LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (https://www.linuxquestions.org/questions/general-10/)
-   -   Tweaking to prevent spambots at my site (https://www.linuxquestions.org/questions/general-10/tweaking-to-prevent-spambots-at-my-site-569585/)

Whitestar 07-15-2007 04:30 PM

Tweaking to prevent spambots at my site
 
Okay. I have a message board at my site, and I'm bombarded with spambots. How can I tweak the site to keep them at bay? I know I have to upload a mod. The tutorial says I have to "upload the file "file.php" into the phpBB root dir, and the file "file.tpl" into the template directory, directly without modify them."

How do I do that? Where are these files and how do I access them?

masonm 07-15-2007 07:41 PM

Seems to me the easiest way to stop that crap is to require a verified registration.

dasy2k1 07-16-2007 03:41 AM

have you got a capacha on regestration?

also try asking on your forum software forum,
(eg http://www.phpbb.com/community/viewforum.php?f=1)
for the phpBB forum software....

jiml8 07-16-2007 06:06 AM

verified registration and captcha don't stop it, they just slow it down.

I wound up taking two steps. First, I installed the IPNation database (google for it) and modified my common.php to block entire ranges of nations that (a) represented a zero actual or potential client base and (b) represented the bulk of the spam I was getting.

When that didn't stop it 100%, I modified how phpBB2 handles session variables in order to cause any attempts to access the registration form without first coming through the front gate (index.php) to fail. This has completely ended my spam problems.

Sorry, I won't post details about the session mods; part of the security here is obscurity. If I post it and others do it then the spammers will modify their bots.

But the IPNation is pretty straightforward; install the database then in common.php open the table and check the incoming IP against the database and if the nation is on the block list, don't allow the connection.

Whitestar 07-16-2007 07:21 PM

Masonm and Dasy2k1, yes, I have registration validation and captcha, but I still get incredible amounts of spam. I guess the more sophisticated bots can read the captchas now. The support forum for the site that provides the board is less than optimal at this point, though, so I prefer the brilliant minds and generally good people here at LQ. :)

Jim, I appreciate that about the IPnation. Thanks for that.

jschiwal 07-19-2007 03:32 AM

Quote:

Originally Posted by jiml8
verified registration and captcha don't stop it, they just slow it down.

I wound up taking two steps. First, I installed the IPNation database (google for it) and modified my common.php to block entire ranges of nations that (a) represented a zero actual or potential client base and (b) represented the bulk of the spam I was getting.

I read an article on using this technique for corporate mail servers. One drawback is that there isn't always a clear delineation. It's easy to block all IP addresses from Russia or from China, but Korea and Japan share the same range. Korea is a major source of spam but Japan isn't. However, if a company doesn't engage in overseas trade, that isn't a problem.


All times are GMT -5. The time now is 07:18 AM.