Curious Spammer Observation

[Road Rash Jr.]

I have been running this forum format for years and never had a problem with spammers. With the release of 2.0 each new install and or upgrade is immediately hit with 15 to 50 spammer attacks within the first 24 hours.
I have several forums not upgraded yet and they are still spammer free, yet upgrade one, wait 24 hours, and it will be inundated with spam attacks.
This has happened with such regularity that I can't help wonder what is it about the new install or the upgrade that alerts spammers of its presents? Is there something in the code that sends up a red flare, "Hey spammers here's a new install of SMF" that no one is aware of?
Is anyone else experiencing this?

[Suki]

NO,  there is no such code on SMF files...  however, since SMF is free you can download it and review all the files yourself and make sure no such thing exist.


bots and spammers will hit your forum no matter what version you're using.

[Road Rash Jr.]

Well see that's the point you missed, none of my previous installs of SMF have had spammer problems. Now all of a sudden, when the previously untouched forum is upgraded, it's immediately hit.

As for inspecting the code, that is beyond my skill level.

Your reply though is disconcerting. Never before has someone reported a possible security problem and been told to find or fix it themselves.

[Suki]

I did not told you to fix it yourself....  please re read my answer...

  however, since SMF is free you can download it and review all the files yourself and make sure no such thing exist.


bots and spammers will hit your forum no matter what version you're using.

make sure !=  fix it    ...


I'm not going to follow you on this...  and this will be my final answer on this topic.:  I answer your question:   there is NO such code on any SMF file...   you can  check  for your self.   

I answer what you asked...  nothing else, nothing more...


This is not a security report since you posted it on 2.0 support board instead of filling a security report.


I don't know how you set up your previous installs as you don't provide any data or info....    many spam attacks can be controlled by using  all the mods/tools available for it, as many other users have done so...

[shorepower]

I'm running a forum that are on 1.12 and I will be moving to 2.0 to get better spammer protection with things like added questions (know I can mod my forum but if in the base product I tries to avoid mods).

Starting around June 10th our forum have seen a large increase of spammers and we have now moved to registrations that have to be Admin approved. We get around 50-60 new "members" every day that we have to remove. So this is not a 2.0 problem, this is about spammers creating some sort of bot that are able to bypass some of the controls that have been in place before.

So congrats to everyone that have stayed out of sight of the spammers.

[Road Rash Jr.]

Thank you for your reply, considering it was only moments after my post you reply there is no security problem I take it you have just checked the code yourself to confirm this.
SMF usage is stock out of the box, no additions used that would alter the code so nothing has been changed since install.

[Road Rash Jr.]

To clarify, I understand that spammers have been the bain of forums for years. Our forums have always been private and NOT on the radar and for years that we used SMF have NEVER had spammers issues I believe because SMF was very secure in a vanela state (no mods).
It has only been since upgrading to 2.0 final that we have suddenly appeared on spammer radar. Even our un-ungraded forums remain un-touched by spammers.
So the only difference in this case, and it may not apply to all, all RC versions prior to final remain secure from spam attacks.

[Geronimo44]

I'm running a forum that are on 1.12 and I will be moving to 2.0 to get better spammer protection with things like added questions (know I can mod my forum but if in the base product I tries to avoid mods).

Starting around June 10th our forum have seen a large increase of spammers and we have now moved to registrations that have to be Admin approved. We get around 50-60 new "members" every day that we have to remove. So this is not a 2.0 problem, this is about spammers creating some sort of bot that are able to bypass some of the controls that have been in place before.

I've had the same problem, and was running 1.11. I had the 'verification by admin' box ticked, so I had control of who could become a member.

I've updated to 2.0 and the problem was fixed. Although I've had one spammer the first day (before I changed to the settings below).

This are my setting for extra security (I use a Dutch version, so it may be different?);

> Members > Settings > Registration method for new users : Admin approval

New future in 2.0
> Configuration > Verification > Visual verification picture : High, turned letters and lines
> Configuration > Verification > Verification question : 'a simple quesion'

It helped me out, and I haven't seen any spammers after that.

Hope it helps.

[Wizzlefits]

If you site has been indexed by search engines, spammers will find you. Doing the upgrade just might have caused your sites to rise in the listing. (just a theory)
2.0 out of the box, will not stop spammers very well. I left one of my bot traps totally default, and it only slowed roughly 5%.
The CAPTCHA has been cracked, but the Q&A does (for now) work pretty well. (Depending on the questions)
Relying solely on the "packaged" anti-spam is not a good idea. You always need layers of protection, and changing those layers once in awhile is even more effective.

