PHPBB Member List Link Spam Part 2
Back in November I detailed a method for preventing the majority of automated “linkspam” accounts being created in PHPBB message boards. At the time I wrote “it can’t prevent someone from signing up with a junk link manually.” I figured that no spammer had the time to sign up to forums manually. Well, I was wrong. Some of these people apparently have plenty of time on their hands. I guess when someone takes the time out to send me spam over my personal web page contact form, it shouldn’t surprise me that they’ll use bulletin board software as well.
Just today I removed an bogus account linking to portale-erotico.com. I checked my logs and the user had found my site via Google Italy, doing a search for “general forum”. That user then manually went to the trouble of creating an account. The user had the IP address of 184.108.40.206 which links to a dial-up account in Italy. Doing a Google search on the linked domain shows several other PHPBB sites that have member accounts linking to that site.
That guy was a one-time deal, so far. I’ve had a bigger problem with someone promoting chi-origin.be. This person creates accounts like someword1234 where the word and number change, but the number always seems to be four digits. Then they list bogus locations and interests, etc., which also seem to change between attempts. I’ve had to delete these accounts 4 or 5 times already, and I’ve yet to track the IP, but I’ll find that out if they do it again. One time the spammer even took it upon himself to send private messages promoting that domain to other members on the site.
I did a Google search on that domain and again, it shows several sites that have fake accounts promoting that domain. I even found another forum (written in Latin!) where someone else was getting private message spammed by them too.
The chi-origin.be domain is hosted in the US, and I complained to the web provider, probably to no avail. I also wrote a complaint to Google.
I’m not sure how to best deal with this kind of spammer, though I’m thinking of removing the web link data field entirely.
I hope in the future that the PHPBB authors put “noindex,nofollow” robot meta tags on the member list and member account pages so that these spammers aren’t encouraged to use this tactic. In the meantime, I think I’ll set that tag on my pages just for good measure.
Here’s how I set the tag…I hope it’s correct:
In both memberlist.php and includes/usercpviewprofile.php, just above this line:
include($phpbbrootpath . ‘includes/pageheader.’.$phpEx);
I added this:
// MOD BY MIKE TO ADD noindex,nofollow meta tags
$template->assignvars(array('META’=>’<meta name=“robots” content=“noindex,nofollow”>’));
Seems to work! I also added a text note by the Website field in templates/subSilver/profileadd_body.tpl to tell link spammers that the pages they intend to spam are not indexed by search engines.