GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Okay. I have a message board at my site, and I'm bombarded with spambots. How can I tweak the site to keep them at bay? I know I have to upload a mod. The tutorial says I have to "upload the file "file.php" into the phpBB root dir, and the file "file.tpl" into the template directory, directly without modify them."
How do I do that? Where are these files and how do I access them?
verified registration and captcha don't stop it, they just slow it down.
I wound up taking two steps. First, I installed the IPNation database (google for it) and modified my common.php to block entire ranges of nations that (a) represented a zero actual or potential client base and (b) represented the bulk of the spam I was getting.
When that didn't stop it 100%, I modified how phpBB2 handles session variables in order to cause any attempts to access the registration form without first coming through the front gate (index.php) to fail. This has completely ended my spam problems.
Sorry, I won't post details about the session mods; part of the security here is obscurity. If I post it and others do it then the spammers will modify their bots.
But the IPNation is pretty straightforward; install the database then in common.php open the table and check the incoming IP against the database and if the nation is on the block list, don't allow the connection.
Masonm and Dasy2k1, yes, I have registration validation and captcha, but I still get incredible amounts of spam. I guess the more sophisticated bots can read the captchas now. The support forum for the site that provides the board is less than optimal at this point, though, so I prefer the brilliant minds and generally good people here at LQ.
Jim, I appreciate that about the IPnation. Thanks for that.
verified registration and captcha don't stop it, they just slow it down.
I wound up taking two steps. First, I installed the IPNation database (google for it) and modified my common.php to block entire ranges of nations that (a) represented a zero actual or potential client base and (b) represented the bulk of the spam I was getting.
I read an article on using this technique for corporate mail servers. One drawback is that there isn't always a clear delineation. It's easy to block all IP addresses from Russia or from China, but Korea and Japan share the same range. Korea is a major source of spam but Japan isn't. However, if a company doesn't engage in overseas trade, that isn't a problem.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
