Fucking spammers!

Anything off-topic. If you're a new user please feel free to introduce yourself here.
Post Reply
User avatar
Taz Ales
Site Admin
Posts: 467
Joined: Thu Apr 22, 2010 9:07 am
Location: Bristol
Contact:

Fucking spammers!

Post by Taz Ales »

The forum has been under sustained attack for more than four days, and I'm utterly sick of it.

Since introducing my Question/Answer Captcha on the registration page several years ago, we've only had one or two spammers manage to get as far as pre-registering. I say "pre", because all registrations have to be authorised by me, and I have a script in the system which queries each registration against the StopForumSpam database. When I check a registration request in the admin system, I can see immediately if their email address, ip address or username has been flagged up as a potential spammer, so I'll just delete that account.

All well and good, but now it seems that some twat has written a bot which has been seeded with answers to our Captcha questions, and manages to get through enough times to pre-register. Obviously for the forums it's still not a problem because I can check them before authorising, but we're getting a new registration approximately every 10 minutes! That means every day I have to wade through around 150 registration requests and delete all the offending ones, while carefully making sure I authorise legitimate requests (we've had 1 or 2 over the weekend).

The problem is: Spammers are just stupid persistent bastards. Obviously not bothered about the fact that they're not getting any success because of the whole authorisation thing, they've left the bloody bots running... all using different random proxies to vary the IP address. Basically I suspect they're just trying to piss me off now, since it costs them nothing.

Depressing.
Taz... or Chris. It's up to you.
User avatar
I_used_to_brew
Posts: 2356
Joined: Sat Nov 20, 2010 1:06 pm

Re: Fucking spammers!

Post by I_used_to_brew »

Sad shits.

Would it be possible to only allow UK allocated ip addresses to pre-register. In fact, bugger it, block totally all non-uk access. It's a local club forum anyway. If someone from China is really keen on joining, they can send a nice email. I'm asuming most of the hits are from outside of the UK? Also any possibility of using a Spamhaus blocklist?
User avatar
Jeltz69
Posts: 271
Joined: Thu Sep 05, 2013 5:21 pm
Location: Radstock
Contact:

Re: Fucking spammers!

Post by Jeltz69 »

Yep they are a pain in the arse. I wish ISP's would tackle the whole SEO industry and stop this method of spreading links. In the past I've banned the entire IP range of ISPs that don't give a toss.

Consider installing an anti spam mod which blocks IP's according to a database of known spammers.

IIRC Anti Spam ACPuses the database from Stop Forum Spam

If you want additional manpower then I'm familiar with the ACP on phpBB and happy to muck in.
Last edited by Jeltz69 on Mon Nov 25, 2013 12:55 pm, edited 1 time in total.
User avatar
Taz Ales
Site Admin
Posts: 467
Joined: Thu Apr 22, 2010 9:07 am
Location: Bristol
Contact:

Re: Fucking spammers!

Post by Taz Ales »

The trouble with that is that there is no fully comprehensive database of IP addresses by country. There are a set of core IP ranges, but because we use so many in this country, we borrow from other countries' IP ranges. Besides that, many users access the forums when out of the country, so I'd rather not restrict access in that way.

The IP addresses we're getting hit by are from all over the place... UK and lots of other countries, plus non-region IPs.

Essentially the StopForumSpam db provides us with a block list, but I need to modify the core files of the registration process to get it to run a lookup before the registration action. I don't know if you've ever looked at the code behind PhpBB, but it's a bit of a rabbit warren.
I'm going to look into implementing something along those lines soon, which will redirect spammers to something suitable. For now though I'm ditching the old Q&As in the captcha and coming up with new ones, such as:

Which item is the smallest: Television, Grape or Spatula?
Taz... or Chris. It's up to you.
User avatar
I_used_to_brew
Posts: 2356
Joined: Sat Nov 20, 2010 1:06 pm

Re: Fucking spammers!

Post by I_used_to_brew »

Q.Who is the most despised of the following? Bono, Chris Martin or Mick Hucknall.
User avatar
Jeltz69
Posts: 271
Joined: Thu Sep 05, 2013 5:21 pm
Location: Radstock
Contact:

Re: Fucking spammers!

Post by Jeltz69 »

You could make it a "Bristol" oriented question such as name the City Centre railway station or on what Causeway would you find John Lewis.

I think that there are often real people monitoring the automated registration programs who can answer the questions. Since the SEO companies are based in Asia labour is cheap.
User avatar
Taz Ales
Site Admin
Posts: 467
Joined: Thu Apr 22, 2010 9:07 am
Location: Bristol
Contact:

Re: Fucking spammers!

Post by Taz Ales »

Pretty sure it's bots, especially with the frequency and constant change of source IP address. The proof is in the fact that everything has stopped since I've changed all the questions, so the bot no longer has any correct answers to work with. That'll hold it off until somebody makes changes to the bot to accommodate the new questions.

I don't want to make the Captcha only about Bristol because we have members from all over, including Poland.

I've got some client work to get through for now, then I'm going to implement an active lookup on the StopForumSpam db which will redirect the registration process to an anti-spam message.
Taz... or Chris. It's up to you.
User avatar
Jeltz69
Posts: 271
Joined: Thu Sep 05, 2013 5:21 pm
Location: Radstock
Contact:

Re: Fucking spammers!

Post by Jeltz69 »

Have it re-direct them to something vile :D

Maybe something to do with Fosters......
Post Reply