Forums

yellow

Hey I have a forum on a site I run however am having trouble with the amount of porn links that are being posted up on the site daily!! Is there any way I can stop these links from being posted or even reduce such threads??


Appreciate any help

axer

What forum software are you using?

phpBB2/3?

If yes, then switch to Simple Machines Forum (SMF) software if you want free forum software or to vBulliten if you are willing to pay (74 euro a year).

If you were using free forum software and do not have a very active forum then I suggest SMF. I had phpBB2 installed on a website that received at least 2 porn spam links a day and countless bot sign-ups for about a year. I then switched to SMF and havent received 1 piece of spam or spammer sign-up (I can tell by the email address).

Rollo Tamasi

Switching forum software may reduce the occurrence of the problem but it's not going to solve the problem.

It all depends on which forum you're using.
First of all, make sure you are using the most updated version of your client.
Are you enforcing email verifications on sign up for new users?

Then google 'Anti Spam plugins 'forum name''
This is PHPBB's top hit.

I have a few posts on spam fighting in vbulletin on my blog which you may find useful.

mneylon

Blocking certain domains like yandex.ru from signing up can help as well

I think Cormac has a few posts on that somewhere as well ...

squibs

I use this http://phpbb.mwegner.de/anti-bot-question-mod/
on phpbb2. My forums were innundated before the change (even with the captcha image). I haven't had a single bad post or reg since applying it (on 2 forums), though I've had several hundred failed attempts.

It's a little scary to install - I used easymod, which did everything except issue the sql statements. I did that bit myself, and it worked fine. Only relevant if you are on phpbb2. phpbb3 RC4 is out at the mo. I haven't checked it out much yet as I'll wait for he release and then the first bug fix before switching over, but I'm guessing there are some ant-spam features in there.

CuLT

I upgraded to a beta version of phpBB3 (from phpBB2) a good while back and haven't had any spam accounts sign up since (was deleting ten-fifteen per week before that).

axer

Rollo Tamasi wrote:

Switching forum software may reduce the occurrence of the problem but it's not going to solve the problem.

I dont understand why not? I switched from phpBB2 to SMF at the start of April and haven't had 1 signup by a bot nor any spam posts. phpBB will always be a huge target for spammers due to its popularity (which I cannot understand when smf has more features, is more secure and easier to use).

miju

i still use phpBB2 on quite a few sites and have no problems with spam. if they are configured properly and with some security add ons such as catchpa / not letting unregged users / users with unconfirmed emails post it completely eradicates all spam on the forum in my long experience of phpBB

course the other added advantage of phpBB is that its very customizable to the extent that you can turn it inot a complete CMS like joomla if you want as well as adding all sorts of add-ons and hacks many of which are at phpbbhacks.com

Rollo Tamasi

axer wrote:

I dont understand why not? I switched from phpBB2 to SMF at the start of April and haven't had 1 signup by a bot nor any spam posts. phpBB will always be a huge target for spammers due to its popularity (which I cannot understand when smf has more features, is more secure and easier to use).

The fact of the matter is that spam exists and you're going to have to 'plug' any potential holes with which ever forum software you use. Vbulletin, PHPBB3, SMF are all open to spam.

The OP shouldn't have to move to a different forum just because of spam. There are dozens of plugins and add-ons which can prevent spam on which ever client he uses. It's just a matter of the OP being educated about what measures he can take to fight spam.

CuLT

miju wrote:

i still use phpBB2 on quite a few sites and have no problems with spam. if they are configured properly and with some security add ons such as catchpa / not letting unregged users / users with unconfirmed emails post it completely eradicates all spam on the forum in my long experience of phpBB

course the other added advantage of phpBB is that its very customizable to the extent that you can turn it inot a complete CMS like joomla if you want as well as adding all sorts of add-ons and hacks many of which are at phpbbhacks.com

Diehard phpBB users always talk about how if you install a million and one hacks and mods it brings it up to a usable level; the fact of the matter is that you shouldn't have to do this.

ethernet

yellow wrote:

Hey I have a forum on a site I run however am having trouble with the amount of porn links that are being posted up on the site daily!! Is there any way I can stop these links from being posted or even reduce such threads??


