most recent joiners on page one and go from there)
No warrior should allow his weapons to rust.
Let me cure your infection, it pains me to share it.

If you can't run, you crawl. If you can't do that....well you know the rest...

RobbieThe1st
Templar GrandMaster
Posts: 706
Joined: Fri Dec 08, 2006 7:06 am
Location: Behind my computer.
Contact:

#3 Post by RobbieThe1st »

heres an idea, maby we could set up the forum so that once you get joined and validated you do not have posting permissions for any forum but a validation forum/joining forum. once you posted a proper "application" something that 99.999~% of bots couldn't do(and if there was one that could, iid love to see whats inside of it :) ), and then you get posting permissions. we could setup some sort of limited admin as a validator, and while this would be slower for people, you wouldn't have any bot spam, as the bots would be found out before they could post. what do you think?

Vikedal
Traveler
Posts: 14
Joined: Sat Nov 25, 2006 12:40 am
Location: <-ThatAWay->

#4 Post by Vikedal »

A Way to stop Spambots
Known to be working with v2.0.6 and up

I implemented a system to ban the IP on spot if the bot tries to register such user. They only try to promote links to their own website. thats what this MOD will prevent. The back links spam bot is after can be in website field or signature field. I configured registration page not to display website and signature fields. They are activated only after user has 10 posts (configurable). (SCROLL down for simplier MOD - where signatures are not checked)

If bot tries to submit website or signature fields before that - instant ban.
after dude tried 12 different IP's he apparently removed my site from his list. No more porn spam. He was really *beep* me off. I think its one genius running this scam.

Code: Select all

## MOD Title: Instant Ban - Spam Bots registration 
## MOD Author: niekas 
## MOD Description: prevents spam bots registering on your forum by 
## removing website and signature fields in registration and profile form 
##untill users reached certain amount of posts 
## MOD Version: 1.0.1 
## 
## Installation Level: (Easy) 
## Installation Time: ~5 minutes 
## Files To Edit: 
##               /includes/usercp_register.php 
##               /templates/subSilver/profile_add_body.tpl 
## Included Files: (n/a) 

# 
#-----[ OPEN ]------------------------------------------ 
# 
includes/usercp_register.php 

# 
#-----[ FIND ]------------------------------------------ 
# 

$error = FALSE; 


# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 

$cut_off=10; //how many posts should user have before form fields are activated 

// --------------------------------------- 
if (($mode == 'register' && ($HTTP_POST_VARS['website'] != '' || $HTTP_POST_VARS['signature'] != '') ) || ($userdata['user_posts'] < $cut_off && $mode=='editprofile' && ($HTTP_POST_VARS['website'] != '' || $HTTP_POST_VARS['signature'] != ''))) 
{ 
   $ban_this=encode_ip(getenv('REMOTE_ADDR')); 

   $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip) 
   VALUES ('" . $ban_this . "')"; 
   if ( !$db->sql_query($sql) ) 
   { 
      message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql); 
   } 
   $sql = "DELETE FROM " . SESSIONS_TABLE . " 
      WHERE session_ip = '" . $ban_this . "'"; 
   if ( !$db->sql_query($sql) ) 
   { 
      message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql); 
   } 
   message_die(GENERAL_MESSAGE, "banned", '', __LINE__, __FILE__); 

} 

# 
#-----[ FIND ]------------------------------------------ 
# 
if ( $mode == 'editprofile' ) 
   { 
      $template->assign_block_vars('switch_edit_profile', array()); 
   } 

# 
#-----[ REPLACE WITH ]------------------------------------------ 
# 

if ( $mode == 'editprofile' ) 
   { 
      $template->assign_block_vars('switch_edit_profile', array()); 
      if ($userdata['user_posts'] >= $cut_off) 
      { 
      $template->assign_block_vars('switch_edit_website', array()); 
      } 
   } 

# 
#-----[ OPEN ]------------------------------------------ 
# 

/templates/subSilver/profile_add_body.tpl 

# 
#-----[ FIND ]------------------------------------------ 
# 
<tr> 
     <td class="row1"><span class="gen">{L_WEBSITE}:</span></td> 
     <td class="row2"> 
      <input type="text" class="post"style="width: 200px"  name="website" size="25" maxlength="255" value="{WEBSITE}" /> 
     </td> 
   </tr> 

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
# 
<!-- BEGIN switch_edit_website --> 
  
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_website --> 


# 
#-----[ FIND ]------------------------------------------ 
# 

   <tr> 
     <td class="row1"><span class="gen">{L_SIGNATURE}:</span><br /><span class="gensmall">{L_SIGNATURE_EXPLAIN}<br /><br />{HTML_STATUS}<br />{BBCODE_STATUS}<br />{SMILIES_STATUS}</span></td> 
     <td class="row2"> 
      <textarea name="signature"style="width: 300px"  rows="6" cols="30" class="post">{SIGNATURE}</textarea> 
     </td> 
   </tr> 

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
# 
<!-- BEGIN switch_edit_website --> 
  
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_website --> 
Of course you can add a notice about this in your template - that website and signature field will be activated after certain amount of posts or ask them to contact administrator.
Let me know if it works for you
UPDATE - if you'd rather only check against website and leave signatures intact use this simplier code:

Code: Select all

# 
#-----[ OPEN ]------------------------------------------ 
# 
includes/usercp_register.php 

# 
#-----[ FIND ]------------------------------------------ 
# 

$error = FALSE; 


# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 


// --------------------------------------- 
if ($mode == 'register' && $HTTP_POST_VARS['website'] != '' ) 
{ 
   $ban_this=encode_ip(getenv('REMOTE_ADDR')); 

   $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip) 
   VALUES ('" . $ban_this . "')"; 
   if ( !$db->sql_query($sql) ) 
   { 
      message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql); 
   } 
   $sql = "DELETE FROM " . SESSIONS_TABLE . " 
      WHERE session_ip = '" . $ban_this . "'"; 
   if ( !$db->sql_query($sql) ) 
   { 
      message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql); 
   } 
   message_die(GENERAL_MESSAGE, "banned", '', __LINE__, __FILE__); 

} 


# 
#-----[ OPEN ]------------------------------------------ 
# 

/templates/subSilver/profile_add_body.tpl 

# 
#-----[ FIND ]------------------------------------------ 
# 
<tr> 
     <td class="row1"><span class="gen">{L_WEBSITE}:</span></td> 
     <td class="row2"> 
      <input type="text" class="post"style="width: 200px"  name="website" size="25" maxlength="255" value="{WEBSITE}" /> 
     </td> 
   </tr> 

# 
#-----[ BEFORE, ADD ]------------------------------------------ 
# 
<!-- BEGIN switch_edit_profile --> 
  
# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 
<!-- END switch_edit_profile --> 

Another way:
UPDATE PHPBB!!! it's in 2.0.22 now! http://www.phpbb.com/kb/article.php?article_id=271.
Visual Confirmation: http://www.phpbb.com/kb/article.php?article_id=329
Image
Another Mod:
Keeps bots from registering by checking how long it took to fill out the registration form.
MOD Name: AntiSpam Mod
Author: deMone
MOD Description: Protects your forum from automatically dispatched spam


MOD Version: 1.0.3
Installation Level: Easy
Installation Time: ~ 3 Minutes

Download File: antispam-1.0.3.mod
File Size: 4682 Bytes

Security Score: 0

Support for this MOD needs to be asked within this topic. The phpBB Teams are not responsible or required to give anyone support for this MOD. By installing this MOD, the phpBB Support Team or phpBB MODifications Team may not be able to provide support.

This MOD has only been tested by the phpBB MOD Team with the phpBB version in the topic title. It may not work in any other versions of phpBB.
This one adds the question "Are You Human?" To the registration. Seeing as it's a Mod, most bots will answer the default (No)
MOD Name: The humanizer
Author: Underhill
MOD Description: Changes the register form to prevent spam bots by a simple way

MOD Version: 1.1.0 (Updated 10/22/06)
Installation Level: Easy
Installation Time: ~ 5 Minutes
Tested on phpBB Version: 2.0.21

Download File: thehumanizerve110.mod
File Size: 7150 Bytes



Support for this MOD needs to be asked within this topic. The phpBB Teams are not responsible or required to give anyone support for this MOD. By installing this MOD, the phpBB Support Team or phpBB MODifications Team may not be able to provide support.

This MOD has only been tested by the phpBB MOD Team with the phpBB version listed in the topic. It may not work in any other versions of phpBB.
I have no signature!

Wait...
Crap.

User avatar
arachnid
Newbie
Posts: 2
Joined: Sat Jun 24, 2006 11:15 am
Contact:

#5 Post by arachnid »

but if i'm an alien i won't let in as wel :'(

User avatar
Isaac
Citizen
Posts: 68
Joined: Sun Sep 11, 2005 4:18 pm
Location: Ireland
Contact:

#6 Post by Isaac »

Betty_Lewis
ForkiGrand - http://2kinds.com/forum/viewtopic.php?t=4065
practowrx
pilipnuare
krobambato
shalemonsx
presley
R_Lee
Templateo
crackerztma - http://2kinds.com/forum/viewtopic.php?t=4174
ganaborasz
gaysexy
D_Carter
karmation
Barikello - http://2kinds.com/forum/viewtopic.php?t=4195
Yarcloff - http://2kinds.com/forum/viewtopic.php?t=4226
drcaverta - http://2kinds.com/forum/viewtopic.php?t=4229
sevnmisst - http://2kinds.com/forum/viewtopic.php?t=4240
sevhalnmi - http://2kinds.com/forum/viewtopic.php?t=4242
blooogooa

User avatar
Blue62
Master
Posts: 254
Joined: Tue Feb 28, 2006 6:11 pm
Location: Kitchener, Ontario, Canada
Contact:

#7 Post by Blue62 »

alekskoshf- 'Paris Hilton S E X Tape'
karmation
Barikello
Anae5
D_Carter
hloworldz
buyteroka
gaysexy
willmiller
crackerztma
Templateo
barmaleizsx
projtencom
milftrev
loosssi
patisirah
Doctordulitl
alebazasra
alekskoshf
kabardinec
TradeSoftCo
ThzinChang
No warrior should allow his weapons to rust.
Let me cure your infection, it pains me to share it.

If you can't run, you crawl. If you can't do that....well you know the rest...

Ashpool
Templar Master
Posts: 484
Joined: Wed Mar 09, 2005 6:55 am

#8 Post by Ashpool »

Erdedes34, made several posts about her "blog." Beware people, this one is soliciting a heap of spyware and possibly a virus via a supposed codec. Don't download anything from it's links. They may also contain adult content.
Fastchapter wrote:...now the kitchen smells like summer rain and liquid poo.

User avatar
Tagnard
Newbie
Posts: 8
Joined: Sat Jan 06, 2007 11:58 am
Contact:

#9 Post by Tagnard »

<?php $me > $you ? 'I own you!' : 'Hello, sir!' ?>

User avatar
Tagnard
Newbie
Posts: 8
Joined: Sat Jan 06, 2007 11:58 am
Contact:

#10 Post by Tagnard »

<?php $me > $you ? 'I own you!' : 'Hello, sir!' ?>

Krid
Traveler
Posts: 15
Joined: Sat Jul 09, 2005 9:36 pm

#11 Post by Krid »

There's another solution.
Make the email field invisible, but leave the preceding "Email:" text where it is. Follow the email field with a field of a totally different name, and is visibly denoted by only a ":" preceding it.

The result? A bot filling out the form will fill in the invisible email field (Until they get wise to it, anyway), while a human will fill-out the field that looks to be labeled as "Email: :". From there, simply autoban anybody who 'passed' the bot test.

User avatar
Tagnard
Newbie
Posts: 8
Joined: Sat Jan 06, 2007 11:58 am
Contact:

#12 Post by Tagnard »

<?php $me > $you ? 'I own you!' : 'Hello, sir!' ?>

User avatar
pocketlint82
Apprentice
Posts: 112
Joined: Wed Feb 14, 2007 6:35 pm
Location: Georgia

#13 Post by pocketlint82 »

username: Ambitiousss

http://2kinds.com/forum/viewtopic.php?p=92270#92270

this kid's first post right after he signed up doesn't have anything to do with 2kinds but advertises some "emotion" site.....? (it even asks not to be deleted)

User avatar
pocketlint82
Apprentice
Posts: 112
Joined: Wed Feb 14, 2007 6:35 pm
Location: Georgia

#14 Post by pocketlint82 »

webwebbbw

http://2kinds.com/forum/viewtopic.php?p=92564#92564

pointless rambling and has a link to a random webhosting

zhimoda
Ringtail Foxie
Posts: 741
Joined: Tue Feb 20, 2007 2:18 pm

#15 Post by zhimoda »


Post Reply