SPAM BOTS

oldrow · June 29, 2011, 02:48:11 PM

Ever since installing 2.0 I have basically been getting DDOSed by spambots every day to the point my shared server is shutting down. I have installed honeypot and several other anti spam measure and it has kept them from making posts, but not from registering (they dont get activated) and clogging up my servers by pinging my site. There needs to be some SERIOUS security updates that come on the next patch. Every minute my site goes down I lose money. I love SMF but if my site can't function I will have to change to another forum software!

Dianosis · June 29, 2011, 03:36:14 PM

I was plagued with the same problem when I upgraded to 2.0. My fix may not be feasible for you, but the majority of the spam was coming from overseas, so I modified my .htaccess file to block most of the offending countries.

I now block several entire countries and several million IP addresses. This may sound like a daunting task but if you use the tools on this site: http://www.countryipblocks.net/ [nofollow] with about 30 minutes of work you can cut your spam and stress level to almost nothing.

You can always go back and remove any address range you want to allow through.

oldrow · June 30, 2011, 09:27:02 AM

So do I just click .htaccess deny then select the countries I don't want to have access?

Dianosis · June 30, 2011, 10:36:11 AM

Yes thats correct. When u hit the select countries button it will generate a list under the heading, "Here is the data you requested:"

Select and copy EVERYTHING in the box and paste it into your .htaccess file. The .htaccess file is usually stored in the root directory of your website and can be opened with notepad. Just make sure the file name doesn't change, it has to be named .htaccess not .htaccess.txt or anything else.

oldrow · June 30, 2011, 02:46:59 PM

Do I paste it at the top or the bottom of the .htaccess file?

oldrow · June 30, 2011, 02:57:28 PM

Also, I have several .htaccess files... which one do I modify?

http://awesomescreenshot.com/048ftq2e2

MiY4Gi · June 30, 2011, 04:14:39 PM

Maybe this will help:

http://www.javascriptkit.com/howto/htaccess13.shtml

The .htaccess file you'd wanna modify is the one just in /public_html/ assuming you're using cPanel. I think it's hidden by default.

MiY4Gi · June 30, 2011, 04:17:38 PM

Freaking hell, even THIS forum has the problem that I'm trying to fix.

Anyway, I'm referring to

/public_html/.htaccess

Illori · June 30, 2011, 04:20:02 PM

this forum has what issue? many forums have spam issues it is not restricted to certain forum types. there are also different ways to control them depending on the server configuration.

MiY4Gi · June 30, 2011, 04:25:16 PM

Quote from: Illori on June 30, 2011, 04:20:02 PM
this forum has what issue? many forums have spam issues it is not restricted to certain forum types. there are also different ways to control them depending on the server configuration.

http://www.simplemachines.org/community/index.php?topic=440522.0

TJ2011 · June 30, 2011, 05:08:59 PM

I'm getting the same problem. Is there a plugin that can increase security measures to limit bots from registering. I want to take the registration process off of approval basis.

Illori · June 30, 2011, 05:10:10 PM

check the mod site for some of the anti-spam mods.

MarkRH · June 30, 2011, 07:35:43 PM

I've been using the Stop Forum Spam mod and it does prevent them from registering; although, it does fill the Error Log up with attempts. The most problematic IP addresses I will ban in .htaccess. By adding them to the one in /public_html/ it also prevents them from getting to my blog and either of my photo galleries.

I suspect with 2.0 just being released, the bots are trying to find unprotected forums.

I've thought about installing the httpBL mod but I don't want it checking every single IP address that hits my forum.. I really only care about the ones trying to register. Heck, even my blog blocks comments from at least 50 comment attempts a day due to the math question not being answered.. which is before Akismet even looks at the comment. But the IP addresses I ban eventually stop trying and they just come back with new ones. I may check out the ban by country thing.

Dianosis · June 30, 2011, 08:51:42 PM

My error & ban logs are probably 98% cleaner now. Also I like the fact that it prevents those bots and bad traffic from pounding your site all day, making your forum more responsive and less bogged down by junk traffic.

I have attached a copy of my current .htaccess file if anyone wants to try it out or see what it looks like.

Dianosis · June 30, 2011, 09:25:20 PM

I use a free ftp program called filezilla. You can get the client here: http://filezilla-project.org/ [nofollow]

Use it and set up a connection to your host, most hosts will have instructions for setting up this type of connection or just google it. For example, google: "filezilla connection to bluehost"

Once you get connected, you should be in the root directory of your web site, in filezilla it'll show Remote Site: /

The / indicates you are in the root, you should see all your folders and other files and the .htaccess file. I don't think it'll be hidden, if you don't see one then there probably just isn't one there and thats completely normal. If it isn't there just create a txt file and copy it up and rename it to .htaccess.

If there is one there just make a copy of it before you change anything, that way if anything changes you don't like, you can just put it back.

Once you find it or add it, right click on it and select View/Edit, it will ask what you want to open or edit it with just select notepad if it isn't already there.

Once it's open just paste in the info from the countryipblock site, or you can look at the one I just posted above and copy and paste it into yours. If your file is just blank it would be just as easy to copy my file up and replace the blank one.

Hope this made sense, it's alot eaiser to do this thru filezilla than the c-panel file explorer.....Hope this helps.

MarkRH · June 30, 2011, 11:05:47 PM

Quote from: Dianosis on June 30, 2011, 08:51:42 PM
My error & ban logs are probably 98% cleaner now. Also I like the fact that it prevents those bots and bad traffic from pounding your site all day, making your forum more responsive and less bogged down by junk traffic.

I have attached a copy of my current .htaccess file if anyone wants to try it out or see what it looks like.

Warning: If you use the linked to .htaccess file, you might want to make sure you remove the second line, especially if your server is set up to use PHP5 by default (some scripts require PHP5 now):

Code Select


AddHandler application/x-httpd-php4 .php

Other than that, thanks for the file. I might add it to mine just to see what happens. Wonder how much it will affect server response dealing with 27,000+ lines of deny statements.

Dianosis · June 30, 2011, 11:57:00 PM

Quote from: MarkRH on June 30, 2011, 11:05:47 PM
Other than that, thanks for the file. I might add it to mine just to see what happens. Wonder how much it will affect server response dealing with 27,000+ lines of deny statements.

Thanks for pointing that out about PHP5.
I haven't noticed any adverse effects at all. Even with that many lines, the whole file is only around 700kb. I bet most servers don't even blink scanning through it.

sadaam · July 01, 2011, 01:32:26 AM

Quotethis forum has what issue? many forums have spam issues it is not restricted to certain forum types. there are also different ways to control them depending on the server configuration.

i m agree with illori.

News:

SPAM BOTS