Appreciate any help

As a quick fix [certainly not the best] until you find a better solution, you could create an IP blacklist. Something like this would do the trick:

[PHP]
$banned = array(
"X.X.X.X", // insert blacklisted IP addresses into array
"Y.Y.Y.Y",
);

if (in_array($_SERVER, $banned)) {
header("Location: error.php"); // give some error message
exit();
}
[/PHP]

miju

CuLT wrote:

Diehard phpBB users always talk about how if you install a million and one hacks and mods it brings it up to a usable level; the fact of the matter is that you shouldn't have to do this.

correct you shouldnt i was referring to the various add-ons for extra security and features if you feel you need it. You'll also notice in the first part of my post i didnt mention any add-ons that dont already come with the bog standard clean install version of phpBB that works perfectly against all spam.

next time try not to jump down someones throat so quick

miju wrote:

if they are configured properly and with some security add ons such as catchpa / not letting unregged users / users with unconfirmed emails post it completely eradicates all spam on the forum in my long experience of phpBB

Rollo Tamasi

miju wrote:

next time try not to jump down someones throat so quick

Is that directed at myself or Cult?

axer

miju wrote:

i still use phpBB2 on quite a few sites and have no problems with spam. if they are configured properly and with some security add ons such as catchpa / not letting unregged users / users with unconfirmed emails post it completely eradicates all spam on the forum in my long experience of phpBB

I had phpbb2 running for a year and had enabled catchpa / not letting unregged users / users with unconfirmed emails.

The catchpa seemed to be broken easily by bots as there were a huge amount of signups by .ru addresses etc. At least 33% of those bots that signed up confirmed their email addresses.

I do not believe that there are any other security options in a bog standard install other than administrator appoval of new sign ups which would be a pain in the a$$ and counter productive to getting a forum active.

The OP hasn't confirmed what forum software he/she is using yet though but if he/she is using phpBB2 or phpBB3 then I still recommend he/she migrate to SMF instead unless they are using a custom template or hacks that they cannot easily port.

miju wrote:

course the other added advantage of phpBB is that its very customizable to the extent that you can turn it inot a complete CMS like joomla if you want as well as adding all sorts of add-ons and hacks many of which are at phpbbhacks.com

Using phpBB hacks makes it very time consuming to upgrade the forum software.

Rollo Tamasi wrote:

The fact of the matter is that spam exists and you're going to have to 'plug' any potential holes with which ever forum software you use. Vbulletin, PHPBB3, SMF are all open to spam.

Alot of other forum software comes more secure in its initial install than phpBB and that is why I would recommend the OP change if it is phpBB they are currently using. Why try patch up bad software when more secure software can be installed in its place?

Rollo Tamasi wrote:

The OP shouldn't have to move to a different forum just because of spam. There are dozens of plugins and add-ons which can prevent spam on which ever client he uses. It's just a matter of the OP being educated about what measures he can take to fight spam.

If the OP is using forum software with a bad security record and one that is prone to being targeted by spam bots then it is a good idea to change forum software. It is very easy to migrate from phpBB to SMF for example as there are migration scripts that make the changes to the database automatically.

miju

wasnt direct at you Rollo was a reply to Cults post about die hard phpBB users

Liam Byrne

The inbuilt captcha in phpBB can be easily bypassed, but there's a replacement plugin available that works wonders.....

CuLT

miju wrote:

wasnt direct at you Rollo was a reply to Cults post about die hard phpBB users

Err, where was I jumping down your throat? It was a perfectly level, valid reply. Might want to take some of your own advice there miju, if you get your back up over someone pointing out the common knowledge that phpBB2 has glaring security vulnerabilites and has very poor features compared to more modern software.

Hell phpBB2 isn't even being developed anymore, just buxfixed.

Rollo Tamasi

As Liam says, the captcha can be easily cracked but this isn't exclusively an issue with PHPBB. From my own experience with forums, I find captchas to be a rubbish form of defense against spam.

Challenge-Response authentication is the best method against spam signups.
CRA is when a question such as 'What is 6+4?' is asked, obviously a bot can't answer this question as he comes pre supplied with an answer sheet for all form information, and of course with a captcha cracker.