News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Banning Spammers

Started by TMR Guy, September 15, 2014, 07:35:04 PM

Previous topic - Next topic

TMR Guy

When I ban a spammer is it OK to delete their account too, or will that delete the ban on their IP?

Thanks,

TMR Guy

Arantor

It's honestly better not to ban them in the first place because it's better to keep them from even registering in the first place as per Spam - my forum is flooded with spam, what can I do

Ninja ZX-10RR

Or if they use a static IP address you can ban them this way --> http://www.simplemachines.org/community/index.php?topic=524146.0 to make sure that at least *THAT* spammer bot won't come back again.
Quote from: BeastMode topic=525177.msg3720020#msg3720020
It's so powerful that on this post and even in the two PMs you sent me,you still answered my question very quickly and you're apologizing for the delay. You're the #1 support I've probably ever encountered man, so much respect for that. Thank you, and get better soon.

I'll keep this in my siggy for a while just to remind me that someone appreciated what I did while others didn't.

♥ Jess ♥

STOP EDITING MY PROFILE

a10

Agree with Ninja about stopping some of the very persistent spammers\ip's\bots, using htaccess is very effective. Am blocking only the worst offenders, and remove entries when not active anymore. Experimented previously with blocking half the world (+ a few planets), goodbye to all chinese, ukrainian etc spammers but got into trouble (false 403's, speed went down the drain, impossible to administrate properly).

And of course use some good antispam measure(s) (#1: verification questions, see my previous posts for some stuff that's working great here).
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

TMR Guy

I'm still very new at this computer stuff so please bear with me as I might get some of the terminology wrong.

Just for my own curiosity, once I ban a member (like a spammer) is it OK to delete their account too, or will that delete the ban?

Do I really need an anti-spam mod if I'm only getting 1 or 2 spam accounts a week?

I do ban IP's ranges with .htaccess and it seems to work great. I'm just a US forum so anytime I get a spammer from another country I just add that countries IP range to the .htaccess files.

The problem I have with verification questions is, it seem a lot of my members are even more computer illiterate then I am. So that might discourage them from registering. I can't tell you how many members don't check their spam folder to active their account. Thank god you guys told me to check members awaiting activation lol.

Also I approve every member, so there is no spam posts on my forum (they can register but not post, or even PM anyone except me).

I keep getting the same spammer from UNITED STATES, MISSOURI, KANSAS CITY, should I be banning their hostname too?

Arantor, I'm going to do a little reading on that link you posted.

Thanks everyone for the help....  8)

Arantor

Deleting an account deletes a ban on the member id.

It still clogs up your ban list, though.

That reminds me, there's a forum I look after occasionally with 247 pages of bans last I looked, and none of them have ever been hit in the first place (they ban after the spammer has gone)

Ninja ZX-10RR

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
I'm still very new at this computer stuff so please bear with me as I might get some of the terminology wrong.
Np :)

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
Just for my own curiosity, once I ban a member (like a spammer) is it OK to delete their account too, or will that delete the ban?
Just ban him via .htaccess and delete the account ;) of course it won't delete the ban whether you ban him via .htaccess or via smf it won't matter, the ban won't be lifted.

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
Do I really need an anti-spam mod if I'm only getting 1 or 2 spam accounts a week?
Yes, you do. You really do, now they are 1 or 2, but they might be a hundred or even 8500 pages of members (it happened recently) in just a day.


Quote from: TMR Guy on September 21, 2014, 04:44:11 PMI do ban IP's ranges with .htaccess and it seems to work great. I'm just a US forum so anytime I get a spammer from another country I just add that countries IP range to the .htaccess files.
Nonononono...NO. Don't ban countries, I warned on the other topic not to do it, you are potentially banning *WAY* more users than you ever wanted to. Ban with CIDR notation as indicated is fine but don't abuse it like that, it is not a good thing unless you ban a country temporarily because people from that country is trying to DDoS you or something...

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
The problem I have with verification questions is, it seem a lot of my members are even more computer illiterate then I am. So that might discourage them from registering. I can't tell you how many members don't check their spam folder to active their account. Thank god you guys told me to check members awaiting activation lol.
Those might be bots, too. It happened to me as well.
And also, I didn't set any verification question to be honest, but I DID setup almost all available anti-spam mods. :P

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
Also I approve every member, so there is no spam posts on my forum (they can register but not post, or even PM anyone except me).
Extremely tedious and time-consuming...

