A Guide to Combating Spam on a Simple Machines Forum

Started by Account Abandoned, September 17, 2011, 04:23:20 AM

Previous topic - Next topic

KeeKira

Thanks for the article.
I always preferred the question type mod that rotated through several questions.

SportPistol

Thanks Shawn for taking the time to write an in depth article.
This reply is for info share only.
Seems there are differences in effectiveness between SMF's V2.0.x Anti-Span Verification Questions and the SMF MOD Anti-Spam Verification Questions for SMF 1.1.7 found at http://custom.simplemachines.org/mods/index.php?mod=1516

Background: My club's SMF forum was under increasing foreign registration attack since March 11.  IP Bans failed to stop the registrations and BotScout helped slow the flow but did not halt the attacks.  Finally in August 2011 I installed SMF MOD Anti-Spam Verification Questions for SMF 1.1.7 with three questions.  How many sides to a triangle, How many sides to a square, What is the sum of 3+4.  I had peace at last.  Implementing that mod stopped all foreign registration attempts.

Fast forward to today.  I upgraded  the club SMF forum from version 1.1.15 with the Anti-Spam Verification Mod listed described above, to SMF version 2.0.2
I implemented the same three questions with the built in anti-spam verification features of SMF V2.0.2.
Within the first 12 hours under this configuration, there were sixteen successful registration attempts. 
All User Registrations require Admin Approval, so I get to delete these Foreign Registrations.  No impact to our members.
I just find it peculiar that the Anti-Spam MOD used in SMF V1.1.15 was 100% successful but the same verification functionality using the same questions in SMF V2.0.2 has a crack in the armor.   
Just wanted to share my experience.

Arantor

Not really surprising, though.

If you use questions that are obvious when put in a search engine (and sufficiently generic you'll get consistent answers out of a search engine), it becomes trivial to automate... Especially when you realise that the markup in 2.0 is now consistent.

But the same markup area is different in 1.1.x with the questions, meaning that bots wouldn't necessarily pick it up while they would in 2.0 - to them it might be seen as a customised 1.1.x that they don't know how to beat automatically.

Or, alternatively it could just be coincidence... Just because you did the upgrade, there is no direct evidence to show a correlation in spam changes (though I think that in this case it is more likely not to be a coincidence)

SportPistol

 :-[
I'll admit when I'm an idiot. 
"I swear officer, I only had a little to drink tonight!" 
Must be an age thing kicking in... I swear that that I tested the registration with validation questions, but when I investigated today, no anti-spam measures invoked.
Finding the errors in my ways, I checked the box for "Require verification on registration page " and I'm using two questions with answers that are specific to the club.
Then I went back and tested to confirm.  Yep... it's there.
Will check over the next 24 hours to see if the anti-spam measures keep foreign registration bots at bay.
If no news from me... then we'll all know that I had a brain fart.

RyanLaw

I have a really dumb question - how exactly do you install the third-party verification Stop Forum Spam? I downloaded the file SFS_StopForumSpam.1.0.tar.gz, but I'm not sure where to put it to activate it.

Thanks for the guide!

RyanLaw

There might be an easier way to do this, but this is what I figured out (I am using 2.0.2):

1. I downloaded the file from custom.simplemachines.org/mods/index.php?mod=1519
2. Hover over Admin, then click Package manager
3. Click Download packages, then Choose File under Upload Packages
4. Upload it, and it will walk you through the rest

I hope that helps someone!

paulocon2

Anyone got any advice for a forum running smf1.1.16?

On the verge of giving up due to the amount of SPAM on a daily basis..

mrintech


paulocon2

#28
I'll give them a go thanks!

Just need to figure out how to install them/where in the directory hirearchy to upload them!

Edit: Ignore that, just found instructions at http://wiki.simplemachines.org/smf/Package_manager

mrintech


strawberries

SMF has always been my favourite forum script.

I have never had a problem with spam registrations in the past.  Well, apart from the first day or so.  But, in the past, after installing Stop Spammer, all was well.

Anyways, I have not been using SMF for a year or so (I had been using an old RC version). 

I installed the latest SMF version last weekend.  I have been getting spam signups every day since. 

On Sunday, I installed Stop Spammer, httpBL, Bad Behavior, Forum Firewall......and I set up a honey pot.

On Monday (yesterday) I was still getting these spam registrations.  So as well as email activation, I set up two simple questions last night (Monday) that had to be answered.

And today, I log in to find another spammer sitting waiting for registration approval.

What am I doing wrong.  I have never had this severity of problem before, in all my years of using SMF.  Is it a lost cause?  Have spammers finally won?


strawberries

update

I have made my two registration questions more difficult.

I am using the refrigerator question now!  (many thanks to the folks in that other great thread about good questions to ask)

let's see how this works out.

Ebel.Munkey007

I seem to be in the same boat as Strawberries. I've been having no major issues with spammers since setting up the forum, and when I previously did I just set up some questions and my problems went away. Unfortunately though in the last week, something seems to happen where spam bots are able to register for my forum and (I assume) they are some how bypassing my registration questions and (I assume) the captcha.

I added in another question, but that didn't seem to stop the spammers from registering. I installed stop spammer and httpbl and set up a honey pot... thats cool, it helps me as the admin easily see which new registrations are known spammers... but ideally I'd just like to somehow block them from ever being able to register....

Any ideas?

strawberries

the spambots have clearly become stronger (almost unstoppable) in 2012.

but I am happy to say that by using a difficult question, in my registration page, I have not had a single spam registration since then (i.e. since Tuesday morning)

so if you have just installed SMF, I would suggest that as default precaution, that you set up a difficult question.

not too difficult mind!

turboguy

There is a lot of good information in this thread.   Thanks to everyone who contributed.  My problems with spam bots was pretty minor until the past 10 days or so when it went from a couple a week to as many as 150 in a day.  After devoting my entire days to deleting them as fast as they joined I decided to turn off registration in my forum totally while I decide what security measures to add.   That worked good for a while and now even with registration turned off I have had 6 today already.   It does make me wonder how they manage to register with registration turned off and if there is really any security measures that will work if turning off registration doesn't work.  Well, back to my forum to try to apply some of the things I have learned in this thread.   Thanks everyone.

iplan

I have my forum set up so that I have to approve registrations.... Since my forum is an invitation only forum, I have to manually reject all of them.

It seems there is a default setting that I can not figure out how to change that goes basically like this, "If the administrator does not approve them within 7 days, they are automatically approved."

My life would be so much better if I could figure out how to get it to be the other way ~~~ in other words:  "If the adminsitrator does not approve them within 7 days they will be automatically rejected."  Any ideas on how to change this?

Kindred

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

MacGig

seems their back again on my site. I've done all I can think of to keep them from joining my smf 2.0.3 site. they were out for quite a long time, now I'm finding they are joining again.

seems theirs nothing that will keep them out short of shutting the site down. I've tried most everything, nothing works for very long. How do they get past the anti spam questions? beats me... but they do.

I just changed the questions first time in a year. I doubt that will stop them. Ultimately they will get in.

rodelio.lagahit

these guys are just everywhere. their platforms can penetrate registration forms like an intelligent human being. i guess, our last option is to assign someone to religiously monitor every registration or have it approved by you first. :D

MacGig

Im thinking of doing that. check every new registration personally using http://botscout.com/

every other method has failed.

Advertisement: