Thursday, August 17. 2006
PHPBB Fake Members
Trackbacks
Trackback specific URI for this entry
No Trackbacks
Comments
Display comments as
(Linear | Threaded)
I'm running into the same problem, its getting rediculous, and to search the phpbb forum for mods is almost as fun as all the spam. i was about to give up but i found this post; http://www.phpbb.com/phpBB/viewtopic.php?t=427852 So now i have removed websites from the memberlist, only active members are showing from the memberlist, and most handy of all is the toolkit http://starfoxtj.no-ip.com/phpbb/toolkit/ which lets you quickly and easily admin all users at once, very handy.
its a shame we have to go through all of this ...
its a shame we have to go through all of this ...
Anti-spam bots registration
http://www.phpbb.com/phpBB/viewtopic.php?t=396855
This works well, pretty much killed 95 % of the spam signups
http://www.phpbb.com/phpBB/viewtopic.php?t=396855
This works well, pretty much killed 95 % of the spam signups
I wrote a Remove inactive script that drops into the admin panel. Shows username and webaddy and date registered.
You can click on delete user to delete them. So far works well. Email me at jurdenbr@hotmail.com if you need a copy.
You can click on delete user to delete them. So far works well. Email me at jurdenbr@hotmail.com if you need a copy.
Here is link to code for anyone to use, modify etc. If you make a major improvement, email me the new one: jurdenbr@hotmail.com
http://www.shsu.edu/~jeb017/admin_remove_Inactive.txt
http://www.shsu.edu/~jeb017/admin_remove_Inactive.txt
I just google the names that sign onto my phpbb site, and some of these are on loads of sites so I simply delete these "users", these bots aren't very sophisticated they use the same name on many sites. Also I removed the website entry so they can't promote their sites. Maybe I will ban all users with .ru.
I don't guess you could explain how to set that Cron job up for those of us that don't what they are doing when it comes to cron...
OK, I wrote up a description of how I did this, with code:
http://boonedocks.net/mike/archives/134-PHPBB-Inactive-Member-Removal-Cron-Job.html
http://boonedocks.net/mike/archives/134-PHPBB-Inactive-Member-Removal-Cron-Job.html
I recently turned my writers site into a forum using phpbb and oh boy do I now realize what spam is! I'm needing help with some difficulties
I've closed my forum so that no one bar members can post - you have to fill in those little numbers now
My question is how do I delete people from my members list who have registed previously but who are only spaming.
Many thanks
Kevin.
I've closed my forum so that no one bar members can post - you have to fill in those little numbers now
My question is how do I delete people from my members list who have registed previously but who are only spaming.
Many thanks
Kevin.
If the spammers have activated and posted to your website, it's difficult to weed them out. You'll have to do it manually. You can use the Manage Users part of the Admin panel, or I think there's an extension which will let you delete members directly from the memberlist. But I can't recall its name.
What I'd like to see is the ability to show the Memberlist only to users that were logged in to the forum. Wouldn't this then prevent the search engines from seeing and indexing the Memberlist links?
Therefore, problem solved, as spammers will have no value in joining our phpBB forums and adding their links.
Problem is I don't know how to do this. Maybe someone technical can help?
Therefore, problem solved, as spammers will have no value in joining our phpBB forums and adding their links.
Problem is I don't know how to do this. Maybe someone technical can help?
This will keep search engines from indexing the members (though it shows all the members, not just who is logged in):
http://boonedocks.net/mike/archives/70-PHPBB-Member-List-Link-Spam-Part-2.html
However, it won't deter spammers from trying. For that I delete inactive members.
http://boonedocks.net/mike/archives/134-PHPBB-Inactive-Member-Removal-Cron-Job.html
http://boonedocks.net/mike/archives/70-PHPBB-Member-List-Link-Spam-Part-2.html
However, it won't deter spammers from trying. For that I delete inactive members.
http://boonedocks.net/mike/archives/134-PHPBB-Inactive-Member-Removal-Cron-Job.html
I found out how to set your phpBB forum so that the Memberlist and the User Profiles are shown only to logged in users. Someone showed how to do it on the phpBB Support Forums. See:
http://www.phpbb.com/phpBB/viewtopic.php?p=2120944
This simple mod will stop the spammers' links from being crawled by Google and other robots, and therefore it totally destroys the point of spamming phpBB forums.
http://www.phpbb.com/phpBB/viewtopic.php?p=2120944
This simple mod will stop the spammers' links from being crawled by Google and other robots, and therefore it totally destroys the point of spamming phpBB forums.
