Announcement

Announcement Module
Collapse
No announcement yet.

How to STOP Spam Bots !!

Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to STOP Spam Bots !!

    I, like many others, was getting very fed up with the spammers. I tried all the recommended options.
    1. To post on my site you have to register.
    2. Activated email verification
    3. Activate Image Verification
    4. Banned 'free' email domains many spammers use
    5. To post they have to type in the image verification image.
    6. I stopped showing the option to use [urlwww.here.html[/url] and still they managed to post with their spam links

    Even with all this I was still getting about 20 post per week with their spam URLS's.

    All the above options made it very unfriendly for people to post, and has not many people posted anyway, this meant that practically no one did.
    What I have done is to install the Plugin http://www.vbulletin.org/forum/showthread.php?t=124828 which means that I can set a question for which people have to answer. The questions can be anything you want and you can have mutiple answers so you
    can cater for any unexpected answers. You could ask the question - name a planet in the solar system and you could have the answers Venus, Mercury, Earth, Mars etc and all would be the correct answer and would allow the poster to proceed. This is as near to impossible for a spam bot to get through, whereas the image verification may eventually be broken. The other beauty of this is that every web site can have it's own question and answer (s) so this makes it even more difficult for the spam bots to break this plugin.

    What I then did was to install the Plugin http://www.vbulletin.org/forum/showthread.php?t=123002 and, IF, anyone manages to post then are unable to post a live link. This has options to set up which means that the poster has to have posted 10 times before they can post a live link, or 3 or 4 or whatever. You can select different usergroups to be restricted, so that some usergroups can still post live links. I have set up an usergroup which is not selectabe on my forum board as not being restricted and when I am happy that they are kosher I transfer these users to this new group.

    With the above in place I have not received one spam post in the last 4 weeks, and this is spite of the fact that posters do not even have to register any more, they do not have to wait for email verification, nor do they have to type in the image verification, which can be hard to read, all they do is to answer the question.

    This seems too good to be true but this has worked wonderfully. I do know that the spam bots are still coming to my site by looking at 'Who's Online' I can see them bashing at the door but they can't get in. If you take a look at the image of my Who's Online you will five (5) spam bots trying to get in, from ARGENTINA, DENMARK, BRAZIL and two other unknowns, all trying to register or post.

    I have never put a plugin on my site before but I was astonished how easy it was. I thoughly recommend you consider doing what I have done.
    Attached Files

  • #2
    I have the same problem. I run a security related board and those bots came to advertise phising urls for paypal. It seems that the most of the traffic comes from a .de ip range assigned to:

    inetnum: 84.19.176.0 - 84.19.191.255
    netname: DE-KEYWEB-II
    descr: Keyweb AG IP Network
    country: DE

    (according to the ripe).

    I do have e-mail verification active, I do have image verification active, yet they keep manage to get their profiles created. I'll give it a try, hopefully it works.

    robinantill: be aware of those visitors who try to post, use the index.php in the archive folder or the poll.php file. They try to somehow use malware. Take a look at the picture (it's long ago, but it will give you an idea)
    http://www.vbulletin.com/forum/attac...3&d=1138096857

    Recently, I found via such strange links, malicious activity from an ip coming from Finland, belonging to a company who's computers were compromised, probably part of a botnet. In short, the "visitors" were trying to execute viruses: Perl/Shellbot.B trojan and PHP/Rst.G trojan.

    For example: http://www.sophos.com/security/analy...jrstdoora.html
    (PHP/Rst.G trojan - the name given for malware PHP/Rst.G trojan is Troj/RSTDoor-A)

    I reported the incident to F-Secure and they back to Cert-FI.

    Comment


    • #3
      Need Help to prevent spamming

      Dear Experts,

      I run a forum on my www.aorticdissection.com site and I am getting 20+ emails a day from bogus idiots trying to sign up. I made it so you can't sign up without me approving it, but I want to prevent these idiots from spamming my site so the real folks who want to chat w/other AD victims can. It fills up my VB site for me as I have all these pending requests that are just spam.

      I would be interested in help and also to upgrade my site to the latest version.

      Thanks,
      Brian

      Comment


      • #4
        Hi,
        I would suggest very strongly that you do what I did at the start of this thread. Since I have done this, 5 months ago, i have had NO spam at all, and people are still able to post without problems.
        Regards,
        Robin

        Comment

        Working...
        X