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
I keep getting the same spammer from UNITED STATES, MISSOURI, KANSAS CITY, should I be banning their hostname too?
DON'T do that, you can ban *SO* many legit users like that... Just ban this guy from .htaccess and there you go, it won't come back ever again. ;)

Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
Thanks everyone for the help....  8)
You're welcome :)
Quote from: BeastMode topic=525177.msg3720020#msg3720020
It's so powerful that on this post and even in the two PMs you sent me,you still answered my question very quickly and you're apologizing for the delay. You're the #1 support I've probably ever encountered man, so much respect for that. Thank you, and get better soon.

I'll keep this in my siggy for a while just to remind me that someone appreciated what I did while others didn't.

♥ Jess ♥

STOP EDITING MY PROFILE

Kindred

Ninja, please stop telling people to ban spammers via htaccess in any sort of primary activity...

Banning via IP address in htaccess should be done only as a last resort.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Ninja ZX-10RR

Banning via .htaccess is good since people still think that banning via SMF is the correct way while it ISN'T, and it has been said multiple times. I always suggest to install anti-spam mods or verification questions (as well as you do) and if they need to ban someone just do it via .htaccess since SMF built-in ban system will cause the system to slow down. That being said I do it also because it is not written in SMF anywhere but we all keep telling people not to ban people within SMF. Why not saying that then? Why not putting a warning or something?

Also, why harrassing me when there is this message proving that the system is working?
Quote from: TMR Guy on September 21, 2014, 04:44:11 PM
I do ban IP's ranges with .htaccess and it seems to work great.
[reply to OT]
Just because that guide wasn't there and many people already used it and has become a FAQ and there is no real documentation for it? Or just because you hate me for no reason? I still don't get you, I asked you many times and you still haven't replied to it, not on forums, not in PMs, just silently hating me in support topics, everywhere else you seem not to care very much about me. If you say that you don't well at least you make me feel like that, and you are one of the (very) few people making me feel such a feeling, so it's definitely not on my side. But don't reply to this (even if it was you starting it, completely off topic when the user seemed pretty happy with the result, and not only here) I don't want to go off topic, the answer has already been given above otherwise you would have added it yourself. I can't understand this harrassment once again, because it IS an harrassment, not to disrespect you nor to be unkind but I do feel harrassed. You are the only one posting always somehow "against" me while I always want to co-operate to help people, also providing links when you can't because you're on the phone. Did I blame you for that? No, no reason for it. Why do you blame me if users are satisfied with it, then? You are the only team member doing this to me. Either quit hating me or tell me the reason for it so that I can explain my behaviour or clarify or whatever you feel I should do. If you have something wrong with me please let it be with me and not with my support posts as they are 2 separate things, blame me in private if you feel you have to, even if I never really disliked you, but if you get a reply then don't just shut up, reply and TELL ME if I am wrong or not, especially provide EVIDENCE of what you say, last time there were none while I provided proofs back and didn't get an answer. I will either say sorry (you know I do that when I'm wrong, without any problems or shame since I'm human and I can be wrong obviously :D) or either justify or even fight your accusation back with proofs of it being wrong. As long as you do reply, in private, so you don't blame me for going somehow off-topic, and this time you would be right. Please don't just reply telling me that it's just me feeling this way because it's not just me, it really isn't. I never felt like this before in a forum, and I have been in many forums, I have also been mod in another one (not smf-based) and it's the first time I have to say things like these. Can't you just co-operate with me and say something like "Remember TMR_Guy that banning via .htaccess should be your last resort ;)" that would have helped much more than this, underlining it is actually a good thing. I'm afraid you won't accept but I'll ask you one more time: co-operate with me (well, maybe saying it the opposite way it's better, I co-op with you and the others) since I have nothing wrong against you and I just want to help people for the sake of SMF? The OP made me feel that my reply was right with his message so I will keep it up, with you, possibly, since you know things even better than me, and I perfectly know it. Hand-shake and be both supporters? Badge doesn't matter here, we both support, I just ask if we can do this together or not, I wish we could, I truly do.

Sorry to TMR_Guy for this off topic stuff but I felt I had to reply back, please ignore this last section and focus on message #6 and the note of message #7, will you? :)[/OT]
Quote from: BeastMode topic=525177.msg3720020#msg3720020
It's so powerful that on this post and even in the two PMs you sent me,you still answered my question very quickly and you're apologizing for the delay. You're the #1 support I've probably ever encountered man, so much respect for that. Thank you, and get better soon.

I'll keep this in my siggy for a while just to remind me that someone appreciated what I did while others didn't.

♥ Jess ♥

STOP EDITING MY PROFILE

Arantor

Most of the time the bans will be enacted and unlikely to be ever hit again. Even if you're using Apache/.htaccess it's still something that has to be dealt with at a system level, though it is an order of magnitude more performant than SMF's ban system.

Banning spammers is still not the way to solve the problem and Kindred's right: it should be the last resort. Mostly because it doesn't actually work very well.