A solution like this will still not prevent the spam bots from trying to create bogus accounts. They run bots to do this task and hit sites by the thousands, so they don't care if it doesn't work on one site. They'll still try.
Also, a lot more spammers these days are actively trying to post content into the forums, not just get their spam link into the member list. So you'll still have that problem to deal with too.
Soon I hope to detail a simple method for preventing spam accounts that has been working for me for nearly a month now.
Also, a lot more spammers these days are actively trying to post content into the forums, not just get their spam link into the member list. So you'll still have that problem to deal with too.
Soon I hope to detail a simple method for preventing spam accounts that has been working for me for nearly a month now.
Has anyone made a cron job to delete spam with sql and keywords?
For example most of the spam i get is about diaries and pills - i would love to just have them removed every 5 minutes by cron and then I wouldnt have to bother with it...
For example most of the spam i get is about diaries and pills - i would love to just have them removed every 5 minutes by cron and then I wouldnt have to bother with it...
I'm not aware of such a script, but I'm thinking it would probably be easier to add a mod to the PHPBB code to prevent the use of certain keywords in forum posts. Then you don't have to worry about cleaning up the whole database.
Wrong! You need to clean up groups and user_group tables as well.
I believe the first comment to your more recent post details the correct method.
I believe the first comment to your more recent post details the correct method.
Yes, I need to update this post and the other post. For now, see this link:
http://boonedocks.net/mike/archives/134-PHPBB-Inactive-Member-Removal-Cron-Job.html#c188
http://boonedocks.net/mike/archives/134-PHPBB-Inactive-Member-Removal-Cron-Job.html#c188
I wonder this. What if you were to add to the COPPA something that stated that any account created that advertises a commercial website, that commercial website agrees to pay for the service of using your webpage for their advertising needs. You will keep the webpage/user account listed for a total of one month of which if you have not received payment for this service you will discontinue the account by deleting it but the charges are not waived they merely stop accruing usage charges and start accruing interest and penalty charges for non-payment. Then you “who-is” the website and send bills to their mailing address and after 3 months of non-payment you report this to all 3 credit bureaus and basically make it so that the company/owners lose all credibility and furthermore are subject to legal action to recover compensation for the service they agreed to pay for when they clicked “agree” on your webpage. I think a fair fee to list a commercial webpage on my message board would be about $1300 per month and penalties of 15% of total balance per month after non-payment and 9% interest on principal owed. That’s a pretty good interest rate by todays standards. So if a company fails to pay within a years time I believe they would owe 10k+ so if you times that times the 100’s of spam accounts you should be able to generate about $1,000,000 in owed income per year of which I would think an attorney would take interest in pursuing. Perhaps a company might say they were not responsible for creating these chargeable spam accounts but it would be very hard to prove that they didn’t when you have 200 message board operators all with the same account information and unpaid bills, I don’t even think you would need to get to the ip logs in this scenario to validate the debts. Could you imagine 200 class action lawsuits against 200 companies that owe 1000 message board administrators $10k each. I think the dollar amount gets into the billions in this scenario. So why cant we do this, now days when you click agree on a webpage you are legally obligated so why not???? Any lawyers out there care to articulate why this would or would not work?
We should stop resorting to evasive tactics that these spammers keep overcoming and hit them where it really hurts, in the pocketbook. I would imagine after a few successful lawsuits there would be substantially less spam accounts on message boards, it just wouldn’t be worth it.
We should stop resorting to evasive tactics that these spammers keep overcoming and hit them where it really hurts, in the pocketbook. I would imagine after a few successful lawsuits there would be substantially less spam accounts on message boards, it just wouldn’t be worth it.
Well, someone is welcome to try that approach, but I think they would find it nearly impossible to find a valid address to bill. Spam website domains are notorious for providing false WHOIS data, and some even use WHOIS privacy services. Add to this that a lot of spammers are overseas and I think this plan would not be enforceable. But like I said, someone feel free to try.
