Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?

Forum spam made chaos

Asked Modified Viewed 10,441 times
P
pete2009
P
wiring guide,wiring diagrams,consumer unit,photos,movies.- www.aboutelectricity.co.uk
  • Junior Member, joined since
  • Contributed 32 posts on the community forums.
  • Started 19 threads in the forums
  • Started this discussions
asked
Junior Member

Hi
Recently some user posted 202 posts (spam) so I deleted him straight away but now all threads are not in order. All his posts dissapeard but all threads are still kind of marked by his post. They are being shown on main forum as last modified but his post were delete with him. So what I have now is posts from 2006 appearing on Newest Threads in Forum Threads panel.

Any idea how to restore order ?
My PHP Fusion ver. is 7.02.04

regards
0 replies

19 posts

W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
answered
Senior Member

This is a known problem, but unfortunately this does not get the attention it deserves. (At least to my knowledge)
0 replies
G
Gamer02
G
  • Newbie, joined since
  • Contributed 1 post on the community forums.
answered
Newbie

You can try out netrixes addon for spam stuff

http://phpfusionmods.com/downloads.php?cat_id=1&download_id=27
0 replies
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
answered
Senior Member

Looks promising, will give that one a try.

For spam protection look here, Protect register.php against proxy registrations.

Soon I will post a modified login.php which will slow down brute force logins.
On my to do list is flood control on failed login attemps.
0 replies
G
gojuryu
G
www.gojuryu.net
Online since 1998 & running PHP-Fusion since 2004
  • Member, joined since
  • Contributed 105 posts on the community forums.
  • Started 16 threads in the forums
answered
Member

I have a different spam problem all together:

Over the weekend I deleted 46000 user names and approximately 85000 spam messages from my forum.

I have since changed the administrator log-in password for the website, the login for the ISP host as well as the password for the SQL Database. This morning I found there were still over 100 new user names in the database, which were not there yesterday. It seems the usernames are created however never show up on the "recent users folder", and then a few hours later they post in the forum.

The only way to catch them before they start posting is to look in the SQL database and sort by "user_joined", then highlight and delete user. This is of course the long way.

I have also just installed the " Protect register.php against proxy registrations" mod, found at http://php-fusion.org/forum/viewthread.php?thread_id=8&pid=13#post_13 to register.php however not sure just how much this will help, if at all because it seems this issue is much more deeply rooted. When I installed this particular mod, there were 19393 users and as of writing this post there are now 19408 leading me to believe that the problem is not proxy registrations.

Any help would be appreciated as I am one of the old school PHPFusion users however my site has constantly been updated and I am using the v7.02.05 release at the moment.

Merged on Oct 02 2012 at 01:19:49:
An update:

[ulist=circle]Note how posts on my site are not revealing the date and time stamp.
The site doesn't seem to be saving Recaptcha Public Key or Recaptcha Private Key
Doesn't save the bad word list
Doesn't save the maintainance message[/ulist]
Edited by gojuryu on 02-10-2012 06:25,
0 replies
Y
younis
Y
younis 10
Steve Younis
Superman Homepage - http://www.SupermanHomepage.com
Christopher Reeve Homepage - http://www.ChrisReeveHomepage.com/
Steve's Stuff - http://www.younis.com.au/
  • Member, joined since
  • Contributed 86 posts on the community forums.
  • Started 28 threads in the forums
answered
Member

I've installed Craig's "Registration Secure Question" mod because I too was having the same problem.

But as I asked Craig in a PM, I'm also going to ask the PHPFusion mods/programmers here... How are these registrations happening?

As it is the PHPFusion registration process has a Captcha test, and also requires someone to click on the activation link that's sent to their email address. So they actually require a working email address to receive the activation email. Yet in the last few days I've seen over a hundred accounts registered (using Hotmail or Outlook.com email addresses) that have somehow successfully gone through this whole registration process over and over again. HOW?

Has someone created a program/bot that can register hundreds of random Hotmail/Outlook email addresses, beat the Fusion Captcha test, automatically click on the activation link, and then post spam on Fusion Message Boards? It seems far fetched.

And if they can do all that, why does the extra step Craig incorporated with this mod work?

It really has me baffled!!
0 replies
N
NetriX
N
NetriX 10
Need help? Having trouble?
» View our Documentation for guides, functions and more - including the Getting Started section!
» Attach Log Files and Screenshots when reporting issues
» My support days are usually Mon-Thurs. Send me a PM if urgent.
  • Senior Member, joined since
  • Contributed 566 posts on the community forums.
  • Started 93 threads in the forums
answered
Senior Member

Programmers can too create recognition systems that can actually read captchas and enter them correctly.

Now this is the whole point of increasing the "letter distortion" in order to go against the bots AI.

For more advanced spamming applications, you have human interactivity in which a user such as you or I can read the captcha first hand and enter allowing the bot to do the rest.

Now once a bot registers, their are no other precautions in place other than the flood control which is easily bypassed.

I have an application currently in development to stop just that, I've actually allowed bot registration to run rapid and with no spam being successful since it's implementation - I'll have further word on it shortly.
0 replies
K
Kamillo
K
------------------------------
PHP-Fusion PL Crew | Spam Cop | My Site
  • Senior Member, joined since
  • Contributed 244 posts on the community forums.
  • Started 23 threads in the forums
answered
Senior Member

Quote

as someone created a program/bot that can register hundreds of random Hotmail/Outlook email addresses, beat the Fusion Captcha test, automatically click on the activation link, and then post spam on Fusion Message Boards? It seems far fetched.

And if they can do all that, why does the extra step Craig incorporated with this mod work?

Well yes it may work. Spammers use software that find common cms features:
register.php site
PHPFusion footer search
shoutbox

Trying to know your enemy, you have to know him.. What I did...
Generally spammers are laughing at PHPFusion developers, cause it's easy to spam. Some improvements proposed were never implemented to 7.xx.xx.

Forget Captcha - its broken.. Try the easy way. I found analysing how spammers work. Try to change easy way, just register.php to your own like matr1x did, it will work -> http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=31460
0 replies
P
PolarFox
P
  • Veteran Member, joined since
  • Contributed 1,633 posts on the community forums.
  • Started 29 threads in the forums
answered
Veteran Member

Yes it's MUCH better than any captcha, so do the trick!
0 replies
W
w2ibc
W
w2ibc 10
\m/ >_< \m/
People Ask Me, "Why is it free?" and I tell them (really slowly) "Because it doesn't cost anything"
  • Junior Member, joined since
  • Contributed 34 posts on the community forums.
  • Started 5 threads in the forums
answered
Junior Member

one thing IMO that will stop alot of the spammers is checking the registration email and ip with stop forums spam db.

used to be an add-on that did this not sure if it works with the current fusion version but in all honesty it should be hard coded into fusion. with the ability when a spammer gets though it can be reported back to the SFS db
0 replies
G
gojuryu
G
www.gojuryu.net
Online since 1998 & running PHP-Fusion since 2004
  • Member, joined since
  • Contributed 105 posts on the community forums.
  • Started 16 threads in the forums
answered
Member

I've made various attempts and found that my Captcha is not appearing. For verification, visit www.gojuryu.net
Edited by gojuryu on 07-08-2014 00:40,
0 replies
J
JoiNNN
J
JoiNNN 10
  • Veteran Member, joined since
  • Contributed 850 posts on the community forums.
  • Started 100 threads in the forums
answered
Veteran Member

Quote

gojuryu wrote:

I've made various attempts and found that my Captcha is not appearing. For verification, visit www.gojuryul.net

Because is not enabled?
0 replies
G
gojuryu
G
www.gojuryu.net
Online since 1998 & running PHP-Fusion since 2004
  • Member, joined since
  • Contributed 105 posts on the community forums.
  • Started 16 threads in the forums
answered
Member

Oh - It's enabled, and I've tried every setting available. Just does not show-up.
http://gojuryu.net/register.php
0 replies
J
JoiNNN
J
JoiNNN 10
  • Veteran Member, joined since
  • Contributed 850 posts on the community forums.
  • Started 100 threads in the forums
answered
Veteran Member

Replace register.php and check Error log.
0 replies
B
BarbJones
B
[commercial sig removed]
  • Newbie, joined since
  • Contributed 1 post on the community forums.
answered
Newbie

We've been receiving similar complaints since from our clients too, where do no reason the captcha seems to be broken and an incredible volume of new registrations are observed. Can someone please suggest what's going on ?

I tried browsing for a solution to this issue and found this thread, can anyone please suggest if it's actually worth giving it a shot. If yeah then I can recommend it to our clients for the time-being.

Any advice would be highly appreciated.
0 replies
P
PolarFox
P
  • Veteran Member, joined since
  • Contributed 1,633 posts on the community forums.
  • Started 29 threads in the forums
answered
Veteran Member

Any mod?
0 replies
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
answered
Senior Member

I have some spam preventing mods on http://php-fusion.org/
0 replies
V
Vyper69
V
Unprecedented Times call for Unprecedented Measures
  • Senior Member, joined since
  • Contributed 551 posts on the community forums.
  • Started 146 threads in the forums
answered
Senior Member

While I was having issues with this, anywhere from 4 to 10 new registrations a day, and they being spam. I started using the Simple Question, and have not had a problem since.
0 replies
— 1 month later —
C
Craig
C
Craig 14
  • Fusioneer, joined since
  • Contributed 4,462 posts on the community forums.
  • Started 212 threads in the forums
answered
Fusioneer

Quote

Vyper69 wrote:

While I was having issues with this, anywhere from 4 to 10 new registrations a day, and they being spam. I started using the Simple Question, and have not had a problem since.


It does cut out a lot of spam, not all spam, you will still get idiots registering.
0 replies
K
Ken
K
Ken 10
No Support by PM. Please use the forum.
  • Senior Member, joined since
  • Contributed 713 posts on the community forums.
  • Started 43 threads in the forums
answered
Senior Member

The email-activation feature is just stupid as it is programmed now. If it did work the bots would not be able to register because the bots use bogus emailadresses. And they ofcourse dont use the activationlink sent to the emailadress because they never get the email. - They register directly without having to use the email-activation thingy, even that it is activated in the settings.
0 replies

Labels

None yet

Statistics

  • Views 0 views
  • Posts 19 posts
  • Votes 0 votes
  • Topic users 14 members

14 participants

Y
Y
younis 10
Steve Younis
Superman Homepage - http://www.SupermanHomepage.com
Christopher Reeve Homepage - http://www.ChrisReeveHomepage.com/
Steve's Stuff - http://www.younis.com.au/
  • Member, joined since
  • Contributed 86 posts on the community forums.
  • Started 28 threads in the forums
K
K
Ken 10
No Support by PM. Please use the forum.
  • Senior Member, joined since
  • Contributed 713 posts on the community forums.
  • Started 43 threads in the forums
G
G
www.gojuryu.net
Online since 1998 & running PHP-Fusion since 2004
  • Member, joined since
  • Contributed 105 posts on the community forums.
  • Started 16 threads in the forums
C
C
Craig 14
  • Fusioneer, joined since
  • Contributed 4,462 posts on the community forums.
  • Started 212 threads in the forums
W
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
N
N
NetriX 10
Need help? Having trouble?
» View our Documentation for guides, functions and more - including the Getting Started section!
» Attach Log Files and Screenshots when reporting issues
» My support days are usually Mon-Thurs. Send me a PM if urgent.
  • Senior Member, joined since
  • Contributed 566 posts on the community forums.
  • Started 93 threads in the forums
P
P
  • Veteran Member, joined since
  • Contributed 1,633 posts on the community forums.
  • Started 29 threads in the forums
K
K
------------------------------
PHP-Fusion PL Crew | Spam Cop | My Site
  • Senior Member, joined since
  • Contributed 244 posts on the community forums.
  • Started 23 threads in the forums
P
P
wiring guide,wiring diagrams,consumer unit,photos,movies.- www.aboutelectricity.co.uk
  • Junior Member, joined since
  • Contributed 32 posts on the community forums.
  • Started 19 threads in the forums
  • Started this discussions
W
W
w2ibc 10
\m/ >_< \m/
People Ask Me, "Why is it free?" and I tell them (really slowly) "Because it doesn't cost anything"
  • Junior Member, joined since
  • Contributed 34 posts on the community forums.
  • Started 5 threads in the forums
G
G
  • Newbie, joined since
  • Contributed 1 post on the community forums.
J
J
JoiNNN 10
  • Veteran Member, joined since
  • Contributed 850 posts on the community forums.
  • Started 100 threads in the forums
V
V
Unprecedented Times call for Unprecedented Measures
  • Senior Member, joined since
  • Contributed 551 posts on the community forums.
  • Started 146 threads in the forums
B
B
[commercial sig removed]
  • Newbie, joined since
  • Contributed 1 post on the community forums.

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet