HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


How do we get rid of spam?

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#75498 (In Topic #15634)
Avatar

Well-settled

Hey,

I don't know why I got a javascript error when I came here but maybe I had to clear my cache or something. I refreshed the page but it was still there. I disabled the WYSIWYG editor and renabled it but it was still there. I cleared the cache and refreshed the page and reenabled it and then I can type now in the WYSIWYG.

Anyway, I was noticing I have a bunch of spam. I have captcha enabled. I think people somehow bypass it. Is there a way to enter my Project Honeypot key or use badbehaviour? For captcha is there a way to use a math question instead? Like a random math question each time the page is loaded and they have to fill in the answer. Such as 12+5, 7 - 18, five plus twelve, six minus two, etc. I think maybe that would be even more effective than numbers in images captcha. Or maybe they are just bypassing it completely somehow.

This extension for Joomla has all these things and a bunch more. I think it might be helpful in some way to give you some ideas. EasyCalcCheck PLUS - Joomla! Extensions Directory

Woohoo!

Thank you =)
Back to the top
 
Posted
Rating:
#75501
Avatar

Community saint

When I had my forum on SMF I was removing at least 100 new spam registrations every month. Most of those were just link spammers adding spam links to their profiles. Then I added 'MOD httpBL' and 'Akismet' mods and life became so much easier.

Fast forward to ocPortal… I still see a lot of attempts to register but it appears most are caught by the captcha. Those, I believe, are bots trying to register, and the few that do get through, are more than likely to be human.

To combat those few, I put all new members in a very restrictive usergroup. I don't allow them access to edit their signature or title, and all posts require validation. I basically restrict any area they may be able to supply a spam link or gain points through activity. Once they reach 50 points they lose the restrictions.

This works well for my forum since it has low activity and is a niche forum. My forum pertains to a programming language for Linux so I know almost immediately by their OS of choice and browser fingerprint if they are a spammer. Plus most spammers will show themselves fairly quickly after registering and try to access their profiles.

But yeah, something to check against a spam database like this one, stopforumspam.com would be a huge help.

Something else that would help is a function to automatically remove unvalidated registrations after so many days. On the old SMF spammers loved to create accounts and not validate them for many months or would validate them and let them sit dormant for several months and come later to add spam links to their profiles.

I wrote a small database app to track spam activity on my forum and learned most spam registrations are done from three (or more) IP locations in three steps; registration, activation, spamming. Since the spamming part was the most "hazardous" part, they more than likely use a disposable IP and didn't care if it was banned. Since I was tracking them I could catch the other IPs they used for registration and activation and would ban that number. Those IP numbers were much more difficult to catch though.

Sorry for the long post.  :$

Steve
Back to the top
 
Posted
Rating:
#75503
Avatar

Well-settled

Hey,

That is some pretty good info there. Thank you!

I am pretty sure the ones that get into my ocPortal site are bots. It looks like bot stuff to me. I haven't custom programmed anything for it.

That plugin I linked in my post has httpBL, stopforumspam and askimet and many many others. It also has a IP blacklisting and whitelisting abilities.

I believe with this plugin I actually only had to use the httpBL and match captcha to eliminate all spam on my sites. I am not even sure I use the bad behaviour anymore.

It has quite a number of very cool features I would love to see in ocPortal some day. I would code it myself if I could but I am pretty busy right now.

Ryan
Back to the top
 
Posted
Rating:
#75505
Avatar

Community saint

I am getting hit every day with what appears to be hackers/spammers from Russia and the Ukraine. I would normally just block all the IP addresses for these countries but Russia happens to be a hot market for western art right now.

I am tempted to ban them individually but they are spoofing IP addresses. It would be nice to have ocPortal check against existing spammer databases.

One other change I'd like to see is a ban button on the "Investigate user page" - you have all the information in front of you making it easy to make the decision without having to go elsewhere.

Bob
Back to the top
 
Posted
Rating:
#75548
Avatar

Well-settled

I have been having this same problem in the last 4 days

BobS said

I am getting hit every day with what appears to be hackers/spammers from Russia and the Ukraine. I would normally just block all the IP addresses for these countries but Russia happens to be a hot market for western art right now.

I am tempted to ban them individually but they are spoofing IP addresses. It would be nice to have ocPortal check against existing spammer databases.

One other change I'd like to see is a ban button on the "Investigate user page" - you have all the information in front of you making it easy to make the decision without having to go elsewhere.

Bob


I have been having this exact same problem in the last 4 days and have bee blocking the IP's as you have and it is abit of a pain
So +1 for your suggested change. ;)

Making games is fun…having people play them is the reward!
Back to the top
 
Posted
Rating:
#75622
Avatar

Community saint

We really need a ban button on the investigate user page. Now I investigate,copy the IP, switch to the Ban IP page, paste then save. That's a lot of steps that the ban button on the investigate user page would replace.

Bob
Back to the top
 
Posted
Rating:
#75638
Avatar

Fan in training

Always try to take a dedicated server for your websites. User name and passwords keep secret so nobody can enter in your server without your permission…


I am mentioning here some tips to save your website from hackers…
10 ways to Secure your Website from Hackers | Your Online Security Authority Blog

White pixels is a web design and development firm which provides cheap search engine optimization service..
Back to the top
 
Posted
Rating:
#75720
Avatar

Fan in action

 

sholzy said

To combat those few, I put all new members in a very restrictive usergroup. I don't allow them access to edit their signature or title, and all posts require validation. I basically restrict any area they may be able to supply a spam link or gain points through activity. Once they reach 50 points they lose the restrictions.


I know this does not apply to your target user group Sholzy, but the downside to the above is when starting a new forum and recruiting new members. More turn away than those who stay and become committed due to the hassle. Most of your top producing members and even staff signed up to respond and got hooked. Taking the ability to sign up and post also takes away the great potential of a good future member, or staff for that matter.
 
Some options to consider are:

Restricting a new member's user group to, limiting them to 5-10 posts per day till they reach the next level. Emphasizing member titles as the incentive. Although this fad seems to be tapering as I do not think many members celebrate the day they jump user levels as they did 4-5 years ago.

As said above, blocking! Blocking words such as (forgive me here) pills, penis, and other common spammer lingo or phrases right from the start helps prevent the spam that does gets through from really showing up.  Sholzy brought up a great source, stopforumspam.com. Besides adding the one that still show up from time to time, you can restrict user names, e-mails and IP of the top sites when building a new community.        
 
 
Wish a person could figure out how to harness spam and use it as a positive. A good portion of spam today I believe is cheaply hired "human" bots anyways. If a person could find the source, up the ante a nickel or two and hire these people to write some kind of content of any nature, just imagine the exposure this site would generate lol!  

"You Can't Always Get What You Want"
Mick Jagger, Rolling Stones: 1969~Let It Bleed Album 
Back to the top
 
Posted
Rating:
#75721
Avatar

Community saint

I just wish the developers would integrate support for a spam database site along with a convenient "Ban" button on the investigate user page.

Bob
Back to the top
 
Posted
Rating:
#75723
Avatar

Fan in action

BobS said

I just wish the developers would integrate support for a spam database site along with a convenient "Ban" button on the investigate user page.

Bob

Like my sig says Bob lol! Although if you try some times, you will get whatcha need.  ;)


"You Can't Always Get What You Want"
Mick Jagger, Rolling Stones: 1969~Let It Bleed Album 
Back to the top
 
Posted
Rating:
#75725
Avatar

Community saint

I am just frustrated as I seem tone spending significant amount of time each day to deal with would-be spammers.

Fortunately, their work-arounds don't seem to be working well and I have yet to have someone join to post spam. I consider that a testament to ocPortal's good design (cause it's pretty obvious they are trying to break through some back door) but it would be nice to see integration with some spam database, especially at the time someone joins.

What would be doubly nice is the ability to add someone to the database through an API when banned on ocPortal.

Bob
Back to the top
 
Posted
Rating:
#75726
Avatar

Where is the spam going, and why is there no CAPTCHA stopping it, or was the CAPTCHA broken? If the CAPTCHA was broken, have you tried the unofficial new version enablable via OcCLE?


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#75729
Avatar

Well-settled

In my case the spam is being sent through the contact form, and into the comments. I have CAPTCHA enabled everywhere so I am not sure what's going on. But it shows up in the contact forum and I have to go in there and delete them. I decided just to disable comments for now.
Back to the top
 
Posted
Rating:
#75730
Avatar

have you tried the unofficial new version enablable via OcCLE?


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#75736
Avatar

Well-settled

I pasted this into my OcCLE to test:

View topic: Recommend problem. - ocPortal

Thanks Chris =)
Back to the top
 
Posted
Rating:
#75740
Avatar

Community saint

TY2U said

In my case the spam is being sent through the contact form..

I'm getting the one spam attempt every few days on the contact form , and all from a well known IP:  109.230.220.240 .

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#75741
Avatar

Community saint

temp-

I'd give anything for it to be just one. I've been hit  with different IPs from Russia, Ukraine, Latvia and now Serbia is in play. Plus the occasional attempt from China and Singapore.

I can only guess that because of the nude paintings they think it might be fertile ground for porn. Fortunately, no one has managed to get anything posted yet.

Bob
Back to the top
 
Posted
Rating:
#75742
Avatar

Community saint

BobS said

I can only guess that because of the nude paintings they think it might be fertile ground for porn
I seriously doubt that's the reason.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#75775
Avatar

Community saint

Captain Kirk said

 

sholzy said

To combat those few, I put all new members in a very restrictive usergroup. I don't allow them access to edit their signature or title, and all posts require validation. I basically restrict any area they may be able to supply a spam link or gain points through activity. Once they reach 50 points they lose the restrictions.

I know this does not apply to your target user group Sholzy, but the downside to the above is when starting a new forum and recruiting new members. More turn away than those who stay and become committed due to the hassle. Most of your top producing members and even staff signed up to respond and got hooked. Taking the ability to sign up and post also takes away the great potential of a good future member, or staff for that matter.
Actually, I've never had a complaint yet about using the "restricted" user approach or using CAPTCHA. A few have even praised me for taking an active approach to eliminating about 99.9% of any possibility of spam. I think members actually understand and don't really mind the extra step they must go through for their first post or two, especially when it was clearly explained at sign up as to why it was being done. I think the only ones upset are the spammers because I wasted their valuable time going through the sign up process only to be stopped from being able to do anything. I have also not allowed any unvalidated registration to go more than 5 days before it gets deleted.

I started this policy about 4 weeks ago and it appears all human spammers have stopped visiting my site. Bots are still visiting but seem to be stopped by the CAPTCHA. Two things I've notice (through tracking), spammers went straight to their profiles to add spam links in their signatures, and they would leave registrations unvalidated for weeks or months before coming back to activate their accounts and start their spamming.

Legitimate member registration has stayed about the same. So until I get complaints, or a better system of stopping spammers is added to the registration process, I'll stay with what works for my forum.

Captain Kirk said

Some options to consider are:

Restricting a new member's user group to, limiting them to 5-10 posts per day till they reach the next level. Emphasizing member titles as the incentive. Although this fad seems to be tapering as I do not think many members celebrate the day they jump user levels as they did 4-5 years ago.
I don't think this is an option in ocPortal since ranks are based on points. In my opinion, allowing just one spam post is too many. On a busy board 5-10 spam posts per spam account might not get caught quickly unless you have moderators active 24/7 on the board, and if you do, then restricting the first few posts of a new member for validation would be no more difficult.

On my boards, spammers try mostly to create spam links in their profiles which can go under the radar for a long time before being caught. It's been over a year since I had any content spammers and that was while my boards were on SMF. I had 2 or 3 spammers get through and made several hundred posts before getting caught. Once those IPs were banned I never had a problem again. That is the reason I installed the mods mentioned in the previous post.

Captain Kirk said

 
As said above, blocking! Blocking words such as (forgive me here) pills, penis, and other common spammer lingo or phrases right from the start helps prevent the spam that does gets through from really showing up.  Sholzy brought up a great source, stopforumspam.com. Besides adding the one that still show up from time to time, you can restrict user names, e-mails and IP of the top sites when building a new community.
Even blocking key words can be difficult because spammers are always trying new ways of spelling to get through the filters (think of all those emails you get pushing \/iagra).

The best way of reducing, if not eliminating, spammers is using a spam database and checking your members against it.

Captain Kirk said

  
Wish a person could figure out how to harness spam and use it as a positive. A good portion of spam today I believe is cheaply hired "human" bots anyways. If a person could find the source, up the ante a nickel or two and hire these people to write some kind of content of any nature, just imagine the exposure this site would generate lol!  
Which choice do you think an "SEO specialist" would take: making $1 per link spam (created in less than 1 minute) or making $1.50 per post writing valid content taking about 2-3 minutes?

[Note: When attempting to submit this post, the forum filter caught one word in my post as spam and denied my post. I changed one letter in that word and it went through with no problems. Can you spot the word?

This is a good example why word filters will catch just a small portion of spam, and you have to continually update the word filter.]

Steve
Back to the top
 
Posted
Rating:
#75905
Avatar

Community saint

In an interesting aside, it seems that Google Analytics ignores hits from IPs that have been identified as spammers. At least, I can find no evidence of them when looking by location and the increased visits do not cover the additional hits from these guys.

I am getting fed up with it and am giving serious consideration to just nuking the IP addresses froRussia, Ukraine and Latvia. So far, I can handle the others on an exception basis. On throne hand I hate to do this (especially since Russia is a good market for Western art) but on the other hand I would probably not be losing much since the site is not localized for Russia.

What to do, what to do?

Bob
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Expand