-
August 2nd, 2009, 10:38 AM
#1
How to control spammers on forums
Hey Guys,
Panda has launched their global forum for which they asked myself to Mod.
http://support.pandasecurity.com/forum
Going good however I am having an issue with spammers and people posting their personal homepages / blogs whatever on every subsection on the forum.
What sort of security can i suggest to stop this sort of thing? Dont know too much how forum security and registering works?
JP: could you give some advice here?
Thanks
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 2nd, 2009, 03:06 PM
#2
I can give you tons of advice, but unfortunately you're not running vBulletin. Your options are considerably more limited with PHP BB. The first thing I can tell you is, virtually all forum spam comes from Asia and former Soviet republics. You'll get a sprinkling of IPs from zombie computers elsewhere, but you'll find the network that runs them is Russian.
I know that there is a spam filter available for that software. I think that would be a good place to start. You probably can't make use of IP blocking because panda won't want to just block all of Asia and much of Eastern Europe.
-
August 2nd, 2009, 03:51 PM
#3
I agree with JP re: IP blocking. We grep logs and update our perimeter router ACLs on a weekly basis. While it's not perfect, it very effective and efficient. The only hassle for us is when we sometimes deal with a vendor or client from overseas, we need to poke a hole for their email traffic. A minor nuisance compared with the benefits of blocking the spam at the perimeter.
CSR
In God We Trust....Everything else we backup.
-
August 2nd, 2009, 03:53 PM
#4
I forgot to mention Nigeria. All cellphone/handheld spam comes from there.
-
August 2nd, 2009, 04:00 PM
#5
Greetz.
Maybe take a look over at stopforumspam.com they have a phpBB2 API, from memory it isn't hard to update to phpBB3.
Also take a look at http://caca.zoy.org/wiki/PWNtcha it explains various weakness in the different captcha's. You should be able to use that as a reference and design a difficult captcha for the bots..
-
August 2nd, 2009, 04:40 PM
#6
Bots stroll right by most every CAPTCHA now. Use instructions that are easy for humans, but impossible for bots, such as: "At the top left of the page there is a header graphic of the site's name. Below it is some text. What does the text say?". etc.
Bots can't deal with directions such as that.
-
August 2nd, 2009, 11:03 PM
#7
Hi,
At the end of the day humans have to moderate your forum, as you will find that you are actually being attacked by humans.
You have a member zl399hihi934 (not particularly believable as a nick?). They have been around for 11 days and have spammed you 13 times.............in Chinese
Neither my browser nor myself do Chinese, but it is obviously the same message with similar links in each post..............that has to be spam because the topics of the threads are quite different.
You are going to get spammed.............it is inevitable, so part of the secret is deleting the crap and banning the account ASAP.
Spammers tend to give up on actively moderated sites, although there are always new ones to take their places
-
August 2nd, 2009, 11:54 PM
#8
well, yes and no. If you have the luxury of using IP banning at your own discretion, and you're willing to block all of Asia as well as Russia and the former Soviet republics, plus Nigeria, you can pretty much stop worrying about forum spam. There will only be occasional instances, but you will have eliminated 95% by blocking those regions. All the other regions of the world combined make up the other 5%.
-
August 4th, 2009, 07:52 AM
#9
Hey Guys,
I dont have time right now to go through everyting but are you guys telling me this is zombie spamming bots and not actual people.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 4th, 2009, 08:03 AM
#10
Usually, yes. Put up a post limit for new accounts. Say only 1 post per 5 min. for the first 10. No links allowed until then either. That'll slow them down a bit.
Visit regularly, look at the new registrations, weed out the crap. Remove spam posts a.s.a.p. and ban the user's account.
Oliver's Law:
Experience is something you don't get until just after you need it.
Similar Threads
-
By cheyenne1212 in forum Miscellaneous Security Discussions
Replies: 7
Last Post: February 1st, 2012, 02:51 PM
-
By GbinaryR in forum AntiVirus Discussions
Replies: 11
Last Post: October 30th, 2008, 09:33 AM
-
By ThePreacher in forum Miscellaneous Security Discussions
Replies: 17
Last Post: December 14th, 2006, 09:37 PM
-
By -DaRK-RaiDeR- in forum Newbie Security Questions
Replies: 9
Last Post: December 14th, 2002, 08:38 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|