Quote from: Arantor on September 21, 2014, 04:53:16 PM
That reminds me, there's a forum I look after occasionally with 247 pages of bans last I looked, and none of them have ever been hit in the first place (they ban after the spammer has gone)

Correction: 296 pages of bans. Hundreds and hundreds and hundreds and hundreds of IP bans which have never been hit since they were laid down, some of them years ago. The spammers change IP addresses.

There are better solutions than cracking walnuts with sledgehammers.

Ninja ZX-10RR

Quote from: Arantor on September 21, 2014, 08:20:18 PM
Banning spammers is still not the way to solve the problem and Kindred's right: it should be the last resort. Mostly because it doesn't actually work very well.
Never denied it, that's the reason why I posted it just AFTER your link with the mods and verification questions ;) It's because if they don't work and can't stop it then there is that solution as well. And I typed in italics that they must use a static IP address in order for it to work otherwise it will not work at all.
Quote from: BeastMode topic=525177.msg3720020#msg3720020
It's so powerful that on this post and even in the two PMs you sent me,you still answered my question very quickly and you're apologizing for the delay. You're the #1 support I've probably ever encountered man, so much respect for that. Thank you, and get better soon.

I'll keep this in my siggy for a while just to remind me that someone appreciated what I did while others didn't.

♥ Jess ♥

STOP EDITING MY PROFILE

TMR Guy

Quote from: Arantor on September 21, 2014, 08:20:18 PMCorrection: 296 pages of bans. Hundreds and hundreds and hundreds and hundreds of IP bans which have never been hit since they were laid down, some of them years ago. The spammers change IP addresses.
Can you dumb this down a bit for me please? Are you saying that out of hundreds of banned IP address none of the spammers use the same IP address twice?

Arantor

Pretty much yes.

That's been the experience I've had on that forum, where they banned every spammer after they'd spammed and at least 80% (probably nearer 95%, but it's hard to check meaningfully) of the bans were never triggered again because the spammers never reused those IPs again.

a10

htaccess is very effective for stopping bandwidth hogs, be it spammers or bots. From blocking half the world (lots of trouble maintaining this!) I'm down to blocking just a few ip's now and then, then immediately remove the entries when not needed anymore.

QuoteThe problem I have with verification questions is, it seem a lot of my members are even more computer illiterate then I am
To start with, try something simple like   write the numbers seen in abc63877dfg    will be no problem for anyone but the bots, see my previous post for lots of variation ideas. So far so good here (many years with no spam) using this simple kind of question.

btw, am still hoping for the (impossible) mod that will give the forum admin the possibility to change action=register into whatever one wants (like action=register4377, action=accountreg etc), making it mandatory to actually click the register button from a pc, and with an option of a 404\403\redirect for anyone\anybot using the action=register script :O)
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

Arantor

Quotebtw, am still hoping for the (impossible) mod that will give the forum admin the possibility to change action=register into whatever one wants

Given that spammers still manage to find the registration page even when pretty URLs is installed, it's a fair bet that that doesn't make much difference.

2.1 changed it to action=signup however.

kdmiller45

Ok given ALL this information, what is the best way to block or handle spammers, and if within SMF where and how is it setup. If a hack is used what is the name and is it compatable with 2.08

Thanks Guys or Gals

Arantor

Same as already pointed out in this thread: Spam - my forum is flooded with spam, what can I do

Q&A is invariably the way to do it.

TMR Guy

I just like to remind everyone that I'm still very new at this computer stuff so please bear with me as I might get some of the terminology wrong.

I checked my ban list for the first time ever :-[ (browse ban triggers) and it looks like I have 75 banned members (just spammers). Out of the 75 members banned about 25% of them have multiple hits, some 20 or 30 hits. So this is my game plan. Add the members with multiple hits to the .htaccess files (I hope I'm saying that right), then delete the members with zero hits so it doesn't slow the forum down (not that its running slow). Install these two mods after I do a back-up  ;) , Mod 1 and Mod 2 - I really want to stay away from the verification questions for now because it might confuse some potential members. If I still have any problems with spammers I will add Mod 3 - It only has a 50/50 chance of the number needing to be deleted and I have a 50/50 chance of the member know what hes doing (pot calling the kettle black lol) when registering. So my odds are good that things will go well.

Any input would be greatly appreciated. And a big THANK YOU to everyone for taking the time to help me out.

TMR Guy

Arantor


br360

One anti-spam mod that I think gets overlooked is this one- http://custom.simplemachines.org/mods/index.php?mod=2965

It is the only mod I use for spam, (no verification questions) and have had no bots at all since I installed it. Might be worth a look.

Advertisement: