Simple Machines Forums attacks

IchBin™ · June 21, 2011, 05:06:01 PM

We typically only send news letters on announcements. I'd suggest you hit the "notify" button at the top of the news board here.

HecKel · June 21, 2011, 07:27:06 PM

I am not talking just about myself.

Ok, I can do that and since I am quite often here it was a huge lack of attention from my side, but even though, this was a security warning regarding your software. At least, you should have warned your members about this safety warning.

Kindred · June 21, 2011, 08:43:58 PM

We did... We posted in this announcements board.

We don't send out email announcements formal that much these days.

MacGig · June 28, 2011, 08:29:02 AM

id like to see smf incorporate more anti spam/bot measures into smf itself. not everyone feels comfortable editing files and adding mods. it would be nice to have more security features built in, ready to go when smf is downloaded. just a thought.

Illori · June 28, 2011, 08:32:14 AM

if you are suggesting a feature please post it in the proper board, but keep in mind that no features are being added to any of the versions of smf that are released as they are feature locked.

Kindred · June 28, 2011, 08:33:10 AM

the mods that we suggest for general spam prevention depend on third party interfaces with third part signup, etc. We don't distribute things like that with the core forum product...

catfished · June 28, 2011, 02:41:38 PM

Quote from: Kindred on June 28, 2011, 08:33:10 AM
the mods that we suggest for general spam prevention depend on third party interfaces with third part signup, etc. We don't distribute things like that with the core forum product...

Makes sense to me.

Knabberbrot · July 08, 2011, 09:59:11 AM

Quote from: MacGig on June 28, 2011, 08:29:02 AM
id like to see smf incorporate more anti spam/bot measures into smf itself. not everyone feels comfortable editing files and adding mods. it would be nice to have more security features built in, ready to go when smf is downloaded. just a thought.

Yes, please! I like the SMF. I selected SMF because it is simple & because the forum is just a bonus on my site. My time is reserved for the main project, not for the forum. Currenty I can't use registration at all because of this §$%$% link & virus spammers. Some days ago I had to switch to "if you want to register, please write an email to me..." If this goes on, I'm forced to either have no forum or switching to another forum with better protection... sorry to say.

Kindred · July 08, 2011, 10:10:36 AM

Quote from: Kindred on June 28, 2011, 08:33:10 AM
the mods that we suggest for general spam prevention depend on third party interfaces with third part signup, etc. We don't distribute things like that with the core forum product...

IchBin™ · July 08, 2011, 10:44:16 AM

The other issue with including anti-spam bot stuff in SMF IMO, is that people will specifically write software to get around what is included because it's included in every install. If people customize their anti-spam software they stand a better chance to thwart spammers.

Dejv · July 10, 2011, 04:06:24 PM

Quote from: george54 on June 01, 2011, 08:13:49 PM
I tried these two simple approaches to stop unwanted spam on my site:

robots.txt-> disallow
disabled landing page registration.
Seems to have worked for the hour. (now over 24 hours, looking good)
Have banned bad IPs in the past, but the bad actors are always getting new IPs.

Hi,

did it help? I think the main problem is the registration. How to change the registration url to something else?

Thanks a lot!

Mark S · July 10, 2011, 07:21:16 PM

So many people expect so much from automated programs these days. They think they are always going to do everything for them, without fail or error so they never have to think about lifting a finger and applying one ounce of their own efforts to do anything.

In the over 2 years I've been using SMF, I've hand NO spammers get through. None. And, all I've ever used is the smf program... as it is. First and foremost, I don't auto-approve ANY registrations. I will take the time review them. Along with that, I added custom registration fields. Bots will invariably enter the same info into some or all of them (usually, it's their source e-mail) so they stand out like a sore thumb and then, I add them to the ban list.

So long as computer generated methods of confounding bots are used, I don't know if they ever will or even can be foolproof. For every security measure created, a way around it is found. The one thing bots can't be programmed to do is to figure out answers to questions which require human reasoning when the bot programmer has no idea what the human answer is because they have no idea what the question is going to be.

IMO - Bottom line is, if you value a spam-free forum, take the time to review your registrations manually. I realize this requires effort on your part but, a 100% track record and a community which has enjoyed years of spam-free use of the forum and site is well worth it... to me, at least.

Dejv · July 10, 2011, 08:38:56 PM

Well I had NO spammers and almost no bans for 5 years ... but in only the last few weeks I made a few hundred bans, not only to the not-approved profiles but also to some new registrations.

Thanks, I will have a look in the custom registration fields. ... I guess this is not in the 1.1.14 core

Kindred · July 10, 2011, 09:56:23 PM

2.0 is much better

青山素子 · July 10, 2011, 10:27:57 PM

Quote from: ThePharaoh on July 10, 2011, 07:21:16 PM
IMO - Bottom line is, if you value a spam-free forum, take the time to review your registrations manually. I realize this requires effort on your part but, a 100% track record and a community which has enjoyed years of spam-free use of the forum and site is well worth it... to me, at least.

Indeed. It's important to exercise some effort to monitor the forum. However, adding automated measures will help reduce the effort needed and even eliminate the most obvious spam bots so you can focus on the more devious accounts.

However, as you say, you'll never get a 100% elimination rate (not without a lot of false-positives) on automation alone. If it can be coded, it can be coded around.

InfoStrides · July 14, 2011, 04:34:00 AM

The hints itemised in the first post are really helpful. Thanks guys.

Dejv · July 15, 2011, 03:18:06 PM

How could a user/bot register if there is an IP-ban on that IP already? Why does this happen?
I click on a new registered user (not verified yet) but its been blocked already. Shouldnt the access to the forum be blocked by that IP-ban already?

青山素子 · July 15, 2011, 06:20:13 PM

How are you banning the IP? Firewall, Apache, or SMF?

Dejv · July 15, 2011, 10:02:41 PM

By .htacess and the new bad-users by SMF

imconfused · July 16, 2011, 11:01:45 PM

If you implement more than one mod will they interfere with each other???

News:

Simple Machines Forums attacks