[butchs]

I have not seen a stinking spammer in months...

I use:
cloudflare
Avatar verification with 100 images.
bad behavior
forum firewall
stop spammer

Nada de pu nada!

[Sir Osis of Liver]

Road Rash is correct.  2.0 appears to be selectively targeted by spammers.

[Illori]

1.1.14 forums are also being hit by spammers, just look around this forum for the many threads on it.

[Road Rash Jr.]

1.1.14 forums are also being hit by spammers, just look around this forum for the many threads on it.

Yes there are Illori, this forum is rot with complaints about spammers and different ways to hinder them. This is different from random spam hits, where spammers troll for an open door.

Update : Several days ago when I first noticed spammers attacking our upgraded SMF 2.0 forums that previously were not hit as SMF 2.0 RC5, pre SMF 2.0, (these are all vanella forums, no mods, no themes, right out of the box) I decided to remove SMF 2.0 from the forum most hit and re-install that forums version SMF 2.0 RC5. In 48 hours this forum running SMF 2.0 RC5 did NOT get one hit. I just removed it and re-installed a fresh, SFM 2.0 Full Install and low and behold within 30 minutes there were 43 spam hits.
All our forums are private, not for average traffic. You cannot register, pre qualified members are invited. Until installing SMF 2.0 final, for years our forums have remained under the spammers radar, server security stops IP mining so they have no clue that we even exist, yet all of a sudden spam bots and human spammers are aware of our forums only when they are running SMF 2.0 final.
Somewhere there is a leak that was not present in 2.0 RC3, RC4 or RC5.

[Wacko999]

keyCaptcha was just released for the 2.0 final version today and it is working wonders with keeping the spammers out of our forums

[mashby]

That's indeed an interesting observation. It certainly does seem weird that RC3/4/5 isn't as prevalent to spammers as 2.0 final as you are suggesting. What's more interesting though is that for that to be true, the developers would have to had to put in code to alert spammers that the site you are using is now up to 2.0 final. That's not very logical is it? I'd think a better question to ask is a question to spammers: why the hell are you doing what you are doing? Just by being on the intarwebz, you are prone to spammers' attempts to flood your site with advertisements for viagra and/or some sort of pornography. Is SMF 2.0 final out of the box prone to spammers? I believe it is. Are there remediations available? You bet, starting with questions on registration as well as a few mods available here on SMF.

[busterone]

Indeed. Just one or two anti spam modifications in combination with the built in registration questions is more than enough.
I have several sites that are still on RC4 and 5, one on 2.0. I have seen the same amount of spammer attempted registrations on all of them.
I do not doubt what you have observed RR, I just haven't observed the same on mine.
There has been a large increase in spammer activity world wide lately, and even though it appears that SMF is the target, other board scripts are getting hit too.

[Road Rash Jr.]

@ busterone - I agree for others normal forums with what ever mods or captcha they use it all works to limit the work load to dealing with spammers.
@ mashby -

Are there remediations available? You bet, starting with questions on registration as well as a few mods available here on SMF.

As a said in my previous post "All our forums are private, not for average traffic. You cannot register, pre qualified members are invited."
Those solutions are viable for forums that accept registration.

[oldrow]

I have been able to keep a ton of spammers out of registering with several of the anti spam modifications provided.  My servers however seem to keep a HEAVY blow because of the spammers.  Any way to block them so they don't give me extra server load?

[Road Rash Jr.]

As you all know webcrawlers like Google etc are assumed benign and help to promote traffic to your site. The down side is that spammers use this same or similar technique to crawl for a specific target.
In our case our server is protected by a proprietary safeguard that stops crawlers from indexing anything on our server. So for all intents and purposes our sites are invisible to all.
Except with SMF 2.0 Final. Any forums we have updated to this version have been inundated with spammers. When we revert them back to say SMF 2.0 RC5 the spamming stops.
For main stream forums, open to the world, spam attacks will always be a bain for maintenance and the mods available here seem to work well for their purpose from what those who use them say.

[txcas]

keyCaptcha was just released for the 2.0 final version today and it is working wonders with keeping the spammers out of our forums

+1  No spammers since I started using keyCaptcha.