Stop Spammer

Started by M-DVD, December 31, 2008, 07:31:43 AM

Previous topic - Next topic

KensonPlays

Quote from: Tamsin on February 04, 2010, 05:24:28 AM
When deleting a spammer flagged red, it somehow turned all other members to 'unchecked'  blocking everyone out, including the admin. We've had to reset the admin account in the db, log in and approve all the existing members to restore the forum.

This has happened twice in two days and we are thinking of unplugging this mod. Has anyone else had a similar problem? Can anyone suggest a cure?
I've checked and have not gotten this yet...

EL34xyz

I have not had the mod check all the members either.
I did have this happen though.

After running the spam check on all my members, I deleted the ones that came up RED with IP and Email addresses.
Right after I deleted them, a bunch of new members popped up in the members awaiting approval screen.
All these members were flagged as spammers.

Not one of these people had actually just registered.
I just checked them all and then rejected them as members.
Anyone ever see this happen?

Tamsin

Hmmm... I have disabled Stop Spammer now because it has become so unstable. Have changed the registration method to member approval and am checking each one manually for the time being. It's a shame though because I liked this mod very much. I've also installed zbblock but don't know yet how effective it is.

CrankyOldguy

#423
OK, I'm officially UNHAPPY with this mod and it ought to be marked DANGEROUS.  Any site owner that doesn't know how to write a SQL command could easily shoot themselves in the foot with it and lock EVERYONE out of their forum.  Trust me, I just did it.

I'm pretty sure the sequence of events was that I'd clicked the new "Check this member" link in the profile and then hit the CHECK THESE MEMBERS button in the Admin panel MANAGE MEMBERS area without clicking the check box next to the name.  I *think* that's all I did.  Whatever happened, it set ALL MEMBERS to unactivated and SPAMMER.  The is_activated field went from 1 to 3 FOR FREAKING EVERYONE INCLUDING OWNER AND ADMINS, and the is_spammer field went from 0 to 8, again FOR EVERYONE.

Lucky for me, I *do* know how to do a SQL search and replace.  In phpMyAdmin, do:

UPDATE smf_members SET is_activated = REPLACE(is_activated,'3','1');
and
UPDATE smf_members SET is_spammer = REPLACE(is_spammer,'8','0');

and Voilà, your forum is now UNSCREWED.

Folks, this is absolutely UNACCEPTABLE BEHAVIOR for a mod... NOTHING should ever do a global deactivation of ALL MEMBERS, including the Admins.  How in the heck am I supposed to log in and activate myself when I'm deactivated and can't log in????

Sorry, with 22 pages of comments on this mod I'm not sure if someone else has already seen this horribly aberrant behavior.  I'm running the 2.3.6 version on an SMF 1.1.11 forum, and as soon as I finish writing this warning I'm going to hunt down that CHECK THESE MEMBERS button and delete it!

edit: yeah, I see several others noticed this as I was writing my rant.  O:)

BTW, the owners of www.stopforumspam.com have been having problems with GoDaddy.  The idiots at GoDaddy deleted all of their DNS data for no apparent reason yesterday, so you may get connection errors as the new DNS entries ripple around the Internet route tables.

Tamsin


EL34xyz

I wonder if these issues are just with the most recent version?

I have had this mod installed for a year or more without anything as horrible as was described above.
I just installed the most recent version a few days ago and now after reading thus, I am worried.  :(


KensonPlays


EL34xyz

Ok, something does not add up.
This mod has been out for a long time and I have used it for a long time.
How come just now these issues are popping up?

"Be Worried" does not really explain much of anything.

Sabre™

Quote from: CrankyOldguy on February 04, 2010, 01:17:13 PM
BTW, the owners of www.stopforumspam.com have been having problems with GoDaddy.  The idiots at GoDaddy deleted all of their DNS data for no apparent reason yesterday, so you may get connection errors as the new DNS entries ripple around the Internet route tables.
Do NOT give admin and/or ftp details to just anybody, see if they are trust worthy first!!  Do your homework ;)


CrankyOldguy

#429
Sabre, that info is direct from the users forum at StopForumSpam, it's an announcement there apologizing for the connection errors.  I managed to get in yesterday, but I'm having route issues again today and can't log in there again.

edit: here's a copy of the whole announcement thread from the StopForumSpam forums:


KensonPlays

Quote from: Sabre™ on February 04, 2010, 02:58:41 PM
Quote from: CrankyOldguy on February 04, 2010, 01:17:13 PM
BTW, the owners of www.stopforumspam.com have been having problems with GoDaddy.  The idiots at GoDaddy deleted all of their DNS data for no apparent reason yesterday, so you may get connection errors as the new DNS entries ripple around the Internet route tables.

Darn GoDaddy!!!!!!!!!!! You suk!

Nerd3D

Hurm, there's more to this. I just tried repeatedly to hit this bug. Checked several members and clicked [Check these members]. Worked perfectly. I tried a whole page of members. still no problem. Then I tried not checking any boxes and hitting [Check these Members] . Again, no problems.

Could this be somehow related to the problems Go-Daddy caused earlier, screwing up their DNS?

Stop Spammer 2.3.6 in SMF 1.1.11

butchs

I have 2.3.6 and SMF 2.0 RC 2 and have not had issues.  Though no new members joined the days the problem happened.

I looked at the code and there seems to be a check that is supposed to post an error if the server is not there.  Maybe it needs to check before and after a search to confirm a steady connection?
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

CrankyOldguy

#433
Quote from: Nerd3D on February 04, 2010, 09:29:06 PM
Hurm, there's more to this. I just tried repeatedly to hit this bug. <snip>. Again, no problems.

Could this be somehow related to the problems Go-Daddy caused earlier, screwing up their DNS?

Quite probable... here's someone else at the StopForumSpam that had the same issue I did, around the same time:

QuoteWhew, what a relief!!!
Like many others, I thought you were under a DOS attack and co-incidentally I was locked out of the forum I administer saying that my account had not been approved. I am using SMF forum prg with a Mod that refers to here for all new members and I was in the process of checking for further details when my forum went down.
It appears that I must have been connected just when the balloon went up and the site went down. It took me 6 hours to get back in but I learnt a lot more about MySQL so it wasn't all bad.
Keep up the good fight!!!

(from later on in that same thread I posted above)

I suppose the way to test it realistically would be to set up something that mimics the SFS server and then make it go wonky, or edit the URL to the server in StopSpammer.php to something that won't resolve like XYZZY1.org.

Here's the chunk of code in that PHP file that I'll bet money went crazy and deactivated everyone, starting at line 72:
foreach ($members_data as $row)
{
if ($report)
fetch_web_data('http://www.stopforumspam.com/add', 'username=' . $row['member_name'] . '&ip_addr=' . $row['member_ip'] . '&email=' . $row['email_address'] . '&api_key=' . (!empty($modSettings['stopspammer_api_key']) ? $modSettings['stopspammer_api_key'] : 'U4Ty3g7fFJ1VXj'));

if ($is_spammer = checkDBSpammer($row['member_ip'], $row['member_name'], $row['email_address']))
updateMemberData($row['id_member'], array('is_activated' => 3, 'is_spammer' => $is_spammer));
if ($row['is_spammer'] != $is_spammer)
++$modSettings['stopspammer_count'];
}


I'll look further, but in the event of a connection error, it appears that checkDBSpammer function went berserk and decided that no connection meant everyone was a spammer.  A little more ERROR CHECKING, PLEASE!!!

Maybe it's merely that the first line isn't being qualified with ONLY the 'checked' members in that list,
foreach ($members_data as $row)
looks like it's going to go through the whole freakin' database.  BUG.

edit: yep, it's missing the check to see whether it should perform the DB update on only the checked members.  Here's the similar section from ManageMembers.php for when you want to DELETE one or multiple members:
// Are we performing a delete?
if (isset($_POST['delete_members']) && !empty($_POST['delete']) && allowedTo('profile_remove_any'))
{
checkSession();

// Clean the input.
foreach ($_POST['delete'] as $key => $value)
$_POST['delete'][$key] = (int) $value;

// Delete all the selected members.
require_once($sourcedir . '/Subs-Members.php');
deleteMembers($_POST['delete']);

Notice any difference?  The chunk in StopSpammer.php isn't testing for "did they CHECK anything?"


In addition, I'm fully with (whoever mentioned it earlier) that the REPORT THESE MEMBERS  function needs to be in the MEMBERS AWAITING APPROVAL as well... I don't want to have to APPROVE a spambot just so I can report it.  Maybe change that last option from REJECT AND SEND MAIL to REJECT AND REPORT TO SFS, as I have ZERO interest in sending mail to a spambot to tell it to pound sand, and it's a worthless exercise.

Tamsin

After reading the last few messages here it's reminded me that now when I go to Registration/Settings I see the following under Enable/Disable MOD Stop Spammer:

If the Connection Fail with DB Anti SPAM...:
Your host couldn't make connection to the DB, Try again later
If it continue see Topic of Support and search Known Issues


This I am sure wasn't there before I started having these problems.

EL34xyz

#435
How come the Mod author has not posted any info regarding these recent postings?

giveaway365.com

Quote from: Tamsin on February 04, 2010, 06:28:19 AM
Hi givaway365. You and I seem to be suffering from the same bug. Mine is v2.3. What's yours? I'm thinking we should uninstall this mod but we get so many spammers registering every day and the mod does successfully flag them all. I just don't dare deleting them in case it goes wobbly again!

Tasmin I am using 2.3.6 latest unofficial version on smf 1.1.11.
I also get lot of spams from Russia, I dont know whats they want to achive ! >:(

giveaway365.com

i am actually uninstalled this mod because if there is a database connection problem, all members are deactivated including admins

JWilliamson

Quote from: CrankyOldguy on February 04, 2010, 01:17:13 PM
OK, I'm officially UNHAPPY with this mod and it ought to be marked DANGEROUS.  Any site owner that doesn't know how to write a SQL command could easily shoot themselves in the foot with it and lock EVERYONE out of their forum.  Trust me, I just did it.

I'm pretty sure the sequence of events was that I'd clicked the new "Check this member" link in the profile and then hit the CHECK THESE MEMBERS button in the Admin panel MANAGE MEMBERS area without clicking the check box next to the name.  I *think* that's all I did.  Whatever happened, it set ALL MEMBERS to unactivated and SPAMMER.  The is_activated field went from 1 to 3 FOR FREAKING EVERYONE INCLUDING OWNER AND ADMINS, and the is_spammer field went from 0 to 8, again FOR EVERYONE.

Lucky for me, I *do* know how to do a SQL search and replace.  In phpMyAdmin, do:

UPDATE smf_members SET is_activated = REPLACE(is_activated,'3','1');
and
UPDATE smf_members SET is_spammer = REPLACE(is_spammer,'8','0');

and Voilà, your forum is now UNSCREWED.

Folks, this is absolutely UNACCEPTABLE BEHAVIOR for a mod... NOTHING should ever do a global deactivation of ALL MEMBERS, including the Admins.  How in the heck am I supposed to log in and activate myself when I'm deactivated and can't log in????

Sorry, with 22 pages of comments on this mod I'm not sure if someone else has already seen this horribly aberrant behavior.  I'm running the 2.3.6 version on an SMF 1.1.11 forum, and as soon as I finish writing this warning I'm going to hunt down that CHECK THESE MEMBERS button and delete it!

edit: yeah, I see several others noticed this as I was writing my rant.  O:)

BTW, the owners of www.stopforumspam.com [nofollow] have been having problems with GoDaddy.  The idiots at GoDaddy deleted all of their DNS data for no apparent reason yesterday, so you may get connection errors as the new DNS entries ripple around the Internet route tables.

Thank you for posting this.

snoopy_virtual

Quote from: EL34xyz on February 05, 2010, 08:08:10 AM
How come the Mod author has not posted any info regarding these recent postings?

The Mod author, M-DVD, has not been coming to SMF for more than 3 months already.

Last December (2 months ago) I told him I wouldn't mind to be responsible for updating the mod when needed, because anyway I have been working with M-DVD developing this mod since he started it 2 years ago and I think I know every line of code in it.

The problem is, to do this properly, I need to have access to the mod's main page, to upload new files when needed, to change the FAQs when needed, etc.

As far as I know, M-DVD asked SMF's Customization Team on the 6th of December to add my name in the mod's main page as a co-author.

A month later, the 4TH of January, I sent a PM myself to SMF's Customization Team asking them what was happening about that.

I didn't have any answers yet about it.

That's the reason why I have not been answering here a lot of questions lately, because I was fed up answering ten times the same questions and I thought it would be easier just to wait until I get access to the mod's main page and I will just add all these questions and answers to the FAQ.

Anyway this is not happening and I don't know why.

If any of you knows anybody inside the SMF's Customization Team could you please send them a PM asking them please to look into this ridiculous situation?

I don't see any point of having a mod here out of date.

The version 2.3 you can find in the mod's main page is too old and out of date.

The mod's owner (the only one with access to that page) has not been coming to this forum for 3 months and (as far as he told me the last time I talked with him) he is too busy with his work and has no intentions of coming back here for some months or even years.

The actual updated version of this mod 2.3.6 (at least the version working properly until a couple of days ago) is not in SMF site but in my personal server.

As I said before I think all this is ridiculous and somebody should sort it out as soon as possible.




Now, going to the big problem some of you are having.

I only learn about it a few minutes ago.

Usually I check all my forums every day for spammers using this mod (I administer 10 of them) and I have been doing that for the last 2 years.

The problem is I have been too busy with a very urgent work the last 3 days and (because every thing was running so smooth anyway) I didn't check any forum during these 3 days.

I was so concentrated with my work that I didn't even checked my email as well.

Just a few minutes ago I went to check the forums and I have the nasty surprise. The first 2 forums I checked every body went suddenly to no activated ( is_activated = 3 ) and suspicious spammer ( is_spammer = 8 ). Even me.

My first thought was maybe I had a hacker attack, but then I came here and found out a lot of you with the same problem.

OK, I'll start working on a solution just now. Luckily I see a few of you have been already thinking about it and posting here possible solutions.




And, by the way, if anybody with enough knowledge of PHP and MySQL want to give me a hand I will really appreciate it.

The more brains working in a problem the fastest we get a solution.




And by the way again, ff any of you knows anybody inside the SMF's Customization Team don't forget to please send them a PM asking them to look into this ridiculous situation.

Thanks.

El verdadero sabio es aquel que lo ve todo, lo estudia todo, lo analiza todo y molesta poco.
A true wise man is he who sees everything, studies everything, analyses everything and hardly ever annoys.

Advertisement: