Spam
Moderator: General Moderators
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
Re: Spam
Ummmm...^^^^^^^What does a spambot post look like? Cute signature, by the way.
I would swear with only two posts and a signature for backlinks you were spamming the forums.
Re: Spam
Just report an spam usign the report button, and we'll nuke ASAP
Re: Spam
The stuff that's posted during "UK hours" is normally deleted by me, but I'm away at the moment so I've not been deleting any. It'll return to normal next week when I get back home. But then a few weeks after that it might get worse again because I'm off again. It's a rollercoaster ride!
Re: Spam
Fortunately, it's been done before - http://www.eadz.co.nz/blog/article/phpbb-akismet.html
Re: Spam
We have bot-like-humans here:
search.php?author_id=43668&sr=posts
search.php?author_id=43668&sr=posts
There are 10 types of people in this world, those who understand binary and those who don't
- volomike
- Forum Regular
- Posts: 633
- Joined: Wed Jan 16, 2008 9:04 am
- Location: Myrtle Beach, South Carolina, USA
Re: Spam
I would reason to bet they have a script that works against a normal phpBB installation. It does this by looking at tags in the HTML, parsing, and then filling out the fields to get a registration ID, and then spamming.
Ding-ding-ding! I have a solution!
Just take the registration's password field tag, and change it up slightly. If that means changing the form posting page code a little to handle a new field name, then do so. See if that helps. If that doesn't help, then go the next step and change the forum message posting field tag.
For instance, if the password field on the registration form is named "password", then change it to like "psword". Of course, that breaks the application logic, so you have to see where the form posts and edit that form. Look for the $_POST['password'] line and change it to $_POST['psword'].
The only other opportunity is to switch the CAPTCHA logic out with something non-standard. In other words, change the registration's captcha so that it's not the one out of the box, because the spambots have figured out how to hack through that somehow -- probably through a long series of tests.
Ding-ding-ding! I have a solution!
Just take the registration's password field tag, and change it up slightly. If that means changing the form posting page code a little to handle a new field name, then do so. See if that helps. If that doesn't help, then go the next step and change the forum message posting field tag.
For instance, if the password field on the registration form is named "password", then change it to like "psword". Of course, that breaks the application logic, so you have to see where the form posts and edit that form. Look for the $_POST['password'] line and change it to $_POST['psword'].
The only other opportunity is to switch the CAPTCHA logic out with something non-standard. In other words, change the registration's captcha so that it's not the one out of the box, because the spambots have figured out how to hack through that somehow -- probably through a long series of tests.