LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 07-15-2007, 04:30 PM   #1
Whitestar
Member
 
Registered: Jan 2007
Distribution: Ubuntu CE Jaunty
Posts: 52

Rep: Reputation: 15
Tweaking to prevent spambots at my site


Okay. I have a message board at my site, and I'm bombarded with spambots. How can I tweak the site to keep them at bay? I know I have to upload a mod. The tutorial says I have to "upload the file "file.php" into the phpBB root dir, and the file "file.tpl" into the template directory, directly without modify them."

How do I do that? Where are these files and how do I access them?

Last edited by Whitestar; 07-15-2007 at 04:31 PM.
 
Old 07-15-2007, 07:41 PM   #2
masonm
Senior Member
 
Registered: Mar 2003
Location: Following the white rabbit
Distribution: Slackware64 13.37 Android 4.0
Posts: 2,248

Rep: Reputation: 46
Seems to me the easiest way to stop that crap is to require a verified registration.
 
Old 07-16-2007, 03:41 AM   #3
dasy2k1
Member
 
Registered: Oct 2005
Location: 127.0.0.1
Distribution: Ubuntu 12.04 X86_64
Posts: 958

Rep: Reputation: 35
have you got a capacha on regestration?

also try asking on your forum software forum,
(eg http://www.phpbb.com/community/viewforum.php?f=1)
for the phpBB forum software....
 
Old 07-16-2007, 06:06 AM   #4
jiml8
Senior Member
 
Registered: Sep 2003
Posts: 3,171

Rep: Reputation: 114Reputation: 114
verified registration and captcha don't stop it, they just slow it down.

I wound up taking two steps. First, I installed the IPNation database (google for it) and modified my common.php to block entire ranges of nations that (a) represented a zero actual or potential client base and (b) represented the bulk of the spam I was getting.

When that didn't stop it 100%, I modified how phpBB2 handles session variables in order to cause any attempts to access the registration form without first coming through the front gate (index.php) to fail. This has completely ended my spam problems.

Sorry, I won't post details about the session mods; part of the security here is obscurity. If I post it and others do it then the spammers will modify their bots.

But the IPNation is pretty straightforward; install the database then in common.php open the table and check the incoming IP against the database and if the nation is on the block list, don't allow the connection.
 
Old 07-16-2007, 07:21 PM   #5
Whitestar
Member
 
Registered: Jan 2007
Distribution: Ubuntu CE Jaunty
Posts: 52

Original Poster
Rep: Reputation: 15
Masonm and Dasy2k1, yes, I have registration validation and captcha, but I still get incredible amounts of spam. I guess the more sophisticated bots can read the captchas now. The support forum for the site that provides the board is less than optimal at this point, though, so I prefer the brilliant minds and generally good people here at LQ.

Jim, I appreciate that about the IPnation. Thanks for that.
 
Old 07-19-2007, 03:32 AM   #6
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Quote:
Originally Posted by jiml8
verified registration and captcha don't stop it, they just slow it down.

I wound up taking two steps. First, I installed the IPNation database (google for it) and modified my common.php to block entire ranges of nations that (a) represented a zero actual or potential client base and (b) represented the bulk of the spam I was getting.
I read an article on using this technique for corporate mail servers. One drawback is that there isn't always a clear delineation. It's easy to block all IP addresses from Russia or from China, but Korea and Japan share the same range. Korea is a major source of spam but Japan isn't. However, if a company doesn't engage in overseas trade, that isn't a problem.
 
  


Reply

Tags
board, dir, message, root


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
apache2 vhost site makes default site inaccessible jyamada1 Linux - Server 4 01-17-2007 08:42 PM
Need help tweaking rc.firewall from alien bobs site Old_Fogie Slackware 15 10-10-2006 02:44 PM
Moving to new site; critique my old site? Hosiah General 1 03-13-2006 03:14 AM
prevent irc script accessing web site dtra Linux - Networking 3 06-09-2005 06:10 AM


All times are GMT -5. The time now is 10:43 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration